The Information Security Pathway

Information Security professionals protect our institutions' most important and private information. This path will help you identify and navigate an Information Security career by increasing your understanding of the knowledge, skills, and experiences needed to begin, transition, and advance your career.

The pathway at a glance
Timeline graphic previewing the transition from early to institutional executive level throughout the lifespan of your career

Explore the Information Security Pathway

John O’Brien, President and CEO of EDUCAUSE speaks to ​​Bella Abrams, Director of Information Technology at the University of Sheffield and Phil Ventimiglia, Chief Innovation Officer at Georgia State University on the 2022 Top 10 IT Issues.

The EDUCAUSE Security Pathway Toolkits provide individuals and mentors an opportunity to identify strengths and gaps, then select activities to leverage those strengths and develop in select areas. The toolkits support the development of an action to improve immediate performance and foster readiness for long-term professional goals. Select the appropriate toolkit for your needs below to get started.

Early Level

0-7 years
0-7 years
0-7 years
0-7 years

Early-level data professional positions include visualization specialist, data wrangler, data engineer, and a focus on analysis. Roles often have "analyst" at the end of the title (e.g., data analyst, research data analyst, data governance analyst, institutional research analyst, etc.) In these roles, duties and responsibilities may include building data models and assessing, preparing, and analyzing institutional data to provide timely reports, analyses, and visualizations to stakeholders and answering ad-hoc questions.

Recommended Education

Bachelor’s or Master's degree or equivalent experience.

Other options From Here

You May Be Responsible For

  • Helping faculty, staff, and students locate data and interpret data products.
  • Assisting in the development and/or administration of surveys.
  • Serving as the point person for reports and analyses created.
  • Developing and leveraging data visualization skills to enhance understanding among various constituencies.
  • Advancing analytic and modeling skill sets.

Entry-level positions in cybersecurity include job titles like information security specialist, information security analyst, network technical specialist, and computer forensics analyst. In these roles, your duties and responsibilities may include helping to prevent data breaches, network attacks, and other threats. You work to protect your institution's digital resources and information technology systems and to prevent hackers from disrupting normal business activities. Additionally, you help faculty, staff, and students learn and engage in good information security practices on the job and at home.

Recommended Education

Degree in Computer Science or related area and/or equivalent of education and experiences; select network and security certifications; and experience working with select compliance standards.

Other options From Here

You May Be Responsible For

  • Performing operational security duties in support of security rules and procedures based on university policies, state and federal requirements, and contractual obligations.
  • Assisting in the triage of incoming security events.
  • Acting as an escalation point for information technology security incidents.
  • Providing direction and guidance on available security services and tools.
  • Monitoring current trends, making recommendations and evaluating solutions to close gaps in security processes.

Entry-level positions for teaching and learning may support faculty to apply learning technology to courses, coordinate and maintain digital resources for the institution, or assist in curriculum or instructional design. People who perform these tasks may have job titles like instructional technologist, instructional designer, computer learning lab coordinator, learning management system administrator, instructional technologist, multimedia designer, and faculty development specialist.

Recommended Education

Associate's degree, bachelor’s degree, certifications in user and instructional design, or equivalent experience

Other options From Here

Interested in an innovation-focused work? Take a look at the Innovation Pathway's early level for options.

You May Be Responsible For

  • Contributing to the effective implementation and function of digital learning tools.
  • Collecting and analyzing relevant learning data to recommend data-informed decisions for the unit.
  • Offering guidance and advice to teaching faculty on learning design with digital platforms.
  • Collecting learning outcome and evaluation data to inform future digital learning decisions and designs.
  • Maintaining current and relevant knowledge of higher education learning science.

Entry-level positions in innovation include job titles such as instructional innovation specialist, business transformation project manager, and systems integration and innovation coordinator. These positions work in some capacity helping to support innovation to advance institutional strategies.

Recommended Education

Associates degree, bachelor’s degree, or equivalent experience.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Consulting and advising an instructional team on appropriate technological tools best suited to meet learning objectives.
  • Providing technical solutions for highly interactive learning environments.
  • Working with faculty on the design, development, and production of learning materials using digital media.
  • Following change management policies and procedures for configuration and application changes, including obtaining approval for release into production.
  • Leading systems, services, and infrastructure projects.
  • Providing administrative and/or project management support for innovation projects or initiatives.

Early level positions in information technology include job titles such as user support specialist, data analyst, desktop support technician, and network operations analyst. These positions work in some capacity helping to support institutional technology or data operations, or to maintain the institution's digital environment.

Recommended Education

Associate degree, bachelor’s degree, ITIL or IT service management training (see take action for more information), or equivalent experience. Certifications such as CompTIA A+, ITIL Foundation; vendor specific certifications such as Microsoft, AWS, for service and support roles. Certifications around data analytics and vendor specific certifications, such as Oracle or Microsoft for those working with data and databases.

Other options From Here

Interested in exploring an alternative career? Take a look at the Information Security Pathway's early level for ideas.

You May Be Responsible For

  • Assisting in the collection and analysis of data to inform decisions for information technology and the institution.
  • Administering technology training and facilitating help for students, faculty, and other institutional stakeholders.
  • Supporting and maintaining institution technology solutions such as labs, mobile technology, classrooms, and more.
  • Supporting and maintaining software applications across campus.
  • Contributing to decisions regarding institution technology adoption and implementation.

Information Security Specialist

Salary Range:
$43,000–$72,000

Information security specialists are in charge of developing and implementing security measures for their organization. They are responsible for analyzing security procedures and suggesting changes to upper management for increased efficiency and extra security. Information security specialists present their findings to managers and recommend new technologies or policy modifications.

See Active Job Descriptions

Network Technical Specialist

Salary Range:
$35,000–$69,000

Information security network specialists, also known as computer support specialists, set up, support, and maintain local area networks (LANs), wide area networks (WANs), and other networking systems in their organization. These professionals also install routers, switches, firewalls, and network-related software programs for their organizations.

See Active Job Descriptions

Information Security Analyst

Salary Range:
$43,000–$90,000

Information security analysts are responsible for conducting system analysis and providing technology project leadership for their organization. One of their main duties is coordinating operational procedures related to information systems and their management.

See Active Job Descriptions

Computer Forensics Analyst

Salary Range:
$40,000–$120,000

Forensic computer analysts are responsible for analyzing computer-based information for forensic evidence within their organization. They process large amounts of data to find specific items on behalf of their organization. Tasks performed by forensic computer analysts may include handling computer hard drives and storage devices to analyze user patterns, using different computer programs to recover information from damaged media devices, and preparing detailed reports after running computer analysis software applications, among others.

See Active Job Descriptions

Kenneth Gyan, Director of Information Technology, University of North Carolina at Chapel Hill.

Insuh Pak, Analytics Engineer at University of California, Santa Cruz

Melissa Meehan, Web Services Director, SUNY Buffalo State.

