The Information Security Pathway

Information Security professionals protect our institutions' most important and private information. This path will help you identify and navigate an Information Security career by increasing your understanding of the knowledge, skills, and experiences needed to begin, transition, and advance your career.

The pathway at a glance
Timeline graphic previewing the transition from early to institutional executive level throughout the lifespan of your career

Explore the Information Security Pathway

Explore the professional pathway through information security to help you determine your goals—or guide others to define theirs. John O’Brien, President and CEO of EDUCAUSE speaks to ​​Bella Abrams, Director of Information Technology at the University of Sheffield and Phil Ventimiglia, Chief Innovation Officer at Georgia State University on the 2022 Top 10 IT Issues.

The EDUCAUSE Security Pathway Toolkits provide individuals and mentors an opportunity to identify strengths and gaps, then select activities to leverage those strengths and develop in select areas. The toolkits support the development of an action to improve immediate performance and foster readiness for long-term professional goals. Select the appropriate toolkit for your needs below to get started.

Early Level

0-7 years
0-7 years
0-7 years
0-7 years

Entry-level positions in cybersecurity include job titles like information security specialist, information security analyst, network technical specialist, and computer forensics analyst. In these roles, your duties and responsibilities may include helping to prevent data breaches, network attacks, and other threats. You work to protect your institution's digital resources and information technology systems and to prevent hackers from disrupting normal business activities. Additionally, you help faculty, staff, and students learn and engage in good information security practices on the job and at home.

Recommended Education

Degree in Computer Science or related area and/or equivalent of education and experiences; select network and security certifications; and experience working with select compliance standards.

Other options From Here

You May Be Responsible For

  • Performing operational security duties in support of security rules and procedures based on university policies, state and federal requirements, and contractual obligations.
  • Assisting in the triage of incoming security events.
  • Acting as an escalation point for information technology security incidents.
  • Providing direction and guidance on available security services and tools.
  • Monitoring current trends, making recommendations and evaluating solutions to close gaps in security processes.

Entry-level positions for teaching and learning may support faculty to apply learning technology to courses, coordinate and maintain digital resources for the institution, or assist in curriculum or instructional design. People who perform these tasks may have job titles like instructional technologist, instructional designer, computer learning lab coordinator, learning management system administrator, instructional technologist, multimedia designer, and faculty development specialist.

Recommended Education

Associate's degree, bachelor’s degree, certifications in user and instructional design, or equivalent experience

Other options From Here

Interested in an innovation-focused work? Take a look at the Innovation Pathway's early level for options.

You May Be Responsible For

  • Contributing to the effective implementation and function of digital learning tools.
  • Collecting and analyzing relevant learning data to recommend data-informed decisions for the unit.
  • Offering guidance and advice to teaching faculty on learning design with digital platforms.
  • Collecting learning outcome and evaluation data to inform future digital learning decisions and designs.
  • Maintaining current and relevant knowledge of higher education learning science.

Entry-level positions in innovation include job titles such as instructional innovation specialist, business transformation project manager, and systems integration and innovation coordinator. These positions work in some capacity helping to support innovation to advance institutional strategies.

Recommended Education

Associates degree, bachelor’s degree, or equivalent experience.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Consulting and advising an instructional team on appropriate technological tools best suited to meet learning objectives.
  • Providing technical solutions for highly interactive learning environments.
  • Working with faculty on the design, development, and production of learning materials using digital media.
  • Following change management policies and procedures for configuration and application changes, including obtaining approval for release into production.
  • Leading systems, services, and infrastructure projects.
  • Providing administrative and/or project management support for innovation projects or initiatives.

Early level positions in information technology include job titles such as user support specialist, data analyst, desktop support technician, and network operations analyst. These positions work in some capacity helping to support institutional technology or data operations, or to maintain the institution's digital environment.

Recommended Education

Associate degree, bachelor’s degree, ITIL or IT service management training (see take action for more information), or equivalent experience. Certifications such as CompTIA A+, ITIL Foundation; vendor specific certifications such as Microsoft, AWS, for service and support roles. Certifications around data analytics and vendor specific certifications, such as Oracle or Microsoft for those working with data and databases.

Other options From Here

Interested in exploring an alternative career? Take a look at the Information Security Pathway's early level for ideas.

You May Be Responsible For

  • Assisting in the collection and analysis of data to inform decisions for information technology and the institution.
  • Administering technology training and facilitating help for students, faculty, and other institutional stakeholders.
  • Supporting and maintaining institution technology solutions such as labs, mobile technology, classrooms, and more.
  • Supporting and maintaining software applications across campus.
  • Contributing to decisions regarding institution technology adoption and implementation.

Information Security Specialist

Salary Range:
$43,000–$72,000

Information security specialists are in charge of developing and implementing security measures for their organization. They are responsible for analyzing security procedures and suggesting changes to upper management for increased efficiency and extra security. Information security specialists present their findings to managers and recommend new technologies or policy modifications.

See Active Job Descriptions

Network Technical Specialist

Salary Range:
$35,000–$69,000

Information security network specialists, also known as computer support specialists, set up, support, and maintain local area networks (LANs), wide area networks (WANs), and other networking systems in their organization. These professionals also install routers, switches, firewalls, and network-related software programs for their organizations.

See Active Job Descriptions

Information Security Analyst

Salary Range:
$43,000–$90,000

Information security analysts are responsible for conducting system analysis and providing technology project leadership for their organization. One of their main duties is coordinating operational procedures related to information systems and their management.

See Active Job Descriptions

Computer Forensics Analyst

Salary Range:
$40,000–$120,000

Forensic computer analysts are responsible for analyzing computer-based information for forensic evidence within their organization. They process large amounts of data to find specific items on behalf of their organization. Tasks performed by forensic computer analysts may include handling computer hard drives and storage devices to analyze user patterns, using different computer programs to recover information from damaged media devices, and preparing detailed reports after running computer analysis software applications, among others.

See Active Job Descriptions

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore job postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

Looking at cybersecurity as a career path can be intimidating, but many working in this field didn't start out with intentions to work in cybersecurity. In this podcast, we ask several higher education cybersecurity professionals how they would encourage others to consider cybersecurity as a career option.

Listen to the Podcast

Ahmed El-Haggan, Vice President and CIO for Coppin State University, talks about the importance of expanding your definition of diversity.

Cindy Mitchell, Chief Information Officer for Colby College, reflects on her learning over the years and translates that into professional advice.

