Deputy Chief Information Security Officer

The University of Mississippi — fondly referred to as Ole Miss — stands as a premier public research institution with a proud legacy of academic distinction. We are devoted to nurturing a vibrant, inclusive community where every member — student, faculty, and staff — can achieve their fullest potential.

Join the Ole Miss Family — Build Your Legacy Here!

Department:

Information Technology

The Deputy Chief Information Security Officer (Deputy CISO) serves as the principal deputy to the Chief Information Security Officer (CISO). Reporting directly to the CISO, this position provides senior executive leadership for the institution’s enterprise information security program, in support of academic, research, healthcare, and administrative missions.

The Deputy CISO plays a critical role in translating institutional strategy, regulatory requirements, and risk tolerance into effective, sustainable security operations across a highly decentralized environment. This role assists in setting long-term cybersecurity direction, oversees day-to-day security functions, and represents the CISO as needed with executive leadership, governing bodies, state agencies, and external partners.

Job Summary:

Provides strategic leadership and direction for the institution’s information security program. This role ensures the development, implementation, and continuous improvement of enterprise-wide security strategies, policies, and operations to effectively manage risk and support the university’s academic, research, and administrative missions.

Job Description:

• Leads the development and execution of a comprehensive information security strategy and multi-year roadmap aligned with institutional priorities and risk tolerance
• Provides oversight of key cybersecurity domains, such as security operations, governance, risk and compliance, identity and access management, and infrastructure security
• Establishes and enforces information security policies, standards, and procedures to ensure compliance with regulatory and contractual requirements
• Directs institutional response to cybersecurity incidents, vulnerabilities, and emerging threats, coordinating across technical and non-technical stakeholders
• Partners with senior leadership, academic units, and administrative functions to integrate security practices into university operations while enabling research and innovation
• Develops and communicates security metrics, risks, and recommendations to executive leadership, governing bodies, and external stakeholders
• Oversees security-related budgeting, resource planning, and vendor management to support program effectiveness and sustainability
• Leads, develops, and scales information security teams, fostering a culture of accountability, collaboration, and continuous improvement

Job Responsibilities:

• Partners with the CISO to develop, implement, and mature the university’s enterprise information security strategy and multi-year roadmap.
• Provides executive oversight for assigned information security domains, which may include Security Operations, Identity and Access Management, Governance, Risk, and Compliance (GRC), Research Security, Network and Systems Security, or Cloud Security.
• Oversees institutional cybersecurity incident response, including coordination with central IT, distributed IT units, legal counsel, privacy, research administration, communications, law enforcement, and executive leadership.
• Leads security efforts related to federally funded research, including compliance with requirements for Controlled Unclassified Information (CUI), NIST SP 800-171/172, export controls, and sponsor-specific security expectations.
• Collaborates with academic leadership, principal investigators, and research administration to enable secure research while managing institutional risk.
• Assists with development, implementation, and enforcement of security policies, standards, and procedures aligned with public-sector, higher education, and regulatory requirements (e.g., FERPA, HIPAA, GLBA, PCI DSS).
• Supports budget planning, procurement, and vendor management for security technologies and services, consistent with public university policies and state regulations.
• Develops security metrics and reporting for executive leadership, auditors, and governing bodies.
• Mentors and develops information security leadership and staff, promoting a culture of collaboration, accountability, and service to the university mission.

Education Qualifications:

Bachelor's (Required)

Experience:

Relevant experience | 10 Years Experience, 5 Years Supervisory | Not Required

Compensation:

$147,201.60 - $220,792.00