Rebecca Graetz, Senior Instructional Designer, University of Wisconsin-Oshkosh

Lifelong Learning
  • Demonstrate a commitment to your own professional growth and willingness to develop your skills in areas of importance to your organization by developing a plan with a mentor, peer, or manager.
Explore cybersecurity certifications for early or entry level cybersecurity professionals.
Find Out More
Communication
  • Use active listening to communicate effectively with others.
  • Practice communicating in difficult workplace situations.
Learn active listening techniques, practice communicating in difficult situations, and to manage workplace conflict.
Find Out More
Finance
  • Examine planning approaches to budgeting and understand key components of cost estimating.
  • Use budget management techniques to justify changes to funding levels.
  • Identify critical sources of data related to institutional budget management.
In the Higher Education Finance Lab, learn how to leverage budgeting to support strategy, while navigating and adapting to shifts and cuts within departments.
Find Out More
Project Management & Strategy
  • Analyze the benefits of different project management approaches and best practices for ensuring the success of projects.
  • Assess the importance of team dynamics on project success and identify strategies for maximizing productivity and efficiency.
Learn how to demonstrate effective oversight of projects and people.
Find Out More
Leadership & People Management
  • Develop hiring and recruitment practices to maximize a talented and diverse workforce while maximizing workplace motivation and engagement.
  • Learn how to retain valuable team members in a higher education setting.
  • Learn about the characteristics and traits of effective leaders and about essential leadership principles.
  • Develop leadership styles that promote a growth mindset and ethical frameworks for decision-making.
  • Use leadership skills to successfully navigate organizational change.
Develop and promote a growth mindset, apply ethical frameworks for making managerial decisions, and navigate organizational change.
Find Out More
Change Management
  • Communicate effectively to convey the reasons behind the change, address concerns, and keep everyone informed throughout the process.
  • Adapt to change and help others adapt. Be open to new ideas and flexible in their approach to facilitate smoother transitions.
  • Develop strong problem-solving skills to identify issues, brainstorm solutions, and implement them effectively in the face of change.
  • Demonstrate understanding and empathy with the concerns and perspectives of colleagues affected by the change is important. Build trust and foster cooperation by showing empathy.
  • Develop resilience to bounce back from setbacks, stay motivated, and maintain productivity during times of uncertainty.
Earn your microcredential in the "Delivering Project Results: Change Management for Those Overseeing, Leading, or Managing Projects" Lab.
Find Out More
Assess

Take the self-assessment for early-career cybersecurity professionals to evaluate your skills and abilities and to identify your strengths and growth opportunities in the areas of cybersecurity team performance, resource management, leadership practices, and project operations.

Assess

Review the "Top Ten Ways to Discover a Cybersecurity Career That Is Right for You" in this webinar.

Make Connections

Explore and join any of the cybersecurity and privacy Community Groups to share strategies about information security governance, compliance, data protection, and privacy programs or other security-related topics.

Make Connections

Learn about and join the Young Professionals Community Group for support in the early stages of your career.

Make Connections

Become an EDUCAUSE ambassador and help your organization get the most out of its membership by connecting colleagues with beneficial resources.

Engage in Mentoring

Find a mentor who has a role you may want eventually and can speak to the professional advancement journey. Connecting with a mentor with information security expertise can also help you understand the latest trends and issues.

Give Back

Consider a volunteering opportunity, like reviewing proposals or submitting an article for EDUCAUSE Review.

Give Back

Read the latest on information security, privacy, and risk in the Cybersecurity and Privacy channel of EDUCAUSE Review or submit an article for consideration.

Think & Speak

Submit a proposal for a session and/or poster at the Cybersecurity and Privacy Professionals Conference.

Think & Speak

Complete the Presenter Concierge series to help you create an outstanding presentation by focusing on the practices adopted by the most effective speakers, presenters, and facilitators.

Show Up

Go to the EDUCAUSE Annual Conference and connect with a vibrant community of higher education professionals working with technology.

Learn

Listen to the Cybersecurity as a Career Path podcast and learn more about becoming a professional in this area.

Learn

Earn your microcredential at the Data Literacy Institute, and develop the foundational knowledge needed for effective data-informed decision-making while getting hands-on practice with each step from data creation to leading change.

Learn

Become familiar with EDUCAUSE programs and services for cybersecurity and privacy professionals and plan your engagement in each of the areas.

Learn

Apply for an EDUCAUSE scholarship to support your professional learning.

3-11 years
3-15 years
3-11 years
3-11 years

Mid Level

Mid-level positions in data include highly proficient individual contributors and people managers. Often, job titles that include “Lead” are individual contributor positions that may include project management responsibilities: Lead Data Engineer, Lead Analytics Engineer, Lead Data Analyst, or Principal Analyst. As lead individual contributors, duties and responsibilities may also include participating in teams of other data professionals and working with key stakeholders to deliver data product solutions. Professionals at this level may support central services with enterprise/institutional data or specialize within functional domain data. Similar versions of these job titles with “Manager” or “Associate Director” include people management duties such as performance management and professional development: Associate Director of Institutional Research, Data Services Manager, or Data Governance Manager. As a manager, duties and responsibilities may include leading teams of other data professionals and managing stakeholders to deliver data product solutions. Mid-level professionals may support the development of technical skill sets of early-level professionals within an area of expertise, manage central services with enterprise/institutional data, and/or specialize within functional domain data.

Recommended Education

Master’s, MBA, PhD, or equivalent experience.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Managing data assets and access to those data assets.
  • Project management for delivering new or enhanced data products.
  • Resolving data quality issues.
  • Partnering with technical and functional teams across the institution to develop data products that address business needs.
  • Partnering with technical and functional teams across the institution to develop data governance and related policies that align with strategic directions.
  • Maintaining documentation such as data catalogs, style guides, and standard operating procedures.
  • Developing the technical skill sets of early data professionals, providing constructive performance management feedback and balancing workload across team members.
  • Developing code, data models, and/or business intelligence products.

Mid-level positions in cybersecurity include job titles like information security analyst, information security penetration tester, information security engineer, information security consultant, information security advisor, information security manager, information senior security engineer, manager of information security and systems operations, and senior manager of research computing. In this role, your duties and responsibilities may include designing security systems, conducting reviews and audits, assessing systems for gaps, and recommending solutions.

Recommended Education

Bachelor's degree in computer science, information systems, communications, or related fields, or similar certified coursework in applicable fields of study. Foundation knowledge and skills may include working knowledge of common software application packages, equipment platforms, reference database systems and sources, and training methods and a basic understanding of networks, data communication, and multimedia systems.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Managing identity and access management infrastructure.
  • Partnering with teams across the university, information security office, server operations, and integrations and application teams to create solutions that meet security and business requirements.
  • Working closely with clients and other ITS staff in support of the university’s mission and strategic direction.

Mid-Level teaching and learning roles include job titles like project manager, instructional designer, and faculty development manager, and typically require expertise in educational technology and learning design. People in these positions are beginning to have leadership responsibilities and may coordinate teams or training. At this level, people continue to develop the competencies and relationships they will need to assume senior and executive roles in the field.

Recommended Education

Bachelor's or master’s depending on career goals and institutional expectations. Consider obtaining relevant certifications to user and instructional design, curriculum development, and project management.

Other options From Here

Interested in career focused on innovation? Take a look at the Innovation Pathway Mid-Level track for options.

You May Be Responsible For

  • Designing and facilitating academic training and development for institutional teaching faculty.
  • Providing expertise in educational technology and offering input into institutional adoption.
  • Coordinating a team of learning professionals, including positions in library services, teaching and learning centers, and educational technology units.
  • Advocating for student-centered learning and design across the institution.
  • Providing project management leadership and support to course design or educational technology projects.

Mid-level positions in innovation include job titles such as digital innovation librarian, associate director of research and innovation, and program manager for innovation and digitization.  Professionals in these positions are often in management-oriented roles with responsibilities for supporting or maintaining a specific area related to innovation. They may also supervise entry-level staff.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Implementing digital learning initiatives.
  • Serving as project manager for innovation projects.
  • Supervising instructional design staff.
  • Managing an analytics team.