In this episode, we ask higher education information technology leaders about their biggest career misstep and how they course corrected.

Listen to the Podcast
Lifelong Learning
  • Demonstrate a commitment to your own professional growth and willingness to develop your skills in areas of importance to your organization by developing a plan with a mentor, peer, or manager.
Acquire and maintain technical training that aligns with your career goals and professional level.
Find Out More
Communication
  • Use active listening to communicate effectively with others.
  • Practice communicating in difficult workplace situations.
Prepare for a presentation using industry best practices found here.
Find Out More
Finance
  • Examine planning approaches to budgeting and understand key components of cost estimating.
  • Use budget management techniques to justify changes to funding levels.
  • Identify critical sources of data related to institutional budget management.
The New Managers Institute for Cybersecurity Professionals supports skill-building in key areas, including interpersonal communication and leadership practices specific to information security in higher education.
Find Out More
Project Management & Strategy
  • Analyze the benefits of different project management approaches and best practices for ensuring the success of projects.
  • Assess the importance of team dynamics on project success and identify strategies for maximizing productivity and efficiency.
Leadership, People, & Change Management
  • Develop hiring and recruitment practices to maximize a talented and diverse workforce while maximizing workplace motivation and engagement.
  • Learn how to retain valuable team members in a higher education setting.
  • Learn about the characteristics and traits of effective leaders and about essential leadership principles.
  • Develop leadership styles that promote a growth mindset and ethical frameworks for decision-making.
  • Use leadership skills to successfully navigate organizational change.
Assess

Take our competency self-assessment for early-career cybersecurity professionals to evaluate your skills and abilities and to help you identify your strengths and growth opportunities in the areas of cybersecurity team performance, resource management, leadership practices, project operations, and more.

Make Connections

Explore and join any of the Security, Privacy, and Identity Community Groups to share strategies about information security governance, compliance, data protection, and privacy programs or other security-related topics.

Make Connections

Learn about the Young Professionals Community Group that is specifically for those in the early stages of their career.

Make Connections

Become an EDUCAUSE ambassador and help your organization get the most out of its membership by connecting colleagues with beneficial resources.

Engage in Mentoring

Find a mentor who has a role you may want eventually and can speak to the professional advancement journey. Connecting with a mentor with information security expertise can also help you understand the latest trends and issues.

Engage in Mentoring

As someone in the earlier stages of their information security career journey, connect with others in a group mentoring format around specific topics related to your field, e.g., governance, privacy, or security training.

Give Back

Support EDUCAUSE conference planning by reading proposals for special topic events.

Give Back

Review and consider a volunteering opportunity, like leading a community group, or submitting an article for EDUCAUSE Review.

Think & Speak

Read the latest on everything information security, privacy, and risk-related in the Cybersecurity and Privacy channel of EDUCAUSE Review. Have a topic you'd like to see covered or an article to contribute? Become a contributor.

Think & Speak

Submit a proposal for a session and/or poster at the Cybersecurity and Privacy Professionals Conference and leverage our Presenter Concierge services.

Show Up

Attend events focused on key topics in the field of cybersecurity, including the annual Cybersecurity and Privacy Professionals Conference.

Show Up

Go to the EDUCAUSE Annual Conference, which includes information security professionals and sessions designed for, and attended by, the global community of higher education IT professionals.

Learn

Earn your microcredential at the Data Literacy Institute, which helps professionals develop the foundational knowledge needed to facilitate effective data-informed decision-making while getting hands-on practice with each step from data creation to leading change through data storytelling and data governance.

Learn

Don’t miss the latest research, resources, and events related to information security and privacy. Subscribe to our Weekly Update: Information Security.

Learn

Explore how to put the principles of DEI into practice and the learning and engagement opportunities to deepen your understanding.

3-11 years
3-15 years
3-11 years
3-11 years

Mid Level

Mid-level positions in cybersecurity include job titles like information security analyst, information security penetration tester, information security engineer, information security consultant, information security advisor, information security manager, information senior security engineer, manager of information security and systems operations, and senior manager of research computing. In this role, your duties and responsibilities may include designing security systems, conducting reviews and audits, assessing systems for gaps, and recommending solutions.

Recommended Education

Bachelor's degree in computer science, information systems, communications, or related fields, or similar certified coursework in applicable fields of study. Foundation knowledge and skills may include working knowledge of common software application packages, equipment platforms, reference database systems and sources, and training methods and a basic understanding of networks, data communication, and multimedia systems.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Managing identity and access management infrastructure.
  • Partnering with teams across the university, information security office, server operations, and integrations and application teams to create solutions that meet security and business requirements.
  • Working closely with clients and other ITS staff in support of the university’s mission and strategic direction.

Mid-Level teaching and learning roles include job titles like project manager, instructional designer, and faculty development manager, and typically require expertise in educational technology and learning design. People in these positions are beginning to have leadership responsibilities and may coordinate teams or training. At this level, people continue to develop the competencies and relationships they will need to assume senior and executive roles in the field.

Recommended Education

Bachelor's or master’s depending on career goals and institutional expectations. Consider obtaining relevant certifications to user and instructional design, curriculum development, and project management.

Other options From Here

Interested in career focused on innovation? Take a look at the Innovation Pathway Mid-Level track for options.

You May Be Responsible For

  • Designing and facilitating academic training and development for institutional teaching faculty.
  • Providing expertise in educational technology and offering input into institutional adoption.
  • Coordinating a team of learning professionals, including positions in library services, teaching and learning centers, and educational technology units.
  • Advocating for student-centered learning and design across the institution.
  • Providing project management leadership and support to course design or educational technology projects.

Mid-level positions in innovation include job titles such as digital innovation librarian, associate director of research and innovation, and program manager for innovation and digitization.  Professionals in these positions are often in management-oriented roles with responsibilities for supporting or maintaining a specific area related to innovation. They may also supervise entry-level staff.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Implementing digital learning initiatives.
  • Serving as project manager for innovation projects.
  • Supervising instructional design staff.
  • Managing an analytics team.

Mid-level positions in information technology include job titles such as operations support manager, manager of client services, or manager of reporting and analytics. Professionals in these positions are often in management-oriented roles with responsibilities for supporting or maintaining a specific area within information technology. They may supervise entry-level staff.

Recommended Education

Bachelor's, master's degree (or equivalent experience), ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Innovation Pathway's mid-level for ideas.

