Chief Information Security Officer (CISO) - University Information Services

Washington D.C.
Apr 11, 2018
May 21, 2018
Education, Security
Full Time
Located in a historic neighborhood in the nation's capital, Georgetown offers rigorous academic programs, a global perspective, exciting ways to take advantage of Washington, D.C., and a commitment to social justice. Our community is a tight knit group of remarkable individuals interested in intellectual inquiry and making a difference in the world.


Chief Information Security Officer (CISO) - University Information Services

The Chief Information Security Officer (CISO) is responsible for the development, implementation and operations of a comprehensive, enterprise-wide information security strategy and program for Georgetown University (GU).  S/he sets security policies, standards and processes and leads the development of enterprise-wide risk profiles; utilizes a risk based methodology to inform work anticipates threats and identifies potential impact; and serves as Georgetown University's representative regarding Security Strategy.  Reporting to the Vice President and Chief Information Officer, the CISO has duties that include but are not limited to:

Risk Management

  • Develops and implements a risk management program for security and privacy-related areas, which includes modeling threats, identifying risks and vulnerabilities, establishing a risk analysis and mitigation plan, and reporting to executive management on both a regular and event-driven basis.
  • Works with other executives inside and outside of IT to prioritize security initiatives and spending based on an appropriate risk management and/or financial methodology.
  • Leads a cross-functional security organization that may draw upon the resources and technical expertise from IT and other technology organizations.

Security Guidance and Response

  • Provides strategic and tactical security guidance for programs and projects that may involve security controls, including the evaluation of the enterprise architecture, hardware, software and technical controls.
  • Leads an enterprise information security incident response organization, provides oversight over security investigations, and assists with disciplinary and legal matters associated with security breaches and policy violations as necessary.

Plans, Programs, and Controls

Works proactively with the IT Leadership team and their direct reports to assure strategic plans, security programs, and technical controls are aligned with their respective business strategies and in compliance with policies, applicable laws and regulations

Information Security

  • Coordinates the development and delivery of a security awareness training program for employees, contractors, and other parties.
  • Coordinates the use of external third party resources involved in the development, implementation and monitoring of the information security program, including performing penetration tests.
  • Establishes a metrics-driven dashboard to evaluate the effectiveness of the Information Security program.

Thought Leadership

  • Serves as a key thought leader in the field of Information Security, which includes working with key partners and vendors to develop thought leadership around policies, process, and capabilities that can help change or enhance the security strategy at Georgetown University.
  • Keeps informed of new technologies or application methodologies through publications, membership in professional organizations and contact with other IT organizations and institutions.


  • Bachelor's degree or higher with a major in computer science, information technology, business or public administration, or related disciplines
  • 10+ years of management experience in the information technology field or similar experience
  • Excellent interpersonal and written communication skills
  • Experience managing human resources, budgets, and technology projects
  • Experience contracting and managing vendor relationships

Technical Responsibilities/Qualifications

  • Securing communications, applications and business systems
  • Performance of risk IT assessments
  • Oversee drafting of policies and procedures for secure daily operations
  • Physical and technical security implementation
  • Security education methodology and campaign
  • Selection, testing deployment and maintenance of security hardware
  • Planning, testing and managing disaster recovery and security breaches
  • Understanding of governance and compliance as well as ability to enforce policies Incident
  • Management and investigation
  • Representative when dealing with law enforcement agencies while pursuing the sources of network attacks and information theft by employees
  • Understanding of threat landscape and ability to manage risk across a dispersed portfolio
  • Familiarity with Cyber Security frameworks, including NIST and ISO Security Architecture/Engineering

Specialized certification

Preference for any of the following certifications:

  • Certified Information Security Systems Professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)

Current Georgetown Employees:

If you currently work at Georgetown University, please exit this website and login to GMS ( using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.

Submission Guidelines:

Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume  for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.

Need Assistance:

If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or

Need some assistance with the application process? Please call 202-687-2500. For more information about the suite of benefits, professional development and community involvement opportunities that make up Georgetown's commitment to its employees, please visit the Georgetown Works website.

EEO Statement:

Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff.  All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.

Similar jobs