Mid-level positions in information technology include job titles such as operations support manager, manager of client services, or manager of reporting and analytics. Professionals in these positions are often in management-oriented roles with responsibilities for supporting or maintaining a specific area within information technology. They may supervise entry-level staff.

Recommended Education

Bachelor's, master's degree (or equivalent experience), ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Innovation Pathway's mid-level for ideas.

You May Be Responsible For

  • Collaborating with stakeholders across the institution to set strategic direction for information technology initiatives.
  • Leading a team of specialists to support information technology programs through the technology lifecycle.
  • Managing information technology projects including hardware and software infrastructure implementation and support.
  • Providing oversight for systems including enterprise applications, data management, and learning technology.
  • Providing oversight for systems and processes including enterprise applications, data governance, data management, and learning technology.
  • Cross-unit collaboration and/or cross-level or departmental collaboration.
  • Executing on strategic initiatives set forth by senior leadership team and managing expectations.
  • Providing subject matter expertise on mid-to-large scale technology implementation projects.
  • Supervising staff with multiple skill levels and expertise areas and aligning those skillsets to achieve goals and complete projects.

Information Security Engineer

Salary Range:
$60,000–$153,000

The information security engineer may serve in a technical, educational, and leadership role focused on securing both the physical and virtual aspects of an information environment. Implement, manage, and integrate systems that support the information security office’s mission to identify and remediate threats to the confidentiality, integrity, and availability of information in the institution's information ecosystem. Manage information security projects of significant institutional impact and importance; work closely with other staff responsible for enterprise technology infrastructure operations; and serve as a subject-matter expert/consultant to various groups.

See Active Job Descriptions

Information Security Penetration Tester

Salary Range:
$47,000–$97,000

Information security penetration testers plan and execute tests, document their methodologies, create detailed reports about their findings, and might be involved in designing fixes and improving security protocols. These professional will assist with penetration tests and other technical security assessments; assist developing and evaluate novel security testing capabilities and methodologies; help mentor junior penetration testing staff; and transition their knowledge and expertise to the broader community.

See Active Job Descriptions

Information Security Advisor

Salary Range:
$79,000–$141,000

Information security advisors evaluate security systems to determine the potential risk of a breach. They develop policies and procedures that minimize the risk to properties, employees, and computer systems.

See Active Job Descriptions

Information Security Consultant

Salary Range:
$50,000–$130,000

The information security consultant conducts regular audits across departments or teams that work with data. The consultant helps spot possible areas of vulnerability in the flow and storage of data and helps implement solutions. This typically includes the use of rules and standards for what data is available to certain employees, establishing tiered access to the data in a company, and implementing hardware and software protocols that secure all aspects of the organization’s IT assets against unwanted intrusion.

See Active Job Descriptions

Senior Information Security Engineer

Salary Range:
$61,000–$125,000

The information senior security engineer is responsible for the development, implementation, and management of technical systems and controls necessary to safeguard information and assets. The position will work directly with technical and non-technical staff to protect the confidentiality, integrity, and availability of sensitive data and systems.

See Active Job Descriptions

Information Security Manager

Salary Range:
$129,000–$187,000

Information security managers monitor the channels through which information flows into and out of an organization's information network. Managers are responsible for observing all of the operations occurring across the network and managing the infrastructure that facilitates those operations.

See Active Job Descriptions

Senior Manager of Research Computing

Salary Range:
$51,000–$114,000

This lead role collaborates closely with research faculty; oversees research cyberinfrastructure efforts; leverages large-scale data and computational systems; supports custom software, hardware, and workflows; facilitates engagements between researchers and specialists; and works with administration and community partners to provide sustainable support structures for all aspects of research IT needs.

See Active Job Descriptions

Manager of Information Security and Systems Operations

Salary Range:
$39,000–$138,000

Information security systems operations managers hold a senior-level management role. They are responsible for overseeing an organization's operations, with particular regard to information technology, data security, and business continuity. The role requires strategic oversight in covering all elements of information technology security in an organization.

See Active Job Descriptions

Jay James, Senior Cybersecurity Operations Lead, Auburn University.

Todd Barber, Executive Director of Enterprise Applications and Data Services at The University of Tennessee Health Science Center

Melissa Barnett, Data Governance Manager, Georgia State University.

Steve Burrell, Vice President & CIO, Northern Arizona University

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Be intentional about architecting your career, consider the experiences you need to advance to the next level, and be deliberate in pursuing those.
Explore cybersecurity certifications for mid level cybersecurity professionals.
Find Out More
Communication
  • Understand communication styles used in different workplace situations and identify practices that strengthen trust with internal and external partners.
  • Develop strategies for negotiating and persuading others.
  • Discuss ways to manage interpersonal conflict in the workplace.
Develop and apply techniques to manage challenging workplace conversations and situations.
Find Out More
Finance
  • Develop strategies to overcome budgeting challenges and identify opportunities to support the budgeting strategy of the institution.
  • Cultivate strategic cross-institutional partnerships to help secure necessary funds for critical initiatives.
  • Use leadership skills to support budgeting efforts.
Develop strategies to overcome budgeting challenges and develop partnerships to secure necessary funds for critical workplace initiatives.
Find Out More
Project Management & Strategy
  • Develop a plan for engaging project stakeholders across campus.
  • Learn strategies to maximize the efficiency of meetings and individual work.
  • Employ techniques for prioritizing competing demands with limited resources.
  • Use strategic thinking to help others navigate organizational change and dynamics.
Understand how to prioritize and balance information security and privacy projects based on various factors.
Find Out More
Leadership & People Management
  • Evaluate opportunities for delegation and team or individual development.
  • Cultivate opportunities to practice giving and receiving feedback.
  • Develop a comprehensive approach to support employee performance and to maximize individual and team development.
Develop and apply your skills in conflict resolution, coaching, and accountability.
Find Out More
Change Management
  • Develop leadership skills to guide teams through change, inspire confidence, and rally support for new initiatives.
  • Learn and practice how to manage stakeholders effectively involves identifying key players, understanding their concerns, and communicating with them regularly to address issues and gain buy-in.
  • Develop and refine proficient project management skills to plan, execute, and monitor change initiatives, ensuring they stay on track and within scope.
  • Be intentional at becoming adept at resolving conflicts diplomatically to maintain team cohesion and focus on shared goals.
  • Become an advocate for change by actively promoting its benefits, addressing resistance, and fostering a culture of innovation and adaptability within the organization.
Complete the Prosci Change Management Certification Program to learn to apply change managment best-practices and research-based tools.
Find Out More
Assess

Take our self-assessment for mid-level professionals to help you identify your strengths and growth opportunities in the areas of communication, team development and optimization, financial management, and project management.

Assess

Assess your data literacy skills and abilities by taking the Data Literacy self-assessment. Understand your strengths and weaknesses in the areas of data security and privacy, data management, data analysis, and others.

Make Connections

Learn more about the National Initiative for Cybersecurity Education (NICE) and their mission to promote and coordinate a community working together to advance an integrated ecosystem of cybersecurity education and training.

Engage in Mentoring

Learn more about professional mentoring, and how to form and plan for a successful relationship.

Give Back

Become a Working Group member and collaborate closely with your peers from a variety of institutions to define solutions for new and existing challenges and create useful resources for the community.

Give Back

Have you started a project you would like to share with the broader higher education community? Propose a topic for a Working Group.