You May Be Responsible For

  • Collaborating with stakeholders across the institution to set strategic direction for information technology initiatives.
  • Leading a team of specialists to support information technology programs through the technology lifecycle.
  • Managing information technology projects including hardware and software infrastructure implementation and support.
  • Providing oversight for systems including enterprise applications, data management, and learning technology.
  • Providing oversight for systems and processes including enterprise applications, data governance, data management, and learning technology.
  • Cross-unit collaboration and/or cross-level or departmental collaboration.
  • Executing on strategic initiatives set forth by senior leadership team and managing expectations.
  • Providing subject matter expertise on mid-to-large scale technology implementation projects.
  • Supervising staff with multiple skill levels and expertise areas and aligning those skillsets to achieve goals and complete projects.

Information Security Engineer

Salary Range:
$60,000–$153,000

The information security engineer may serve in a technical, educational, and leadership role focused on securing both the physical and virtual aspects of an information environment. Implement, manage, and integrate systems that support the information security office’s mission to identify and remediate threats to the confidentiality, integrity, and availability of information in the institution's information ecosystem. Manage information security projects of significant institutional impact and importance; work closely with other staff responsible for enterprise technology infrastructure operations; and serve as a subject-matter expert/consultant to various groups.

See Active Job Descriptions

Information Security Penetration Tester

Salary Range:
$47,000–$97,000

Information security penetration testers plan and execute tests, document their methodologies, create detailed reports about their findings, and might be involved in designing fixes and improving security protocols. These professional will assist with penetration tests and other technical security assessments; assist developing and evaluate novel security testing capabilities and methodologies; help mentor junior penetration testing staff; and transition their knowledge and expertise to the broader community.

See Active Job Descriptions

Information Security Advisor

Salary Range:
$79,000–$141,000

Information security advisors evaluate security systems to determine the potential risk of a breach. They develop policies and procedures that minimize the risk to properties, employees, and computer systems.

See Active Job Descriptions

Information Security Consultant

Salary Range:
$50,000–$130,000

The information security consultant conducts regular audits across departments or teams that work with data. The consultant helps spot possible areas of vulnerability in the flow and storage of data and helps implement solutions. This typically includes the use of rules and standards for what data is available to certain employees, establishing tiered access to the data in a company, and implementing hardware and software protocols that secure all aspects of the organization’s IT assets against unwanted intrusion.

See Active Job Descriptions

Senior Information Security Engineer

Salary Range:
$61,000–$125,000

The information senior security engineer is responsible for the development, implementation, and management of technical systems and controls necessary to safeguard information and assets. The position will work directly with technical and non-technical staff to protect the confidentiality, integrity, and availability of sensitive data and systems.

See Active Job Descriptions

Information Security Manager

Salary Range:
$129,000–$187,000

Information security managers monitor the channels through which information flows into and out of an organization's information network. Managers are responsible for observing all of the operations occurring across the network and managing the infrastructure that facilitates those operations.

See Active Job Descriptions

Senior Manager of Research Computing

Salary Range:
$51,000–$114,000

This lead role collaborates closely with research faculty; oversees research cyberinfrastructure efforts; leverages large-scale data and computational systems; supports custom software, hardware, and workflows; facilitates engagements between researchers and specialists; and works with administration and community partners to provide sustainable support structures for all aspects of research IT needs.

See Active Job Descriptions

Manager of Information Security and Systems Operations

Salary Range:
$39,000–$138,000

Information security systems operations managers hold a senior-level management role. They are responsible for overseeing an organization's operations, with particular regard to information technology, data security, and business continuity. The role requires strategic oversight in covering all elements of information technology security in an organization.

See Active Job Descriptions

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

Having a satisfying cybersecurity career can feel elusive, even for a seasoned cybersecurity professional. In this session, we’ll talk about things that all security professionals, of all levels and backgrounds, need to know and do, in order to achieve professional success.

Watch the Webinar

Bill Dillon, former Executive Vice President for NACUBO, notes the importance of letting stakeholders influence the information-sharing process.

In this video, Tracy Schroeder, Vice President, Information Services & Technology at Boston University shares advice for aspiring female leaders.

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Be intentional about architecting your career, consider the experiences you need to advance to the next level, and be deliberate in pursuing those.
Continue to develop your technical skills in support of your advancement (e.g., PenTest+, NCSP).
Find Out More
Communication
  • Understand communication styles used in different workplace situations and identify practices that strengthen trust with internal and external partners.
  • Develop strategies for negotiating and persuading others.
  • Discuss ways to manage interpersonal conflict in the workplace.
Demonstrate effective presentation skills using industry best practices.
Find Out More
Finance
  • Develop strategies to overcome budgeting challenges and identify opportunities to support the budgeting strategy of the institution.
  • Cultivate strategic cross-institutional partnerships to help secure necessary funds for critical initiatives.
  • Use leadership skills to support budgeting efforts.
Project Management & Strategy
  • Develop a plan for engaging project stakeholders across campus.
  • Learn strategies to maximize the efficiency of meetings and individual work.
  • Employ techniques for prioritizing competing demands with limited resources.
  • Use strategic thinking to help others navigate organizational change and dynamics.
The Managers Institute will help to improve the management skills of those who direct people, processes, and functions within units, and provide a broader context for managing and leading in higher education.
Find Out More
Leadership, People, & Change Management
  • Evaluate opportunities for delegation and team or individual development.
  • Cultivate opportunities to practice giving and receiving feedback.
  • Develop a comprehensive approach to support employee performance and to maximize individual and team development.
Use strategic thinking to help others navigate organizational changes. Learn how to lead and support change from any level in the organization.
Find Out More
Assess

Take our competency self-assessment for mid-level professionals to evaluate your skills and abilities, and to help you identify your strengths and growth opportunities in the areas of communication, team development and optimization, financial management, project management, and more.

Assess

Assess your data literacy skills and abilities by taking the Data Literacy competency self-assessment. Understand your strengths and weaknesses in the areas of data security and privacy, data management, data analysis, and more.

Make Connections

Lead and facilitate a Community Groups that dovetails with your interests and expertise, like a DEI-focused or a leadership-focused community group.

Make Connections

Learn more about the National Initiative for Cybersecurity Education (NICE) and their mission to promote and coordinate a robust community working together to advance an integrated ecosystem of cybersecurity education, training, and workforce development

Engage in Mentoring

Find a mentor or become a mentor who can speak to the challenges of being in cybersecurity leadership roles. Consider a mentor who is in a different size institution or organization to learn about different approaches.

