Information Security Risk Manager - Remote - 127631

Special Selection Applicants: Apply by 02/16/2024. Eligible Special Selection clients should contact their Disability Counselor for assistance.

Candidates hired into this position may have the ability to work remotely.

Position is for a leader on the Information Security Risk team that supports the mission for UC San Diego Health and Health Sciences reporting to the Director of Information Security. Mission includes: academics for medicine and pharmaceutical sciences, research, patient care, clinical technologies, innovations and partnerships to create a healthier world by improving healthcare in San Diego and beyond.

Information Security (InfoSec) Risk Manager is the top subject matter expert who leads and oversees the day-to-day activities performed by the team. Activities include: risk assessments, audit response, audits for compliance of information security policies and contractual requirements, vulnerability management program and e-discovery.

Risk assessments are conducted to determine if the vendor, service, application or system meets the Universities’ information security requirements as defined in policy and adherers to regulatory and data privacy law requirements.

This position will oversee the execution of the vulnerability management program by identifying vulnerabilities that need to be addressed, notifying teams responsible for managing the system and tracking progress of addressing the vulnerability.

It is the responsibility of the manager of the InfoSec Risk team to stablish and consistently improve workflows of the team to be efficient and meet the organization’s needs.

• Eleven (11) years of related experience, education/training, OR a Bachelor’s degree in related area plus seven (7) years of related experience/training. Related Experience: Experience leading the implementation and managing security tools used for monitoring or protecting systems and experience being the subject matter expert for technical support teams needing guidance on how to implement security configurations. Experience leading cybersecurity investigations and leading a vulnerability management program. Experience being the subject matter expert for security tools used to monitor or protect systems. Installed, configured and managed a number of enterprise systems for a healthcare organization. Experience auditing compliance of cybersecurity frameworks or compliance and measuring maturity levels.

• Professional experience and proven success, monitoring, detecting, protecting and maintaining the security of data, systems and networks using IT security systems and tools.

• Experience assessing compliance and cyber risk for an academic medical system.

• Expertise with HIPAA and other healthcare data protection and security requirements as defined by HHS.

• Expert interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.

• Expert experience using IT security systems and tools.

• Demonstrated skills applying security controls to computer software and hardware.

• Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.

• Expert knowledge of data protection requirements defined in privacy laws.

• Expert knowledge and extensive experience assessing cybersecurity risks.

• Demonstrated knowledge of secure hardware, software and network design techniques.

• Demonstrated skill at analyzing and preventing security incidents of high complexity.

• In-depth knowledge of computer hardware, software and network security issues and approaches.

• Expert knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures.

• Thorough knowledge of other areas of IT and In-depth knowledge and understanding of department and campus, medical center or Office of the President processes and procedures.

• Experience leading a team of IT professionals.

• Experience interfacing with upper management on a regular basis.

• Recognized as subject matter expert.

• Must be able to work various hours and locations based on business needs.

• Employment is subject to a criminal background check and pre-employment physical.

Pay Transparency Act

Annual Full Pay Range: $124,400 - $243,600 (will be prorated if the appointment percentage is less than 100%)

Hourly Equivalent: $59.58 - $116.67

Factors in determining the appropriate compensation for a role include experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. The Hiring Pay Scale referenced in the job posting is the budgeted salary or hourly range that the University reasonably expects to pay for this position. The Annual Full Pay Range may be broader than what the University anticipates to pay for this position, based on internal equity, budget, and collective bargaining agreements (when applicable).

If employed by the University of California, you will be required to comply with our Policy on Vaccination Programs, which may be amended or revised from time to time. Federal, state, or local public health directives may impose additional requirements.

If applicable, life-support certifications (BLS, NRP, ACLS, etc.) must include hands-on practice and in-person skills assessment; online-only certification is not acceptable.

UC San Diego Health is the only academic health system in the San Diego region, providing leading-edge care in patient care, biomedical research, education, and community service. Our facilities include two university hospitals, a National Cancer Institute-designated Comprehensive Cancer Center, Shiley Eye Institute, Sulpizio Cardiovascular Center, the only Burn Center in the county, and and dozens of outpatient clinics. We invite you to join our team!

Applications/Resumes are accepted for current job openings only. For full consideration on any job, applications must be received prior to the initial closing date. If a job has an extended deadline, applications/resumes will be considered during the extension period; however, a job may be filled before the extended date is reached.

To foster the best possible working and learning environment, UC San Diego strives to cultivate a rich and diverse environment, inclusive and supportive of all students, faculty, staff and visitors. For more information, please visit UC San Diego Principles of Community .

UC San Diego Health is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity or sexual orientation. For the complete University of California nondiscrimination and affirmative action policy see: http://www-hr.ucsd.edu/saa/nondiscr.html

UC San Diego is a smoke and tobacco free environment. Please visit smokefree.ucsd.edu for more information.

UC San Diego Health maintains a marijuana and drug free environment. Employees may be subject to drug screening.