Think & Speak

Read the latest on information security, privacy, and risk in the EDUCAUSE Review Cybersecurity and Privacy channel or submit an article for review.

Show Up

Attend the EDUCAUSE Annual Conference or other events, designed for, and attended by, a global community of higher education professionals working with technology.

Show Up

Join our cybersecurity webinars featuring lively debates and the hot topics. Sign up for upcoming webinars or review recordings and slides from past presentations.

Learn

Enhance your technical skills with these seven top security certifications.

Learn

Take a course from the SANS Institute, which empowers cybersecurity professionals with knowledge and skills.

Learn

Take a deep dive into key resources in the field of cybersecurity.

Learn

Stay current with Top IT Issues, Technologies, and Trends to know what's important and where to focus your planning and management activities.

Advanced Level

7-19 years
9-21 years
7-19 years
7-19 years

Advanced-level positions in data and analytics include job titles like Director of Institutional Research, Director of Data Analytics, Director of Data Governance, Director of Data Architecture, and Deputy Chief Data Officer. These roles may be responsible for monitoring the operational functions of the team but are also engaged and embedded into the business units around campus to help other unit leaders make data-driven decisions. These roles may also lead a team of individuals, sometimes multiple teams.

Recommended Education

Master’s, MBA, PhD, or equivalent experience.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Leading and directing the activities of team leads, analysts, coordinators, and other data and analytics professionals.
  • Advising information technology and business executives on the status of data and analytics issues, especially those under your purview.
  • Contributing to enterprise-level policies and standards, leading incident response activities, and remediating data issues.
  • Implementing, designing, managing, and allocating all the data management measures within an organization.
  • Leading or co-leading institutional data governance processes and/or data management initiatives.

Advanced-level information security positions include information security manager, information security associate director, information security officer, information security architect, information security engineer, assistant director of information security, information security senior director, and others. People in those roles monitor the organization's information technology security system, are in charge of the institution's security risk management program, and act as advisors to executives.

Recommended Education

Bachelor’s degree in Information Security, Information Systems, or Computer Science or relevant experience. Certified Information Systems Security Professional (CISSP) or other equivalent certifications typically preferred. Information security, networking, server administration, and project management experience typically preferred.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Leading and directing the activities of integrated risk management team leads, analysts, coordinators, and other information security professionals.
  • Advising information technology and other executives on the status of technology risk and compliance issues.
  • Contributing to enterprise-level policies and standards, leading incident response activities, and remediating security issues.
  • Implementing, designing, managing and allocating all the technology security measures within an organization.
  • Monitoring the organization's information technology system to look for threats to security, and establishing protocols for identifying and neutralizing threats.

Advanced teaching and learning positions include job titles like senior instructional designer, director of academic technology, teaching and learning center director, and director of online learning. Professionals in these roles provide strategic oversight at the departmental level and usually lead teams. While not at the executive level yet, people in these roles are often the most senior representative subject matter expert in educational technology or learning design.

Recommended Education

Master’s, EdD, or PhD depending on career goals and institutional expectations.

Other options From Here

Interested in a career focused on organization-wide innovation? Take a look at the Innovation Pathway's advanced level.

You May Be Responsible For

  • Leading a team of learning professionals through the processes of course design, digital learning platform implementation, curriculum development, and staff training.
  • Maintaining current and relevant knowledge of higher education learning science.
  • Communicating with institutional leaders regarding the importance of student-centered teaching and learning practices.
  • Assisting with, or assigning team members to assist with, classroom technology, learning space design, faculty development, learning approaches, and evaluation needs.
  • Contributing to the institutional mission and vision regarding student success and teaching excellence.

Advanced-level positions in innovation include job titles such as director of innovation and instructional technology, director of lean transformation, and director of digital innovation and ecosystems. Professionals in these positions are responsible for directing and leading the operations of large innovation-related projects, often with managers and other staff reporting to them.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations

Other options From Here

Interested in a career path that focuses more specifically on teaching and learning? Take a look at the Teaching and Learning Pathway in the advanced level for options.

You May Be Responsible For

  • Directing an innovation center or an office for teaching effectiveness.
  • Directing work and/or initiatives supporting transformation across the organization.
  • Establishing a strategy for and operationalizing the scholarship of innovation on your campus.
  • Leading library innovation initiatives.

Advanced level positions in information technology include job titles such as director of analytics, director of client services, and director of network work services. Professionals in these positions are responsible for directing and leading the strategy and operations of large areas of information technology, often with managers and other staff reporting to them.

Recommended Education

Bachelor's, master's degree (or equivalent experience), certification in project management or change management, ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Teaching and Learning Pathway's advanced level for ideas.

You May Be Responsible For

  • Leading a team charged with the supervision of institutional information technology systems, including data, client experience, and web services.
  • Leading and developing central information technology teams of staff and student employees to oversee client relationships, service and help desk support, classroom technology, and information technology project management.
  • Collaborating with institutional stakeholders to make decisions for technology procurement and implementation.
  • Providing insight and leadership for institution web applications.
  • Provide strategy for technology roadmap to improve business operations, managing large scale IT projects or initiatives (i.e. data governance or data analytics).
  • Influencing and educating peers and others on needed alignments between operational and strategic goals.
  • Tracking and reporting of operational and strategic metrics.
  • Develop, manage and approve budgets and purchasing agreements.

Information Security Manager

Salary Range:
$81,000–$140,000

Information security managers are in charge of maintaining security protocols throughout their organizations. They are responsible for creating strategies to increase network and internet security related to different projects. They handle a team of information technology professionals to ensure easy access to data while maintaining high standards in terms of confidentiality and general data security.

See Active Job Descriptions

Information Security Associate Director

Salary Range:
$50,000–$120,000

Responsibilities of this role include directing the activities of integrated risk management team leads, analysts, and coordinators performing these functions; mentoring and motivating staff; measuring performance; and making continuous improvements. This role also acts as advisor to information technology and other executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.

See Active Job Descriptions

Information Security Officer

Salary Range:
$90,000–$130,000

In conjunction and in collaboration with other information technology systems and applications administrators, this position will assist in conducting network and information systems audits meant to identify, harden, and mitigate potential and actual security threats in the form of scanning, monitoring, and testing the network and systems for vulnerabilities. This position shall assist information technology management in ensuring the compliance of University systems to federal, state and local laws, rules, and ordinances; will develop controls to enforce IT security policies and compliance; will advise on the development, documentation and maintenance of disaster recovery plans; review risk assessments and support cyber incident response plans. The ISO along with the Security Analyst will be responsible for the configuration, deployment, optimization, and management of IT security-related tools. The role typically works with various departments on alert escalation and resolution and provides risk analysis metrics to leadership based on the output of these tools and is also responsible for assessing potential threats, such as malware or phishing alerts, and determining the validity of the alert and determining the best course of action to protect assets.

See Active Job Descriptions

Information Security Architect

Salary Range:
$83,000–$153,000

An information security architect is responsible for the network and computer security for the organization. At the early stages of the security life cycle, the security architect acts as a project leader to plan, research, and design elements of security. The security architect starts by creating a general design, planning intended features and functionality.

See Active Job Descriptions

Information Security Engineer

Salary Range:
$81,000–$141,000

Professionals in this role will work alongside customers, software developers, enterprise architects, information security, internal audit, compliance, and other stakeholders to build information security strategies and programs. Professionals contribute to enterprise-level policies and standards, lead incident response activities, and remediate security issues. They'll improve the ability of the organization to protect the confidentiality, availability, and integrity of their and their community's information assets.