Engage in Mentoring

Create and lead an EDUCAUSE Mentoring Circle around an information security topic e.g., Vendor Assessment, Risk Management, Security Metrics.

Give Back

Become a Working Group member and collaborate closely with your peers from a variety of institutions to define solutions for new and existing challenges and create useful resources for the community.

Give Back

Have an idea that you think would benefit from focused attention? Have you started a project you would like to share with the broader higher education community? Propose a topic for a Working Group.

Think & Speak

Read the latest on information security, privacy, and risk in the Cybersecurity and Privacy channel of EDUCAUSE Review. Have a topic you'd like to see covered or an article to contribute? Become a contributor.

Think & Speak

Submit a proposal for a session and/or poster at the Cybersecurity and Privacy Professionals Conference.

Show Up

Go to the EDUCAUSE Annual Conference, designed for, and attended by, the global community of higher education IT professionals.

Show Up

Take part in our cybersecurity webinars featuring lively panel debates and cutting-edge insights. You can sign up for forthcoming webinars or review recordings and slides from past presentations.

Learn

Enhance your technical skills with these seven top security certifications.

Learn

Take a course from the SANS Institute, which empowers cybersecurity professionals with knowledge and skills.

Learn

Take a deep dive into our Library page of key resources in the Cybersecurity Program.

Learn

Learn more about cybersecurity roles at https://www.cisa.gov/cyberjobs.

Learn

Explore how to put the principles of DEI into practice and the learning and engagement opportunities to deepen your understanding.

Advanced Level

7-19 years
9-21 years
7-19 years
7-19 years

Advanced-level information security positions include information security manager, information security associate director, information security officer, information security architect, information security engineer, assistant director of information security, information security senior director, and others. People in those roles monitor the organization's information technology security system, are in charge of the institution's security risk management program, and act as advisors to executives.

Recommended Education

Bachelor’s degree in Information Security, Information Systems, or Computer Science or relevant experience. Certified Information Systems Security Professional (CISSP) or other equivalent certifications typically preferred. Information security, networking, server administration, and project management experience typically preferred.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Leading and directing the activities of integrated risk management team leads, analysts, coordinators, and other information security professionals.
  • Advising information technology and other executives on the status of technology risk and compliance issues.
  • Contributing to enterprise-level policies and standards, leading incident response activities, and remediating security issues.
  • Implementing, designing, managing and allocating all the technology security measures within an organization.
  • Monitoring the organization's information technology system to look for threats to security, and establishing protocols for identifying and neutralizing threats.

Advanced teaching and learning positions include job titles like senior instructional designer, director of academic technology, teaching and learning center director, and director of online learning. Professionals in these roles provide strategic oversight at the departmental level and usually lead teams. While not at the executive level yet, people in these roles are often the most senior representative subject matter expert in educational technology or learning design.

Recommended Education

Master’s, EdD, or PhD depending on career goals and institutional expectations.

Other options From Here

Interested in a career focused on organization-wide innovation? Take a look at the Innovation Pathway's advanced level.

You May Be Responsible For

  • Leading a team of learning professionals through the processes of course design, digital learning platform implementation, curriculum development, and staff training.
  • Maintaining current and relevant knowledge of higher education learning science.
  • Communicating with institutional leaders regarding the importance of student-centered teaching and learning practices.
  • Assisting with, or assigning team members to assist with, classroom technology, learning space design, faculty development, learning approaches, and evaluation needs.
  • Contributing to the institutional mission and vision regarding student success and teaching excellence.

Advanced-level positions in innovation include job titles such as director of innovation and instructional technology, director of lean transformation, and director of digital innovation and ecosystems. Professionals in these positions are responsible for directing and leading the operations of large innovation-related projects, often with managers and other staff reporting to them.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations

Other options From Here

Interested in a career path that focuses more specifically on teaching and learning? Take a look at the Teaching and Learning Pathway in the advanced level for options.

You May Be Responsible For

  • Directing an innovation center or an office for teaching effectiveness.
  • Directing work and/or initiatives supporting transformation across the organization.
  • Establishing a strategy for and operationalizing the scholarship of innovation on your campus.
  • Leading library innovation initiatives.

Advanced level positions in information technology include job titles such as director of analytics, director of client services, and director of network work services. Professionals in these positions are responsible for directing and leading the strategy and operations of large areas of information technology, often with managers and other staff reporting to them.

Recommended Education

Bachelor's, master's degree (or equivalent experience), certification in project management or change management, ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Teaching and Learning Pathway's advanced level for ideas.

You May Be Responsible For

  • Leading a team charged with the supervision of institutional information technology systems, including data, client experience, and web services.
  • Leading and developing central information technology teams of staff and student employees to oversee client relationships, service and help desk support, classroom technology, and information technology project management.
  • Collaborating with institutional stakeholders to make decisions for technology procurement and implementation.
  • Providing insight and leadership for institution web applications.
  • Provide strategy for technology roadmap to improve business operations, managing large scale IT projects or initiatives (i.e. data governance or data analytics).
  • Influencing and educating peers and others on needed alignments between operational and strategic goals.
  • Tracking and reporting of operational and strategic metrics.
  • Develop, manage and approve budgets and purchasing agreements.

Information Security Manager

Salary Range:
$81,000–$140,000

Information security managers are in charge of maintaining security protocols throughout their organizations. They are responsible for creating strategies to increase network and internet security related to different projects. They handle a team of information technology professionals to ensure easy access to data while maintaining high standards in terms of confidentiality and general data security.

See Active Job Descriptions

Information Security Associate Director

Salary Range:
$50,000–$120,000

Responsibilities of this role include directing the activities of integrated risk management team leads, analysts, and coordinators performing these functions; mentoring and motivating staff; measuring performance; and making continuous improvements. This role also acts as advisor to information technology and other executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.

See Active Job Descriptions

Information Security Officer

Salary Range:
$90,000–$130,000

Information security officers monitor the organization's information technology system to look for threats to security, establish protocols for identifying and neutralizing threats, and maintain updated anti-virus software to block threats.

See Active Job Descriptions

Information Security Architect

Salary Range:
$83,000–$153,000

An information security architect is responsible for the network and computer security for the organization. At the early stages of the security life cycle, the security architect acts as a project leader to plan, research, and design elements of security. The security architect starts by creating a general design, planning intended features and functionality.

