INFORMATION SECURITY MANAGER

University of Texas Rio Grande Valley, United States

Updated: 19 days ago
Location: Rio Grande City, TEXAS
Deadline: ;

Posting Details
Position Information


Posting Number SRGV7566
Working Title INFORMATION SECURITY MANAGER
Number of Vacancies 1
Location Edinburg, Texas
Department Information Security
FTE 1
FLSA Exempt
Scope of Job
Responsible for the management and operations of the Regional Security Operations Center (RSOC). Provides leadership for a dynamic team of cybersecurity professionals and students in ensuring security of RSOC participants digital assets, infrastructure, and data.
Description of Duties
  • Provides leadership and management to the Regional Security Operations Center (RSOC) activities, including incident response and threat monitoring, ensuring security of participants digital assets, infrastructure and data and the center’s operations.
  • Oversees all RSOC activities such as RSOC incident response, threat monitoring, and the development and implementation of SOC daily operations, including oversight of technical and non-technical services.
  • Assists the Chief Information Security Officer (CISO) in planning and defining the information security, cybersecurity, and data protection strategy and road map for the RSOC.
  • Assists in coordinating cyber investigations, incident response, and forensics to include root cause analysis and post-incident reporting.
  • Leads, mentors, and manages a team of RSOC analysts and other assigned employees.
  • Fosters a culture of continuous improvement, learning, and development within the RSOC.
  • Responsible for assessing, developing, and executing staffing plans, including the hiring, and training of new RSOC team members.
  • Incorporates the principles of privacy-by-design in all aspects of information security.
  • Ensures the Security Operations Center (SOC) is operational 24/7 for continuous monitoring and timely response to security events and incidents.
  • Coordinates the collection and development of metrics and reports.
  • Develops and maintains RSOC policies, procedures, playbooks, response checklists, and runbooks and ensures adherence to federal, state, UT System and University rules and regulations.
  • Implements and manages threat detection, prevention, and other RSOC tools or technologies.
  • Oversees the management of vendor and partner relationships.
  • Oversees the recruitment and onboarding of new partner organizations.
  • Assists with IT security planning and compliance reporting as needed.
  • Serves as a member of the IT-CERT team.
  • Keeps current with IT network security and recommends improvements for disaster recovery, business continuity, intrusion detection, incident remediation, monitoring of network and bandwidth resources, and other pertinent security software and utilities.
  • Keeps current with advancements in information security, threats, organizational development practices.
  • Evaluates and recommends new information security policies, procedures, standards, guidelines, tools, technologies, organizational changes, etc.
  • Actively participates in the higher education security community such as Educause, REN-ISAC, Unisog, etc.
  • Participates in internal/external university committees and meetings and with the UT System Security Council.
  • Performs other duties as assigned.
Supervision Received
General supervision from assigned supervisor.
Supervision Given
Direct supervision of assigned staff.
Required Education
Bachelor’s degree from an accredited university in information security, information technology, computer sciences, risk management, or closely related field.
Preferred Education
Master’s degree in cyber security, business, or similar field from an accredited University.
Licenses/Certifications
Preferred: Certified Information Systems Security Professional (CISSP) or similar.
Required Experience
  • Four (4) years of professional experience in Information Security, Identity and Access Management, Payment Card Industry (PCI), application security, networking, or device security including experience conducting risk assessments and identifying effective risk mitigation strategies;


or
  • Bachelor’s degree in unrelated field from an accredited university with five (5) years of the required experience.

or
  • Master’s degree in information or cybersecurity from an accredited university with (2) years of the required experience.

Required experience can be substituted for up to two (2) years of education on a 1-for-1 basis.
Preferred Experience
Knowledge and experience with programing and computer languages such as SQL, PowerShell, Python, or similar. Experience in managing, configuring, deploying, and monitoring security infrastructure. Experience with standard concepts, practices, and procedures for security operation centers to include supervisory experience.
Equipment
Proficiency in the use of a personal computer and applicable software necessary to perform work assignments e.g. word processing, spreadsheets (Microsoft Office preferred). Use of standard office equipment.
Working Conditions
Needs to be able to successfully perform all required duties. Work is performed primarily in a general office environment. Exposure to standard office conditions. Indoor activity, exposure to fluorescent lighting, computer emissions, and confined space. Frequent use of personal computer, copiers, printers, and telephone. Frequent standing, sitting, listening, and talking. Frequent work under stress, as a team member, and in direct contact with others. Job involves moderate amount of walking daily, occasional bending and stooping and infrequent lifting and climbing. Some travel and weekend work is required, including travel to meetings and training outside the area. May work extended hours. UTRGV is a distributed institution, which may require presence at multiple locations throughout the Rio Grande Valley.
Other
Strong attention to detail and ability to problem solve. Ability to function independently and as a team player in a fast-paced environment. Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams. Knowledge of security best practice standards such as the Center for Internet Security (CIS) Top 20 Critical Security Controls, NIST Cybersecurity Framework and OWASP. Exceptional planning and organizational skills. Demonstrated ability to perform independent research and apply critical reasoning skills to solve technical issues. Familiarity with information security compliance and best practices, including COBITS, PCI, NIST, ISO, CJIS, and information security related federal and state laws and regulations, including privacy protection, identity protection, HIPAA, FERPA, records retention requirements, and CALEA. Ability to multitask and self-manage assigned projects and daily tasks in an environment with shifting priorities. Ability to follow established procedures, even in a high-pressure situation. Excellent communication skills, verbal and written, including the ability to convey technical information to a non-technical audience. Knowledge of and familiarity with Cloud security practices, network operating systems, endpoint devices, Active Directory, ITSM, Amazon Web Services, Environment and PII vulnerability scanning, Office 365, Splunk or similar. Ability to independently analyze Information Security Threat Intelligence and vulnerability information and provide recommendations for remediation. Ability to coordinate IT security and compliance projects to meet legal, regulatory, and contractual guidelines.
Physical Capabilities
N/A
Employment Category Full-Time
Minimum Salary Commensurate with Experience
Posted Salary Commensurate with Experience
Position Available Date 05/16/2024
Grant Funded Position No
If Yes, Provide Grant Expiration Date

Posting Detail Information


EEO Statement
It is the policy of The University of Texas Rio Grande Valley to promote and ensure equal employment opportunities for all individuals without regard to race, color, national origin, sex, age, religion, disability, sexual orientation, gender identity or expression, genetic information or protected veteran status. In accordance with the requirements of Title VII of the Civil Rights Act of 1964, the Title IX of the Education Amendments of 1972, Section 504 of the Rehabilitation Act of 1973, and the Americans with Disabilities Act of 1990, as amended, our University is committed to comply with all government requirements and ensures non-discrimination in its education programs and activities, including employment. We encourage women, minorities and differently abled persons to apply for employment positions of interest.
Special Instructions to Applicants
Dear Applicant, Human Resources will not be held responsible for redacting any confidential information from the documents you attach with your application. The confidential information includes the following: *Date of Birth *Social Security Number *Gender *Ethnicity/Race Please make sure that you omit this information prior to submission. We are advising that Human Resources will be forwarding your application to the department as per your submission. If you have any questions, please do not hesitate to contact us at (956)665-2451 and/or [email protected].
Additional Information
UTRGV is a distributed location institution and working location is subject to change based on need.
All UTRGV employees are required to have a criminal background check (CBC). Incomplete applications will not be considered.
Substitutions to the above requirements must have prior approval from the VP of HR & Talent Development .
Quick Link https://careers.utrgv.edu/postings/42909