See Active Job Descriptions

Assistant Director of Information Security

Salary Range:
$85,000–$120,000

Professionals in this role are responsible for the security risk management program, including building and maintaining roadmaps for initiatives and projects, risk assessments, incident response, operational management, regulatory and policy compliance, and ensuring the institution adheres to federal, state, and local regulatory controls.

See Active Job Descriptions

What inspires you? Inspiration, motivation, and admiration are all qualities that either help us get to the next step in our career or our personal lives or simply help us get the morning started.

Listen to the Podcast

Ravneet Chadha, Associate Vice President and Chief Data Officer, at University of Arizona

Andre Jenkins, Deputy Chief Information Security Officer, University of Pennsylvania.

Victoria Getis, Senior Director, Teaching & Learning Technologies, Northwestern University.

The gap will continue to widen between institutions that are starting to engage in digital transformation and those that have not. We asked five institutional leaders to share their unique projects that reflect a shift to Dx.

Listen to the Podcast
Lifelong Learning
  • Identify ways you and your team can support and address high-level campus-wide issues and priorities. Look for ways to connect the value of your division to organizational goals.
Explore cybersecurity certifications for advanced cybersecurity professionals.
Find Out More
Communication
  • Incorporate audience considerations into your communication approaches.
  • Identify ways to expand your professional network and influence in the organization.
  • Develop skills to communicate with and persuade senior leaders.
  • Identify techniques to successfully communicate in times of crisis.
Identify techniques to successfully communicate in times of crisis and develop skills to communicate with and persuade senior leaders.
Find Out More
Finance
  • Examine how your initiatives can create enterprise-level opportunities.
  • Assess higher education tools and resources for collecting data and streamlining processes.
  • Identify strategies for overcoming budget and resource constraints.
  • Use strategic planning to ensure the long-term success of the organization.
Identify strategies for overcoming budget and resource constraints.
Find Out More
Project Management & Strategy
  • Incorporate tactical and strategic thinking into your leadership approach.
  • Use enterprise architecture and other systems thinking techniques to inform strategic leadership decisions and to improve the decision-making abilities of others.
  • Monitor your portfolio by tracking KPIs and other relevant data.
Develop strategies to leverage individual motivators and keep staff engaged and for recruiting and retaining staff.
Find Out More
Leadership & People Management
  • Identify characteristics and models for effective governance.
  • Integrate equity, diversity, and inclusion practice into leading efforts.
  • Think broadly about higher education and future technology trends to anticipate institutional needs.
  • Implement strategies for maximizing performance with individuals and teams.* Consistently and proactively manage risk.
Use enterprise architecture and other systems thinking techniques to inform strategic leadership decisions.
Find Out More
Change Management
  • Excel in strategic planning to align change initiatives with overarching organizational goals and long-term vision.
  • Develop strong influencing and negotiation skills to garner support from key stakeholders, overcome resistance, and drive change forward.
  • Inspire and motivate teams, set clear direction, and navigate complexities with confidence and vision.
  • Develop expertise in organizational development to assess readiness for change, implement structural adjustments, and foster a culture of continuous improvement.
  • Leverage data analysis and critical thinking skills, in yourself and your team, to make informed decisions throughout the change process, ensuring strategies are evidence-based and outcomes are measured effectively.
Complete the Prosci Improve Project Health program in one day to learn how to achieve better project results.
Find Out More
Assess

Take our self-assessment for advanced-level professionals to help you identify your strengths and growth opportunities in the areas of communication, team development and optimization, financial management, project management, and more.

Make Connections

Attend or propose a Member QuickTalk to connect with others on timely information security topics like risk management, and security awareness.

Make Connections

Engage with other associations, like the National Association of College and University Business Officers (NACUBO) to broaden understanding of perspectives and issues.

Engage in Mentoring

Serve as a mentor to a new cybersecurity professional.

Give Back

Join the Cybersecurity Community Group that identifies challenges share strategies around information security governance, compliance, data protection, and privacy programs.

Give Back

Join an advisory or member committee and help shape EDUCAUSE programs by providing guidance and expertise to a particular area.

Give Back

Start or lead information security projects leveraging digital transformation, which help advance your institution’s mission.

Think & Speak

Facilitate Webinars, Learning Labs, and Institutes to stay connected and share knowledge. Find out more about serving as an Institute faculty member.

Think & Speak
Show Up

Attend professional development opportunities focused on key topics in the field of cybersecurity, including the annual Cybersecurity and Privacy Professionals Conference.

Learn

Take a look at the Showcase Series that takes a closer look at the EDUCAUSE Top 10, spotlighting the most urgent issues identified by the higher ed community each year.

Learn

Stay current on the key trends, emerging technologies, and practices shaping the future of information security with the Horizon Report, Information Security Edition, developed by a global panel of leaders from across higher education.

Learn

Encourage your team to apply for an EDUCAUSE scholarship to support their professional learning.

Learn

Learn how to put principles of DEI into practice using the EDUCAUSE Guide to Diversity, Equity, and Inclusion.

Learn

Ensure your entire team understands how to manage and respond to an incident.

Learn

Leverage this research to to significantly shorten your learning curve to be an effective change leader.

Unit Executive Level

Unit Executive Level

Unit Executive Level

Executive Level

Executive Level

11-27 years
11-50 years
11-27 years
11-27 years

Data professionals at the executive level typically report to a member of the President's Cabinet and are responsible for institutional data strategy and operations involving data governance, management, and analytics. These positions provide leadership and oversight for centralized and distributed teams involving all aspects of the effective and ethical use of data. Depending on institutional needs and maturity, these positions may be highly focused on specific aspects of data strategy and operations where only working knowledge of other component disciplines may be needed.

Recommended Education

Master’s, MBA, PhD, or equivalent experience.

Other options From Here

Interested in pursuing an alternative leadership career? Take a look at the information technology pathway's executive level for options.

You May Be Responsible For

  • Keeping abreast of latest technologies and managing vendor relationships associated with data governance, management, and analytics.
  • Ensuring that university procedures comply with internal and external regulations.
  • Compliance reporting to state and federal educational agencies, including accreditation and assessment activities.
  • Understanding, directing, and communicating methodologies for analyzing data and driving data literacy.
  • Coordinating with senior leaders across functional areas such as HR, Finance, Student Success, Enrollment Management, and others.

Unit executive level positions are typically members of the senior leadership team and work with constituents across the institution—faculty, staff, and students—to develop and deliver a comprehensive security and privacy program, including liaising with the campus general counsel on risk management and compliance activities. These positions may exist in Colleges of Medicine, Colleges of Law, or perhaps at a campus within a multi-campus district. Unit executives will need to have some familiarity with each level of information security work, from the strategic to the technical.

Recommended Education

Advanced degree in computer science, information technology, or related field. CIPP/US, CISSP, CISM, GIAC, or equivalent certifications, depending on career goals and institutional expectations.

Other options From Here

Interested in pursuing an alternative leadership career? Take a look at the information technology pathway's executive level for options.

You May Be Responsible For

  • Directing the development and delivery of an awareness and training program for students, faculty, staff, vendors, and other parties interacting with the institution’s data and services.
  • Planning and overseeing information security audits and risk assessments, such as penetration testing, tabletop exercises, and threat modeling, to drive information security prioritization and contribute to the institution’s risk management program.
  • Advising the institution’s counsel and leadership team on information security matters.
  • Defining and maintaining policies, standards, and practices for information and data security throughout the institution, encompassing on-premises and cloud technology, third-party engagements, and academic systems.
  • Serving as an active contributor and subject matter expert on projects that have security/privacy implications.
  • Reporting regularly on the posture of information security at the institution to the senior staff and the board of trustees.