See Active Job Descriptions

Information Security Engineer

Salary Range:
$81,000–$141,000

Professionals in this role will work alongside customers, software developers, enterprise architects, information security, internal audit, compliance, and other stakeholders to build information security strategies and programs. Professionals contribute to enterprise-level policies and standards, lead incident response activities, and remediate security issues. They'll improve the ability of the organization to protect the confidentiality, availability, and integrity of their and their community's information assets.

See Active Job Descriptions

Assistant Director of Information Security

Salary Range:
$85,000–$120,000

Professionals in this role are responsible for the security risk management program, including building and maintaining roadmaps for initiatives and projects, risk assessments, incident response, operational management, regulatory and policy compliance, and ensuring the institution adheres to federal, state, and local regulatory controls.

See Active Job Descriptions

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

What inspires you? Inspiration, motivation, and admiration are all qualities that either help us get to the next step in our career or our personal lives or simply help us get the morning started.

Listen to the Podcast

Keith McIntosh, Vice President & Chief Information Officer at the University of Richmond, shares his advice on the three relationships a CIO should cultivate.

Recognizing the motives and drives of your staff can provide great insight into running an efficient IT organization.

The gap will continue to widen between institutions that are starting to engage in digital transformation and those that have not. We asked five institutional leaders to share their unique projects that reflect a shift to Dx.

Listen to the Podcast
Lifelong Learning
  • Identify ways you and your team can support and address high-level campus-wide issues and priorities. Look for ways to connect the value of your division to organizational goals.
Attain relevant advanced cybersecurity certifications that position you to better support institutional needs (e.g., CISSP, CISM).
Find Out More
Communication
  • Incorporate audience considerations into your communication approaches.
  • Identify ways to expand your professional network and influence in the organization.
  • Develop skills to communicate with and persuade senior leaders.
  • Identify techniques to successfully communicate in times of crisis.
The Senior Directors Institute develops skills and techniques to effectively communicate with, motivate, and engage employees; spearhead strategies for institutional change; exercise strategic decision-making; and lead the way in overcoming enterprise-level challenges.
Find Out More
Finance
  • Examine how your initiatives can create enterprise-level opportunities.
  • Assess higher education tools and resources for collecting data and streamlining processes.
  • Identify strategies for overcoming budget and resource constraints.
  • Use strategic planning to ensure the long-term success of the organization.
Project Management & Strategy
  • Incorporate tactical and strategic thinking into your leadership approach.
  • Use enterprise architecture and other systems thinking techniques to inform strategic leadership decisions and to improve the decision-making abilities of others.
  • Monitor your portfolio by tracking KPIs and other relevant data.
Leadership, People, & Change Management
  • Identify characteristics and models for effective governance.
  • Integrate equity, diversity, and inclusion practice into leading efforts.
  • Think broadly about higher education and future technology trends to anticipate institutional needs.
  • Implement strategies for maximizing performance with individuals and teams.* Consistently and proactively manage risk.
Assess

Take our competency self-assessment for advanced-level professionals to evaluate your skills and abilities, and to help you identify your strengths and growth opportunities in the areas of communication, team development and optimization, financial management, project management, and more.

Make Connections

Attend a Member QuickTalk to connect with others on timely information security topics like risk management, and security awareness.

Engage in Mentoring

Become a mentor through our One to One Mentoring program and provide guidance and support to an information security professional who is early in their career.

Give Back

Volunteer for group activities or become a leader of the Cybersecurity Community Group, formed to identify problems and share strategies about information security governance, compliance, data protection, and privacy programs.

Give Back

Join an advisory or member committee and help shape EDUCAUSE program content by providing guidance and support to a particular area or lending your expertise to the development of events.

Give Back

Start or lead information security projects leveraging digital transformation, which help advance your institution’s mission. For more resources, check out our Dx library page.

Think & Speak

Contribute articles to the Cybersecurity and Privacy channel of EDUCAUSE Review.

Think & Speak

Facilitate a Webinar, QuickTalk, or session at the EDUCAUSE Annual Conference.

Think & Speak

Give guest lectures at your institution to engage with, raise awareness of, and better understand information security needs of students, faculty, and other key stakeholders.

Think & Speak

Facilitate Webinars, Learning Labs, and Institutes to stay connected and share knowledge. Find out more about serving as an institute faculty member.

Show Up

Attend professional development opportunities focused on key topics in the field of cybersecurity, including the annual Cybersecurity and Privacy Professionals Conference.

Show Up

Take part in our cybersecurity webinars featuring lively panel debates and cutting-edge insights. You can sign up for forthcoming webinars or review recordings and slides from past presentations.

Learn

Explore EDUCAUSE’s library pages of relevant resources in the Cybersecurity Program.

Learn

Stay current on the key trends, emerging technologies, and practices shaping the future of information security with the Horizon Report, Information Security Edition, developed by a global panel of leaders from across higher education.

Learn

Browse our Information Security Guide—put together by the Higher Education Information Security Council (HSEIC)—featuring toolkits, case studies, effective practices, and recommendations to help jump-start campus information security programs and initiatives.

Learn

Explore how to put the principles of DEI into practice and the learning and engagement opportunities to deepen your understanding.

Unit Executive Level

Executive Level

11-27 years
11-50 years
11-27 years
11-27 years

Unit executive level positions are typically members of the senior leadership team and work with constituents across the institution—faculty, staff, and students—to develop and deliver a comprehensive security and privacy program, including liaising with the campus general counsel on risk management and compliance activities. These positions may exist in Colleges of Medicine, Colleges of Law, or perhaps at a campus within a multi-campus district. Unit executives will need to have some familiarity with each level of information security work, from the strategic to the technical.

Recommended Education

Advanced degree in computer science, information technology, or related field. CIPP/US, CISSP, CISM, GIAC, or equivalent certifications, depending on career goals and institutional expectations.

Other options From Here

Interested in pursuing an alternative leadership career? Take a look at the information technology pathway's executive level for options.

You May Be Responsible For

  • Directing the development and delivery of an awareness and training program for students, faculty, staff, vendors, and other parties interacting with the institution’s data and services.
  • Planning and overseeing information security audits and risk assessments, such as penetration testing, tabletop exercises, and threat modeling, to drive information security prioritization and contribute to the institution’s risk management program.
  • Advising the institution’s counsel and leadership team on information security matters.
  • Defining and maintaining policies, standards, and practices for information and data security throughout the institution, encompassing on-premises and cloud technology, third-party engagements, and academic systems.
  • Serving as an active contributor and subject matter expert on projects that have security/privacy implications.
  • Reporting regularly on the posture of information security at the institution to the senior staff and the board of trustees.

