Chief Information Security & Privacy Officer - #002381

Western Carolina University continues to rank high on Forbes 'Best Employers' lists each year. Including:
* 2024 - Ranking in the top 8.5% on Forbes 'America's Best Midsize Employers' list, WCU was ranked 34 out of the top 400 employers across all industries.
* 2023 - Ranked in the top 20% on Forbes 'America's Best Midsize Employers' list, WCU was ranked 97 out of the top 500 employers across all industries.
* 2022 - Ranked 14th in the top 100 employers in North Carolina in Forbes 'America's Best Employers by State' list.
Western Carolina University is the UNC system's westernmost campus and has been consistently ranked as one of the top 15 public regional institutions in the South.
Employees of WCU are provided a comprehensive benefits package as well as other resources, policies and programs to ensure a happy and healthy work/life balance. Benefit eligible employees have access to dental, vision and health insurance plans - eligibility begins on the first of the month following date of hire. Retirement plan contributions begin on the eligibility date following election and include employer contributions for either a defined contribution or a defined benefit plan. Optional disability plans are also available.
Eligible employees have access to tuition waivers for up to three courses per academic year; employee may enroll at any of the constituent UNC System campuses. Also offered are free group exercise classes multiple times per week, a discounted membership to the campus recreation center, free vaccine and booster shots offered on campus, pretax flexible spending accounts, 12 paid holidays and 24 hours of paid community service leave each year. Leave earning employees (staff and 12-month faculty) who work at least half of the working days of their first month of employment will begin accruing vacation and sick leave immediately. Paid parental leave after 12 months of continuous service.
WCU offers an abundance of training and development programs, certifications, workshops and conferences - many of which are offered free of charge.

The primary location of this position is on-site at the main Cullowhee, NC campus. This position is designated as being exempt from the State of North Carolina Human Resources Act ( EHRA).

The Chief Information Security & Privacy Officer ( CISPO) reports directly to the university Chief Information Officer and manages the IT Security Office, overseeing operational security staff in their responsibilities for information security governance, policy, risk, compliance, training, incident detection, and incident response. The CISPO is primarily responsible for the information security governance, risk, compliance ( GRC), policy, training, incident detection and incident response efforts for WCU.

Additionally, the office will consult with other IT staff and other campus departments on information security needs and concerns. In alignment with ISO 27002 (information security standard) and ISO 27701 (information privacy standard) adopted by WCU and the UNC System, this position will manage repercussions and recovery in the case of any security breach. In addition to GRC work, the CISPO will oversee operational security detection efforts performed by other staff across the IT division. This position has institutional scope of responsibility and will manage all aspects of departmental functions such as budgeting, strategic planning and working with vendors and providers.

The CISPO is required to work closely and collaboratively with all units within the IT Division, as well as divisions and departments across the campus. Extensive work with University Legal Counsel and Internal Audit is expected.

In 2024, EDUCAUSE recognized former WCU CISPO, Joel McKenzie, for his novel approach in merging the CISO role with the Privacy Officer, to illustrate a proactive approach to their Top 10 item: Institutional Resilience.

Application materials must be submitted online. Review of applications will begin immediately and will continue until a candidate has been selected for hire.

All formal communication will be handled through email. Please monitor your junk or spam folders for missed messages.

Please include a

For questions or additional information please contact Jason Lavigne at lavigne@email.wcu.edu

Final candidates are subject to criminal & sex offender background checks. Some vacancies also require credit or motor vehicle checks.

Western Carolina University uses E-Verify to confirm employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify. Proper documentation of identity and employability are required at the time of employment.

All new employees are required to have listed credentials/degrees verified within 30 days of employment. All new employees who will be teaching are required to provide official transcripts within 30 days of employment. Transcripts should be provided for the highest earned degree and/or the degree which is being used to satisfy credential/qualification requirements.

Western Carolina University is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race; color; ethnicity; religion; sex; pregnancy; sexual orientation; gender identity or expression; national origin; age; disability; genetic information; political affiliation; National Guard or veteran status, consistent with applicable federal, state and local laws, regulations, and policies, and the policies of The University of North Carolina. Persons with disabilities requiring accommodations in the application and interview process please call (828) 227-7218 or email at jobs@email.wcu.edu.

The Western Carolina University Annual Safety Report is available online at University Annual Safety Report or in hard-copy by request at the office of the Vice Chancellor for Student Affairs, 227 HFR Administration Building, Cullowhee, NC 28723 (828-227-7147) or the Office of University Police, 111 Camp Annex, Cullowhee, NC 28723 (828-227-7301). The report, required of all universities participating in Title IV student financial aid programs, discusses crime statistics, procedures for reporting suspicious or criminal activity, security, police authority, crime prevention strategies, university policies on substance abuse and sexual offenses, workplace violence and fire safety.