Unit executive level roles in teaching and learning include job titles such as associate vice president online education, and associate provost for academic technology and innovation. These roles are often referred to as the Chief Academic Technology Officer, which can be a formal job title or a more informal institutional designation. Leaders in these roles guide institutional strategy in academic technology, online learning, and learning innovation.

Recommended Education

PhD or EdD depending on career goals and institutional expectations.

Other options From Here

Interested in an exploring an alternative career? Take a look at the Information Technology Pathway's executive level.

You May Be Responsible For

  • Providing strategic leadership for teaching and learning and academic technology across the institution, often overseeing multiple functional units.
  • Overseeing professional development programming for institutional teaching faculty.
  • Advocating for digital learning practices and informing academic colleagues of implementation processes.
  • Supervising academic planning, budget cycles, and digital learning plans for the institution and advising the president's office on teaching and learning needs.
  • Contributing leadership for accreditation requirements and strategic partnerships.

Executive-level positions in innovation include job titles such as assistant vice chancellor for instructional innovation and support, chief digital transformation officer, and chief innovation architect. Professionals in these positions are responsible for providing leadership for large areas and sometimes multiple departments within the institution, usually involving strategic planning, budget oversight, and institutional leadership for innovation initiatives.

Recommended Education

Master’s, MBA, MFA, JD, or doctoral degree based on personal goals and institution’s expectations

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Establishing and providing strategic direction for innovation initiatives on campus.
  • Reporting out results of innovation initiatives to stakeholders through presentation and benchmark data.
  • Overseeing all of the digital learning units on campus.
  • Guiding innovation priorities at the system level.
  • Applying change management principles across the institution to drive innovation.

This pathway represents a role that is increasingly complex and diverse and requires individuals who can embrace technological and human aspects of innovative practice and transformational changes.  It requires individuals to build and maintain relationships inside and outside of institutions.  This often includes effective relationships with board members or Regents, and community leaders such as City Officials.  The Institutional executive must also be prepared to make complex decisions in a politicized atmosphere.  While it is unreasonable to expect executives to know everything, that have to be skilled at forming questions and questioning.  The ability to communicate very complex concepts in generally understandable terms is critical.  The role is expanding beyond cost and performance responsibilities to drive transformation through IT as a core driver of of value through shaping of culture, workforce, and technological shifts that enable new educational and operational models.  The institutional executive also acts as a mentor and coach, to elicit growth and performance of those within the IT organization and to drive digital literacy across the enterprise.  Finally, they must be able to speak truth to power, to uncover weaknesses and be vulnerable and humble in the pursuit of excellence.  They are hired for strategy and fired for operations and thus must balance their efforts to drive innovation and change, while maintaining operational integrity, security, and reliability of IT services.  They must realize that they are primarily in the people business. They are able to recognize chaos driven by factors outside of institutional and leadership control, and plan for various scenarios and possible realities in advance.

Recommended Education

Master's or advanced/doctoral degree (or equivalent experience), in business or management, higher education administration or law. ITIL or IT service management training, depending on career goals and institutional requirements (see take action for more information).

Other options From Here

Interested in pursuing an alternative career? Take a look at the Information Security Pathway's executive level for ideas.

You May Be Responsible For

  • Developing teams to include the ability to attract and recruit top talent, motivate, delegate effectively, cultivate diversity within the team, manage performance, and be a strong developer of others.
  • Creating and articulating an inspiring vision for the organization, not only for the areas the CIO is directly responsible for but also for empowering and supporting the institution and the strategic plan.
  • Defining a shared, business-driven, institution-wide data strategy to improve access to data and standardize reporting.
  • Establish standards and processes to support more effective and efficient procurement of IT.
  • Support distributed student success at the institution and determine data governance required for universal tracking and reporting metrics.
  • Redesigning technology funding models to improve services and reduce duplication.
  • Developing a business-driven, institution-wide student retention management (CRM) strategy for most common use cases.
  • Enabling the enhancement of high-performance computing capabilities to advance institutional research and innovation.
  • Collaboratively implementing an enterprise identity and access management approach across the institution.
  • Developing an enterprise approach to security operations and maintain a risk-based security strategy that proactively stays ahead of evolving security threats.
  • Seeking and analyzing data from various sources to support decisions and align others with the organization's overall strategy.
  • Effectively balancing the desire and need for broad change with an understanding of how much change the organization can handle, what steps can be taken to expand the organization’s capacity to adopt change, and how to create realistic goals and implementation plans that are achievable and successful.
  • Enhancing institution-wide technology governance to improve collaboration, efficiency, and progress towards achieving a shared technology vision, and alignment with a system-wide strategic plan.

Information Security Senior Director

Salary Range:
$53,000–$190,000

An information security director is responsible for implementing, designing, managing, and allocating all the technology security measures within an organization. Information security directors have knowledge of technology strategy, enterprise architecture, and other security-related concepts similar to those of a chief information security officer. They may report directly to a chief information security officer and will take on this executive role in smaller organizations.

See Active Job Descriptions

Executive Information Security Director

Salary Range:
$145,000–$211,000

An information security director is typically responsible for implementing, designing, managing, and allocating all the technology security measures within an organization. This role oversees and directs the activities of integrated risk management team leads and is in charge of overseeing information technology security measures throughout a variety of organizations. They are responsible for every aspect of security, from protocols and incident response to staffing and budgets.

See Active Job Descriptions

Deputy Chief Information Security Officer

Salary Range:
$113,500–$320,000

The deputy chief information security officer is responsible for partnering with the chief information security officer in maintaining an organization-wide, global information risk management program and cybersecurity organization. Other responsibilities may include managing a staff of information security analysts; collaborating with security officers to identify needs, requirements, and gaps in institutional security programs; developing and delivering security-related services for use in conducting risk assessments and overseeing risk assessments; coordinating the planning and delivery of strategic security services; leading working groups to maintain systemwide policies; developing metrics to measure the effectiveness of institutional security programs; and developing and managing operating and special-purpose budgets, among others.

See Active Job Descriptions

Information Security Consultant

Salary Range:
$85,000–$180,000

Security consultants assess all security measures for their organization or for client organizations. They analyze security systems, study potential breaches, and supervise the implementation of solutions. They may oversee security operations for their organization, helping the organization to understand where their cybersecurity measures may need patching. The person in this role is primarily responsible for execution of various engagement security objectives within assigned areas. This includes performing security assessments, participating in project scoping, leading meetings with clients, and independently conducting testing. An information security consultant will also have strong communication skills, including the ability to participate in project reporting and clearly articulate security issues to the client and internal team.

See Active Job Descriptions

John O'Brien, EDUCAUSE CEO and President, talks with Mike Corn, CISO for the University of California San Diego, and Cheryl Washington, CISO, for the University of California Davis, about the increasing relevance of the Chief Information Security Officer role.

Listen to the Podcast

Rana Glasgal, Vice Provost for Data & Analytics at Northeastern University

Kate Hash, Assistant Vice Chancellor for Customer Experience, University of North Carolina at Chapel Hill.

Many colleges and universities want to innovate. But are they ready to innovate? Watch this video on keeping pace with innovation.

