CISO Job Description Template

Last reviewed: March 2017

Recommendations if you are developing a job announcement or description for your institution:

  1. Review the sample CISO job description (below). Previous job postings from Princeton University and University of Albany are also available (in PDF format).
  2. Review the National Cybersecurity Workforce Framework published by NIST, which includes sample job titles and key tasks.
  3. Review the 2019 IT Workforce in Higher Education research hub for the most recent EDUCAUSE research on the evolving IT workforce needed to support contemporary models of IT service delivery.
  4. Consider alternative solutions, such as Bucknell University, Franklin & Marshall College, and Susquehanna University collaborating to create a joint CISO position among the three institutions. A non-higher ed example is Howard County, Maryland's HOCO CISO program, which provides "virtual" CISOs.
  5. For potential locations to post IT or information security job openings, visit the Career and Workforce Development chapter.

Examples of current or archived higher ed CISO job postings:

  • CISO, University of Edinburgh, Scotland
  • CISO, Appalachian State University (archived)
  • CISO, University of Oregon (archived)
  • CISO, University of Virginia (archived)

Also consider searching the Security Discussion Group or CIO Discussion Group listserv archives.

Policies Defining CIO and CISO Responsibilities

CISO Job Description Template

Institution Name

Title (e.g., Information Security Officer, Chief Information Security Officer, Director of Information Security, Manager of Information Security)

Institution's Job or Reference #

The Institution seeks an experienced, energetic, engaging and visionary leader who wants to become part of an exciting, vibrant community of information technology professionals supporting the institution's mission: providing a comprehensive, high-quality education that engages students in discovery through research and broad-based scholarship.

Information technology plays a vital and ever-expanding role in the institutional mission. The Institution's information technology environment is highly distributed and diverse, with strong leadership and coordination from Chief Information Officer (CIO) and direct report units. We are seeking a strong, knowledgeable leader to provide vision, strategy, broad-based planning, and hands-on responsibility as the University Information Security Officer (UISO).

The UISO reports to the CIO, is a member of the CIO leadership team and serves a key role in university leadership, working closely with senior administration, academic leaders, and the campus community. The UISO is an advocate for the Institution's total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the university. The UISO leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the campus level.


University and Program Leadership
Policy, Compliance and Audit
Outreach, Education and Training
Risk Management and Incident Response

For complete details and to apply, please visit: Institution's URL

PLEASE NOTE: In order to receive proper consideration, applications must be submitted directly via the Institution's career site. Applications submitted via any other source will not be considered.

The Institution is an EEO/AA: M/W/D/V (Equal Opportunity/Affirmative Action Employer: Male/Female/Disabled/Veteran) Employer.

Questions or comments? Contact us.

Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).