Unit executive level roles in teaching and learning include job titles such as associate vice president online education, and associate provost for academic technology and innovation. These roles are often referred to as the Chief Academic Technology Officer, which can be a formal job title or a more informal institutional designation. Leaders in these roles guide institutional strategy in academic technology, online learning, and learning innovation.

Recommended Education

PhD or EdD depending on career goals and institutional expectations.

Other options From Here

Interested in an exploring an alternative career? Take a look at the Information Technology Pathway's executive level.

You May Be Responsible For

  • Providing strategic leadership for teaching and learning and academic technology across the institution, often overseeing multiple functional units.
  • Overseeing professional development programming for institutional teaching faculty.
  • Advocating for digital learning practices and informing academic colleagues of implementation processes.
  • Supervising academic planning, budget cycles, and digital learning plans for the institution and advising the president's office on teaching and learning needs.
  • Contributing leadership for accreditation requirements and strategic partnerships.

Executive-level positions in innovation include job titles such as assistant vice chancellor for instructional innovation and support, chief digital transformation officer, and chief innovation architect. Professionals in these positions are responsible for providing leadership for large areas and sometimes multiple departments within the institution, usually involving strategic planning, budget oversight, and institutional leadership for innovation initiatives.

Recommended Education

Master’s, MBA, MFA, JD, or doctoral degree based on personal goals and institution’s expectations

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Establishing and providing strategic direction for innovation initiatives on campus.
  • Reporting out results of innovation initiatives to stakeholders through presentation and benchmark data.
  • Overseeing all of the digital learning units on campus.
  • Guiding innovation priorities at the system level.
  • Applying change management principles across the institution to drive innovation.

Executive level positions in information technology include job titles such as chief data officer, chief information officer, vice president for IT, and assistant vice president for information technology. Professionals in these positions are responsible for providing leadership for large divisions and sometimes multiple departments within the institution, usually involving strategic planning, budget oversight, and institutional leadership for digital initiatives. As such, an executive must have a broad understanding of higher education issues and institutional culture.

Recommended Education

Master's, doctoral degree (or equivalent experience), ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Information Security Pathway's executive level for ideas.

You May Be Responsible For

  • Directing the overall information technology strategy for the institution and advising senior leadership related to digital initiatives.
  • Serving as an active contributor and subject matter expert on institutional projects involving technology.
  • Making strategic information technology operations and staffing decisions to align with the institutional mission and learning needs.
  • Collaborating with other senior leaders to provide vision, leadership, and strategic direction for institutional digital efforts.
  • Budgeting, financial planning, and resource allocation.

Information Security Senior Director

Salary Range:
$53,000–$190,000

An information security director is responsible for implementing, designing, managing, and allocating all the technology security measures within an organization. Information security directors have knowledge of technology strategy, enterprise architecture, and other security-related concepts similar to those of a chief information security officer. They may report directly to a chief information security officer and will take on this executive role in smaller organizations.

See Active Job Descriptions

Executive Information Security Director

Salary Range:
$145,000–$211,000

An information security director is typically responsible for implementing, designing, managing, and allocating all the technology security measures within an organization. This role oversees and directs the activities of integrated risk management team leads and is in charge of overseeing information technology security measures throughout a variety of organizations. They are responsible for every aspect of security, from protocols and incident response to staffing and budgets.

See Active Job Descriptions

Deputy Chief Information Security Officer

Salary Range:
$113,500–$320,000

The deputy chief information security officer is responsible for partnering with the chief information security officer in maintaining an organization-wide, global information risk management program and cybersecurity organization. Other responsibilities may include managing a staff of information security analysts; collaborating with security officers to identify needs, requirements, and gaps in institutional security programs; developing and delivering security-related services for use in conducting risk assessments and overseeing risk assessments; coordinating the planning and delivery of strategic security services; leading working groups to maintain systemwide policies; developing metrics to measure the effectiveness of institutional security programs; and developing and managing operating and special-purpose budgets, among others.

See Active Job Descriptions

Information Security Consultant

Salary Range:
$85,000–$180,000

Security consultants assess all security measures for their organization or for client organizations. They analyze security systems, study potential breaches, and supervise the implementation of solutions. They may oversee security operations for their organization, helping the organization to understand where their cybersecurity measures may need patching. The person in this role is primarily responsible for execution of various engagement security objectives within assigned areas. This includes performing security assessments, participating in project scoping, leading meetings with clients, and independently conducting testing. An information security consultant will also have strong communication skills, including the ability to participate in project reporting and clearly articulate security issues to the client and internal team.

See Active Job Descriptions

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

John O'Brien, EDUCAUSE CEO and President, talks with Mike Corn, CISO for the University of California San Diego, and Cheryl Washington, CISO, for the University of California Davis, about the increasing relevance of the Chief Information Security Officer role.

Listen to the Podcast

Freeman Hrabowski and Jack Suess on Successful President/CIO Collaboration

Listen to the Podcast

Many colleges and universities want to innovate. But are they ready to innovate? Watch this video on keeping pace with innovation.

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Continue to build your network with executive-level professionals inside and outside your division and institution. Look for opportunities to lead in your profession, at the regional or even national level.
Stay current on important trends and key technologies and practices shaping the future of information security, and explore scenarios and implications for that future.
Find Out More
Communication
  • Demonstrate contract negotiation skills.
  • Identify communication strategies to engage stakeholders across campus.
  • Employ effective communication strategies to build workplace relationships at all levels.
Finance
  • Develop understanding of your organization's infrastructure, financial processes, and funding models.
Project Management & Strategy
  • Prioritize the use of relevant data to make effective decisions, propose solutions, and set benchmarks.        
  • Use sound decision-making that aligns with the mission and vision of your organization.
  • Develop and demonstrate vendor management skills.
  • Develop strategic goals through research, planning, and systems thinking.
The Executive Leaders Academy broadens perspectives and deepens leadership by focusing on how leaders can develop individuals and teams, exhibit leadership in change and innovation, develop strategic goals for optimal outcomes, and advance their own leadership abilities.
Find Out More
Leadership, People, & Change Management
  • Think broadly about higher education and future technology trends to anticipate institutional needs.
  • Demonstrate ethical decision-making and behavior.
  • Develop and remain attuned to faculty culture and dynamics.
  • Assess hiring and recruitment practices to maximize a talented and diverse workforce.
  • Use a risk-based approach to change organizational behaviors.
Assess

Complete this Digital Transformation (Dx) Institutional Self-Assessment to understand your institution’s capabilities for digital transformation in strategic innovation; data and analytics; institutional alignment, flexibility and agility; diversity, equity and inclusion; and transformation of work and skills.