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Continue to build your network with executive-level professionals inside and outside your division and institution. Look for opportunities to lead in your profession, at the regional or even national level.
Explore and plan for cybersecurity certifications for your cybersecurity team.
Find Out More
Communication
  • Demonstrate contract negotiation skills.
  • Identify communication strategies to engage stakeholders across campus.
  • Employ effective communication strategies to build workplace relationships at all levels.
Understand how to leverage leadership influence, guiding teams towards shared goals. Acquire strategic negotiation skills to navigate complexities and attain favorable outcomes.
Find Out More
Finance
  • Develop understanding of your organization's infrastructure, financial processes, and funding models.
Hone business acumen skills for strategic efforts, developing a communication strategy for initiatives, and enhancing influence and business skills.
Find Out More
Project Management & Strategy
  • Prioritize the use of relevant data to make effective decisions, propose solutions, and set benchmarks.        
  • Use sound decision-making that aligns with the mission and vision of your organization.
  • Develop and demonstrate vendor management skills.
  • Develop strategic goals through research, planning, and systems thinking.
Leadership & People Management
  • Think broadly about higher education and future technology trends to anticipate institutional needs.
  • Demonstrate ethical decision-making and behavior.
  • Develop and remain attuned to faculty culture and dynamics.
  • Assess hiring and recruitment practices to maximize a talented and diverse workforce.
  • Use a risk-based approach to change organizational behaviors.
Cultivate resiliency and develop strategies to work through adversity in the workplace.
Find Out More
Change Management
  • Articulate a compelling vision for change, setting strategic direction, and inspiring teams to achieve ambitious goals.
  • Practice making strategic decisions swiftly and decisively, considering the long-term impact of change initiatives on the organization's mission, objectives, and stakeholders.
  • Become adept at crisis management, effectively navigating unexpected challenges and mitigating risks to ensure business continuity during periods of significant change.
  • Communicate change initiatives clearly and persuasively to all stakeholders, fostering transparency, trust, and alignment throughout the organization.
  • Sponsor and champion change, allocating resources, removing barriers, and holding teams accountable for achieving desired outcomes.
Effective executive sponsorship is the greatest contributor to successful change, complete Prosci's Sponsor briefing to effectively lead change at the institutional level.
Find Out More
Assess

Complete this Digital Transformation Institutional Self-Assessment to understand your institution’s capabilities for digital transformation in strategic innovation; data and analytics; institutional alignment, flexibility and agility; diversity, equity and inclusion; and transformation of work and skills.

Assess

Use EDUCAUSE Analytics Services to identify peer institutions, learn more about technology solutions, and review benchmarking resources.

Make Connections

Engage with other associations, like the Association of Governing Boards of Universities and Colleges, and broaden your leadership.

Make Connections

Explore and join any of the cybersecurity and privacy Community Groups to share strategies about information security governance, compliance, data protection, and privacy programs or other security-related topics.

Engage in Mentoring

Serve as a mentor to a current cybersecurity professional or someone considering a career in information security.

Give Back

Start or lead information security projects leveraging digital transformation, which help advance your institution’s mission.

Think & Speak

Teach in one of the EDUCAUSE leadership and management Institutes to stay connected and share knowledge. Find out more about serving as an Institute faculty member.

Think & Speak

Attend or speak at higher education events to advocate for cybersecurity and privacy concerns.

Think & Speak

Learn more about effective cybersecurity governance at your institution.

Learn

Browse our Cybersecurity and Privacy Guide featuring toolkits, case studies, effective practices, and recommendations to support information security programs and initiatives.

Learn

Leverage EDUCAUSE’s DEI book recommendations for suggestions provided by community members.

Learn

Learn more about how to improve organizational diversity in this CIO Minute interview.

Learn

Encourage your team members to apply for an EDUCAUSE scholarship to support their professional learning.

Learn

Learn more about the Higher Education workforce with our suite of reseach reports.

Institutional Executive Level

19-50 years
3-11 years
19-50 years
19-50 years

Under the general direction of the vice chancellor, president, and/or CIO, institutional executive-level positions are typically responsible for the development and delivery of a comprehensive, university-wide or district-wide information security and privacy program. These positions help inform and provide strategic guidance around information security to the CIO, the members of the institutional senior management team, the Board of Trustees, and the broader institutional community.

Recommended Education

Advanced degree in computer science, information technology, or related field. CIPP/US, CISSP, CISM, CCSP, CEH, GIAC, or equivalent certifications, depending on career goals and institutional expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Staying current on the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the institution and its mission.
  • Coordinating the development of institutional information security policies, standards, and procedures. Working with key information technology offices, data custodians, and governance groups in the development of such policies. Ensuring that university policies support compliance with external requirements.
  • Serving as the university compliance officer with respect to institutional, state, and federal information security policies and regulations, and submitting required reports to external agencies.
  • Leading and overseeing incident reporting and response systems to address security incidents, responding to alleged policy violations, or complaints from external parties, and serving as the official contact point for information security, privacy, and copyright infringement incidents, including maintaining relationships with law enforcement entities.
  • Coordinated with third party vendors and vendor contract procurement. Supports security screenings such as the HECVAT and VPAT.

Institutional Executive Teaching and Learning include job titles such as Chief Online Learning Officer; Vice-Chancellor, Academic Affairs; and Associate Vice President of Academic Affairs. These roles are typically positioned at the institutional or district level of the organization and are responsible for providing institution-wide leadership, supervision, guidance, and direction for all educational programs, faculty and staff, and instructional policies and procedures. They may also provide leadership and supervision for academic support services, including tutoring, testing and assessment, and library services.

Recommended Education

PhD or EdD depending on career goals and institutional expectations.

Other options From Here

Interested in other senior leadership options? Consider the Innovation Pathway's institutional executive level.

You May Be Responsible For

  • Overseeing university curricula.
  • Providing leadership for evaluating and ensuring quality in all aspects of instructional and educational programs.
  • Directing budget preparation for the academic and academic-related programs.
  • Recommending, developing and implementing instructional policies, procedures, and practices that foster and promote student learning throughout the organization.
  • Building an innovative culture and guiding innovation process throughout the organization.

Institutional executive-level positions in innovation include job titles such as chief learning and innovation officer, vice president for research and innovation, and vice president for strategy and innovation. Professionals in these positions work with other executives and provide leadership for institution-wide initiatives and strategy.

Recommended Education

Master’s, MBA, or doctoral degree based on personal goals and institution’s expectations.

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Representing the institution externally.
  • Directing institutional strategic planning and goal-setting.
  • Guiding partnerships with other institutions or industry.
  • Overseeing the transformation of every business process.

Early Level Information Technology lorem ipsum

Recommended Education

Recommended education for Info Sec early level

Other options From Here

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

You May Be Responsible For

  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet
  • Lorem ipsum dolor sit amet

Chief Information Security Officer

Salary Range:
$168,000–$275,000

The chief information security officer provides institutional community awareness and training, strategic guidance, and technical leadership for a comprehensive, institution-wide information security and IT risk management program. This role typically directs an Office of Information Security composed of identity and access management, privacy, security consulting, and operations. This position may develop and lead outreach, communication, and education efforts to raise university-wide awareness of information security risk, requirements, and solutions; provides strategic and technical guidance and oversight in the design and implementation of appropriate security processes for university-wide information systems; recommends and oversees the monitoring of computing practices to prevent and recover from security breaches, and directs the handling of security incidents when breaches occur. The chief information security officer may oversee both the technical and policy aspects of digital identity as well at the institution’s privacy program and cyber compliance program.

See Active Job Descriptions

Associate Vice President of Cybersecurity

Salary Range:
$108,000–$162,000

This role is typically responsible for leading both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this person may be responsible for leading investigations into security threats, working with internal and external groups to ensure the cybersecurity program is operating effectively and efficiently, and developing strong partnerships across the organization to ensure information assets are protected at the appropriate level. This position may also coordinate with senior IT security leaders to set direction and operation of the group; prepare roadmaps, guidelines, and direction for the department; communicate critical threats and remediation efforts for the enterprise; create, analyze, and communicate security metrics to senior leadership; design and monitor secure access to the network infrastructure; participate in emergency response team activities; and develop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems.

See Active Job Descriptions

Vice President of Information Technology Security

Salary Range:
$195,000–$305,000

The vice president of information technology security will plan and implement hardware, software, cybersecurity, databases, network resources, telecommunications, cabling, card access software, security cameras, and other information technology processes for the entire Institution. They may also direct information technology research, making recommendations for improvements and communicating changes; lead and train information technology department staff; establish department goals to support college priorities; monitor and report on information technology projects; provide appropriate professional development for college technology users; create and maintain a culture of exemplary customer service and quality; consistently report on daily work orders, project updates, data retrieval, and recommendations; and serve as the primary communicator for all technology-related updates and issues.

See Active Job Descriptions

Chief Privacy Officer

Salary Range:
$120,000–$150,000

A Chief Privacy Officer (CPO) is a corporate executive charged with developing and implementing policies designed to protect employee and customer data from unauthorized access. Other elements of the CPO job include maintaining a comprehensive and current knowledge of both corporate operations and privacy laws, as well as communicating details of the company's privacy policy to staff and customers alike. The CPO is typically the organization's point person for media and other external inquiries about privacy-related matters. To effectively meet the challenges of the job, the CPO must work in cooperation with other C-level executives, particularly those whose areas of concern overlaps, such as the Chief Information Officer (CIO), the Chief Security Officer (CSO), the Chief Data Officer (CDO) and the Chief Compliance Officer (CCO). In some instances, the CPO oversees multiple roles handling both compliance and legal consultation on data privacy matters. They are also the Data Point Administrator for GDPR and other International Data Privacy Regulatory bound agreements.

See Active Job Descriptions

Chief Data Officer

Salary Range:
$135,000–$250,000

The Chief Data Officer (CDO) is the chief data strategist at the institution and is responsible for leading data governance and fostering a data-driven decision-making culture to enable effective student success strategies. The CDO provides strategic leadership for and overall management of data processes and systems including the utilization of data to support student success. This includes the effective use of data for reporting, analysis, and actionable insight; the management and coordination of institutional data for a wide range of uses including accreditation; external reporting; student enrollment; course offering optimization; student engagement; retention and success; and student support services.

See Active Job Descriptions

Emily Harris, Director of Cybersecurity, Marist College

Looking at info techas a career path can be intimidating, but many working in this field didn't start out with intentions to work in cybersecurity. In this podcast, we ask several higher education cybersecurity professionals how they would encourage others to consider cybersecurity as a career option.

Listen to the Podcast

Shawn Miller, Associate Provost for Digital Learning and Strategy at Rice University.

Lorem ipsum dolor sit amet.

This is some text inside of a div block.
Lifelong Learning
  • Take the time to lead your profession through service on advisory boards, consortiums, and professional associations.
Support others in higher education by sharing your expertise and experience as a faculty member in one of our Institutes.
Find Out More
Communication
  • Develop and practice board-level communication skills.
  • Refine your ability to speak publicly to the media, the local community and other public, external communication channels.
Explore collaboration frameworks, the power of leadership influence, and negotiation to advance institutional initiatives and strategic objectives.
Find Out More
Finance
  • Develop metrics to measure the effectiveness of institutional security programs, and develop and manage operating and special-purpose budgets to support those programs.
Project Management & Strategy
  • Practice institutional-level strategic planning and execution skills.
  • Act as a thought leader for your organization, profession, and industry.
  • Represent your organization at the national level.
Learn how to utilize data and analytics, national trend data, or local data to support finance, resource allocation, and institutional research.
Find Out More
Leadership & People Management
  • Develop partnership-building skills with external organizations.
  • Employ institutional-level change management skills and serve as a resource for developing change management capacity.
Learn how to advance and support women’s leadership.
Find Out More
Change Management
  • Align organizational objectives with the desired outcomes of the change initiative.
  • Champion the change initiative and fostering a culture of openness and adaptability.
  • Advocate for resources and support necessary to implement the change effectively.
  • Influence key stakeholders to gain buy-in and support for the change initiative.
  • Build change management capabilities within the organization through training, coaching, and mentorship.
Equip your leadership team with skills to build successful change capability with the Prosci Enterprise Change Management Boot Camp.
Find Out More
Assess

Be deliberate about investing in the professional development and growth of your team members. Encourage them to assess their current skills as a starting point to create a professional roadmap. Go to "Assess" under each professional level.

Assess

Take the Higher Education Generative AI Readiness Assessment designed to provide a sense of your institution’s preparedness for strategic AI initiatives.

Engage in Mentoring

Thinking about a senior leadership role? Participate in complimentary one-on-one executive career coaching with an executive recruiter at the annual conference and online.

Give Back

Learn more about becoming an EDUCAUSE Board Member and to advance higher education, serving as the voice of community members in EDUCAUSE governance and ensuring that the association is responsive to the needs of our diverse community.

Give Back

Attend a Member QuickTalk to connect with others on timely information security topics like risk management, and security awareness.

Think & Speak

Facilitate Webinars, Learning Labs, and Institutes to stay connected and share knowledge. Find out more about serving as an Institute faculty member.

Think & Speak

Give guest lectures to engage with, raise awareness about, and better understand information security needs of students, faculty, and other key stakeholders.

Show Up

Join the Cybersecurity and Privacy Professionals Conference Program Committee, which brings together information security and privacy professionals, IT staff, and others from across the higher education community.

Learn

Review the EDUCAUSE Welcome and How-To Kit for Chief Privacy Officers in Higher Education.

Learn

Serve on the Horizon Report, Information Security Edition panel to help others stay current on key trends, emerging technologies, and practices shaping the future of information security.

Learn

Keep up with federal policy developments with implications for higher education

Ways to Keep Growing

Throughout and beyond your information security career, there are ways to keep contributing and providing thought leadership to the profession that may fall outside of the particular career levels identified above. Explore ways to make connections, to continue leading, and to support other professionals and institutions with your hard-earned expertise and experience.

Assess

Take the Higher Education Generative AI Readiness Assessment designed to provide a sense of your institution’s preparedness for strategic AI initiatives.

Make Connections

Look for opportunities to build relationships with information security leaders outside of higher education by participating in leadership and networking programs.

Show Up

Join the Cybersecurity and Privacy Professionals Conference Program Committee, which brings together information security and privacy professionals, IT staff, and others from across the higher education community.

Show Up

Attend trainings and conferences outside of higher education.

Learn

Facilitate Webinars, Learning Labs, and Institutes to stay connected and share knowledge. Find out more about serving as an institute faculty member.

Learn

Learn about the latest solutions in artificial intelligence, cybersecurity, data governance, and others.

Learn

Prepare your team to support the transformation of your organization by learning how to be change practitioners, at any professional level.

Educause Professional Pathways