Assess

Use EDUCAUSE Analytics Services to identify peer institutions, learn more about technology solutions, and benchmark resources through the Core Data Service.

Make Connections

Seek an executive coach to support critical transitions. EDUCAUSE offers one-on-one meetings with professional executive coaches at its annual conference and online.

Make Connections

Host a Member QuickTalk to connect with others on timely cybersecurity topics like vendor assessment and workforce retention.

Engage in Mentoring

Become a mentor through our One-to-One Mentoring program and help provide guidance to a mid-level or advanced information security professional looking for career support.

Give Back

Join an advisory or member committee and help shape EDUCAUSE program content. You can provide guidance and support to a particular association area, lend your expertise to the development of our flagship events, or volunteer to review presentation proposals.

Give Back

Start or lead information security projects leveraging digital transformation, which help advance your institution’s mission. For more resources, check out our Dx library page.

Think & Speak

Give guest lectures at your institution to engage with, raise awareness of, and better understand information security needs of students, faculty, and other stakeholders.

Think & Speak

Serve as an EDUCAUSE Institute faculty member for the New Managers Institute for Cybersecurity Professionals.

Think & Speak

Present ideas and best practices at the EDUCAUSE Annual Conference or other industry events.

Show Up

Attend professional development opportunities focused on key topics in the field of cybersecurity, including the annual Cybersecurity and Privacy Professionals Conference.

Show Up

Cultivate opportunities to serve on boards: advisory boards, governing boards, policy boards—in the private and public sectors.

Learn

Browse our Information Security Guide—put together by the Higher Education Information Security Council (HSEIC)—featuring toolkits, case studies, effective practices, and recommendations to help jump-start campus information security programs and initiatives.

Learn

Renew your commitment to diversity, equity, and inclusion. Use EDUCAUSE’s DEI book recommendations list for suggestions provided by community members, and watch this CIO Minute video about how to improve organizational diversity.

Learn

We’ve developed a toolkit of resources for new chief information security officers to help you connect with others across campus and maximize your impact in your new role.

Learn

Explore how to put the principles of DEI into practice and the learning and engagement opportunities to deepen your understanding.

Institutional Executive Level

19-50 years
3-11 years
19-50 years
19-50 years

Under the general direction of the vice chancellor, president, and/or CIO, institutional executive-level positions are typically responsible for the development and delivery of a comprehensive, university-wide or district-wide information security and privacy program. These positions help inform and provide strategic guidance around information security to the CIO, the members of the institutional senior management team, the Board of Trustees, and the broader institutional community.

Recommended Education

Advanced degree in computer science, information technology, or related field. CIPP/US, CISSP, CISM, CCSP, CEH, GIAC, or equivalent certifications, depending on career goals and institutional expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Staying current on the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the institution and its mission.
  • Coordinating the development of institutional information security policies, standards, and procedures. Working with key information technology offices, data custodians, and governance groups in the development of such policies. Ensuring that university policies support compliance with external requirements.
  • Serving as the university compliance officer with respect to institutional, state, and federal information security policies and regulations, and submitting required reports to external agencies.
  • Leading and overseeing incident reporting and response systems to address security incidents, responding to alleged policy violations, or complaints from external parties, and serving as the official contact point for information security, privacy, and copyright infringement incidents, including maintaining relationships with law enforcement entities.
  • Coordinated with third party vendors and vendor contract procurement. Supports security screenings such as the HECVAT and VPAT.

Institutional Executive Teaching and Learning include job titles such as Chief Online Learning Officer; Vice-Chancellor, Academic Affairs; and Associate Vice President of Academic Affairs. These roles are typically positioned at the institutional or district level of the organization and are responsible for providing institution-wide leadership, supervision, guidance, and direction for all educational programs, faculty and staff, and instructional policies and procedures. They may also provide leadership and supervision for academic support services, including tutoring, testing and assessment, and library services.

Recommended Education

PhD or EdD depending on career goals and institutional expectations.

Other options From Here

Interested in other senior leadership options? Consider the Innovation Pathway's institutional executive level.

You May Be Responsible For

  • Overseeing university curricula.
  • Providing leadership for evaluating and ensuring quality in all aspects of instructional and educational programs.
  • Directing budget preparation for the academic and academic-related programs.
  • Recommending, developing and implementing instructional policies, procedures, and practices that foster and promote student learning throughout the organization.
  • Building an innovative culture and guiding innovation process throughout the organization.

Institutional executive-level positions in innovation include job titles such as chief learning and innovation officer, vice president for research and innovation, and vice president for strategy and innovation. Professionals in these positions work with other executives and provide leadership for institution-wide initiatives and strategy.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Representing the institution externally.
  • Directing institutional strategic planning and goal-setting.
  • Guiding partnerships with other institutions or industry.
  • Overseeing the transformation of every business process.

Early Level Information Technology lorem ipsum

Recommended Education

Recommended education for Info Sec early level

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet

Chief Information Security Officer

Salary Range:
$168,000–$275,000

The chief information security officer provides institutional community awareness and training, strategic guidance, and technical leadership for a comprehensive, institution-wide information security and IT risk management program. This role typically directs an Office of Information Security composed of identity and access management, privacy, security consulting, and operations. This position may develop and lead outreach, communication, and education efforts to raise university-wide awareness of information security risk, requirements, and solutions; provides strategic and technical guidance and oversight in the design and implementation of appropriate security processes for university-wide information systems; recommends and oversees the monitoring of computing practices to prevent and recover from security breaches, and directs the handling of security incidents when breaches occur. The chief information security officer may oversee both the technical and policy aspects of digital identity as well at the institution’s privacy program and cyber compliance program.

See Active Job Descriptions

Associate Vice President of Cybersecurity

Salary Range:
$108,000–$162,000

This role is typically responsible for leading both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this person may be responsible for leading investigations into security threats, working with internal and external groups to ensure the cybersecurity program is operating effectively and efficiently, and developing strong partnerships across the organization to ensure information assets are protected at the appropriate level. This position may also coordinate with senior IT security leaders to set direction and operation of the group; prepare roadmaps, guidelines, and direction for the department; communicate critical threats and remediation efforts for the enterprise; create, analyze, and communicate security metrics to senior leadership; design and monitor secure access to the network infrastructure; participate in emergency response team activities; and develop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems.

See Active Job Descriptions

Vice President of Information Technology Security

Salary Range:
$195,000–$305,000

The vice president of information technology security will plan and implement hardware, software, cybersecurity, databases, network resources, telecommunications, cabling, card access software, security cameras, and other information technology processes for the entire Institution. They may also direct information technology research, making recommendations for improvements and communicating changes; lead and train information technology department staff; establish department goals to support college priorities; monitor and report on information technology projects; provide appropriate professional development for college technology users; create and maintain a culture of exemplary customer service and quality; consistently report on daily work orders, project updates, data retrieval, and recommendations; and serve as the primary communicator for all technology-related updates and issues.

See Active Job Descriptions

Chief Privacy Officer

Salary Range:
$120,000–$150,000

A Chief Privacy Officer (CPO) is a corporate executive charged with developing and implementing policies designed to protect employee and customer data from unauthorized access. Other elements of the CPO job include maintaining a comprehensive and current knowledge of both corporate operations and privacy laws, as well as communicating details of the company's privacy policy to staff and customers alike. The CPO is typically the organization's point person for media and other external inquiries about privacy-related matters. To effectively meet the challenges of the job, the CPO must work in cooperation with other C-level executives, particularly those whose areas of concern overlaps, such as the Chief Information Officer (CIO), the Chief Security Officer (CSO), the Chief Data Officer (CDO) and the Chief Compliance Officer (CCO). In some instances, the CPO oversees multiple roles handling both compliance and legal consultation on data privacy matters. They are also the Data Point Administrator for GDPR and other International Data Privacy Regulatory bound agreements.

See Active Job Descriptions

Chief Data Officer

Salary Range:
$135,000–$250,000

The Chief Data Officer (CDO) is the chief data strategist at the institution and is responsible for leading data governance and fostering a data-driven decision-making culture to enable effective student success strategies. The CDO provides strategic leadership for and overall management of data processes and systems including the utilization of data to support student success. This includes the effective use of data for reporting, analysis, and actionable insight; the management and coordination of institutional data for a wide range of uses including accreditation; external reporting; student enrollment; course offering optimization; student engagement; retention and success; and student support services.

See Active Job Descriptions

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings

Two IT leaders discuss a cyberattack that occurred at each of their institutions and share insights into preparing for future threats.

Listen to the Podcast

Looking at info techas a career path can be intimidating, but many working in this field didn't start out with intentions to work in cybersecurity. In this podcast, we ask several higher education cybersecurity professionals how they would encourage others to consider cybersecurity as a career option.

Listen to the Podcast

Watch this video with Keith McIntosh, Vice President & Chief Information Officer at the University of Richmond, as he discusses the 3 most important relationships to develop at your institution.

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Take the time to lead your profession through service on advisory boards, consortiums, and professional associations.
Communication
  • Develop and practice board-level communication skills.
  • Refine your ability to speak publicly to the media, the local community and other public, external communication channels.
Finance
  • Develop metrics to measure the effectiveness of institutional security programs, and develop and manage operating and special-purpose budgets to support those programs.
Project Management & Strategy
  • Practice institutional-level strategic planning and execution skills.
  • Act as a thought leader for your organization, profession, and industry.
  • Represent your organization at the national level.
Leadership, People, & Change Management
  • Develop partnership-building skills with external organizations.
  • Employ institutional-level change management skills and serve as a resource for developing change management capacity.
The Executive Leaders Academy focuses on how senior leaders can successfully develop individuals and teams, exhibit leadership in change and innovation, develop strategic goals for optimal outcomes, and advance their own leadership skills.
Find Out More
Assess

Complete this Analytics Capabilities Institutional Self-Assessment to understand your capabilities in the areas of workforce, data governance, data management, leadership, and data-informed culture.

Make Connections

Look for opportunities to build relationships with information security leaders outside of higher education by participating in leadership and networking programs.

Engage in Mentoring

Seek an executive coach to support critical transitions. EDUCAUSE offers one-on-one meetings with professional executive coaches at its annual conference and online.

Give Back

Support the advancement of higher education through the use of information technology by becoming a member of the EDUCAUSE Board of Directors. Learn more by joining this Member QuickTalk on the topic.

Think & Speak

Give guest lectures to engage with, raise awareness about, and better understand information security needs of students, faculty, and other key stakeholders.

Think & Speak

Attend or speak at higher education events to advocate for cybersecurity and privacy concerns.

Think & Speak

Serve as an EDUCAUSE Institute faculty member for the Senior Directors Institute and share your experience and expertise with senior cybersecurity professionals.

Show Up

Join the Cybersecurity and Privacy Professionals Conference Program Committee, which brings together information security and privacy professionals, information technology staff, and others from across the higher education community.

Show Up

Attend trainings and conferences outside the higher education industry.

Show Up

Go to the EDUCAUSE Annual Conference, designed for, and attended by, the global community of higher education information technology professionals.

Learn

Expand your perspective of information security by reading books and articles on the topic from the corporate or nonprofit sectors.

Learn

Serve on the Horizon Report, Information Security Edition panel of higher education experts to help other stay current on the key trends, emerging technologies, and practices shaping the future of information security.

Learn

Explore how to put the principles of DEI into practice and the learning and engagement opportunities to deepen your understanding.

Ways to Keep Growing

Throughout and beyond your information security career, there are ways to keep contributing and providing thought leadership to the profession that may fall outside of the particular career levels identified above. Explore ways to make connections, to continue leading, and to support other professionals and institutions with your hard-earned expertise and experience.

Make Connections

Look for opportunities to build relationships with information security leaders outside of higher education by participating in leadership and networking programs.

Show Up

Join the Cybersecurity and Privacy Professionals Conference Program Committee, which brings together information security and privacy professionals, IT staff, and others from across the higher education community.

Show Up

Attend trainings and conferences outside of higher education.

Learn

Serve as faculty for the EDUCAUSE institutes and other programs to stay connected and share knowledge. Find out more about being a faculty member at EDUCAUSE and how to apply.

NOTE: Salary data varies significantly by location, institutional type, and many other factors and should not be used for benchmarking. Job descriptions should be consulted for specific salary information. Average salary ranges sourced from various employment sites and active listings.

Looking for more? Find your next job at the Career Center.
Explore Job Postings