Current University of Arkansas System employees, including student employees and graduate assistants, need to log in to Workday via MyApps.Microsoft.com , then access Find Jobs from the Workday search bar to view and apply for open positions. Students at University of Arkansas System two-year institutions will also view open positions and apply within Workday by searching for “Find Jobs for Students”.
All Job Postings will close at 12:01 a.m. CT on the specified Closing Date (if designated).
If you close the browser or exit your application prior to submitting, the application process will be saved as a draft. You will be able to access and complete the application through “My Draft Applications” located on your Candidate Home page.
Closing Date:
Type of Position:
Senior Professional Staff - Information Technology
Workstudy Position:
No
Job Type:
Regular
Work Shift:
Sponsorship Available:
No
Institution Name:
University of Arkansas, Fayetteville
Founded in 1871, the University of Arkansas is a land grant institution, classified by the Carnegie Foundation among the nation’s top 2 percent of universities with the highest level of research activity. The University of Arkansas works to advance Arkansas and build a better world through education, research and outreach by providing transformational opportunities and skills, promoting an inclusive and diverse culture and climate, and nurturing creativity, discovery and the spread of new ideas and innovations.
The University of Arkansas campus is located in Fayetteville, a welcoming community ranked as one of the best places to live in the U.S. The growing region surrounding Fayetteville is home to numerous Fortune 500 companies and one of the nation’s strongest economies. Northwest Arkansas is also quickly gaining a national reputation for its focus on the arts and overall quality of life.
As an employer, the University of Arkansas offers a vibrant work environment and a workplace culture that promotes a healthy work-life balance. The benefits package includes university contributions to health, dental, life and disability insurance, tuition waivers for employees and their families, 12 official holidays, immediate leave accrual, and a choice of retirement programs with university contributions ranging from 5 to 10% of employee salary.
Below you will find the details for the position including any supplementary documentation and questions, you should review before applying for the opening.
If you have a disability and need assistance with the hiring process, please submit a request via the Disability Accommodations | OEOC | University of Arkansas (uark.edu) : Request an Accommodation. Applicants are required to submit a request for each position of which they have applied.
For general application assistance or if you have questions about a job posting, please contact Human Resources at 479.575.5351.
Department:
Cybersecurity
Department's Website:
Summary of Job Duties:
Under the direction of the University of Arkansas Chief Information Security Officer (CISO), the Deputy Chief Information Security Officer assists with the development and delivery of an information security program at the University. The scope of this program is university-wide, and the purpose is to protect
University information and its infrastructure from threats; ensure the confidentiality, integrity, and availability of University data; and that the University complies with statutory and regulatory requirements.
This position oversees and manages a team of security specialists that provide cybersecurity services including:
• Governance, Risk and Compliance (GRC) activities and serves as a liaison with University Enterprise Risk Management initiatives,
• Developing and maintaining cybersecurity and information technology policies/procedures,
• Systems and network security monitoring,
• Penetration testing and other security assessment processes,
• Firewall and related infrastructure management,
• Network traffic analysis,
• Cybersecurity consulting for the University community, and
• Consults with leadership on security matters such as security frameworks and strategic planning.
The Deputy CISO will mentor security staff and student employees within the group. Provide, promote and support professional development of staff and maintenance of certifications supporting cybersecurity work.
Essential Functions
1. Supervisory responsibility for cybersecurity employees including training, evaluating, and making or recommending pay, promotion or other employment decisions.
2. Mentors the Cybersecurity team members and implements professional development plans for all members of the team.
3. Provides assistance and guidance with Network Security to include:
a. Network, device and Web application firewalls for on-premise network and cloud environments.
b. Design and configuration of security systems including firewalls, IDS/IPS, and remote access.
c. Oversee monitoring systems for network server, firewall, network, remote access, and application anomalies.
d. Create infrastructure designs of current and future network designs and incorporates appropriate mitigation of existing and emerging threats.
e. Identifies security design gaps in existing and proposed network architecture and recommends changes/enhancements.
4. Assist with cybersecurity operations to include:
a. Lead the security team to ensure continuous monitoring of cybersecurity events.
b. Provide guidance and lead the University’s Data Loss Prevention (DLP) Strategies and processes.
c. Provide guidance and lead cybersecurity awareness and training to include phishing campaigns as well as cyber hygiene, computing best practices, and regulatory compliance training.
d. Provide guidance and strategic planning for Security Incident Event Management (SIEM), both in the cloud and on premises.
e. Provide and lead education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities.
f. Work with campus groups such as distributed Information Security Liaisons to build awareness and a sense of common purpose around security.
5. Provide assistance with Governance, Risks and Compliance by:
a. Coordinating the development of University information security technical standards, guidelines and procedures based on a recognized framework of best practices
b. University, State of Arkansas, and federal policies and regulations such as FERPA, CMMC, and GLBA.
c. Assisting with Risk Analysis and Risk Management.
d. Assisting with Security and Compliance reviews.
e. Assisting with the creation of System Security Plans (SSPs).
f. Stays fully informed of current information security issues and regulatory changes affecting higher education at the state and national level,
6. Participate in national policy and practice discussions and communicate to campus on a regular basis about those topics.
7. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
8. Performs special projects and other duties as assigned.
Regular, reliable, and non-disruptive attendance is an essential job duty, as is the ability to create and maintain collegial, harmonious working relationships with others.
Qualifications:
Minimum Qualifications:
Bachelor's Degree from an accredited institution in Business Administration, Management, Computer Engineering, Computer Science, Information Systems, or a related field
This position requires industry-standard Information Assurance certifications appropriate to the position: (Certified Information Security Manager (CISM), Certified Information Systems Security Professional, (CISSP) or equivalent)
Demonstrated successful experience in information technology that includes at least 8 years of progressively responsible experience in information security
Must possess full or advanced proficiency and understanding of Security Operations, Security Operations Center (SOC) processes, Network Security, and Cybersecurity Governance, Risks and Compliance
Preferred Qualifications:
Master’s degree in information technology or directly relevant discipline
Research level 1 University Experience
United States Government Security Clearance
Certified Information Systems Auditor (CISA) certification
Experience in managing a cybersecurity department,
Management experience in Security Operations, Security Operations Center (SOC) processes, Network Security, and Cybersecurity Governance, Risks and Compliance
Experience leading projects involving multiple team members can be considered as management experience
Knowledge, Skills and Abilities:
Demonstrated knowledge of various security and regulatory compliance standards, such as: Understanding and experience with, the Family Educational Rights and Privacy Act (FERPA ), Payment Card Industry Data Security Standard (PCI DSS), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA) and the Cybersecurity Maturity Model Certification(CMMC)
Extensive background and knowledge derived from experience in core cybersecurity and information technology concepts, and skills required at the most senior level
Demonstrated knowledge of cybersecurity concepts including malware, intrusion detection, risk analysis, threat/vulnerability management, system hardening, and business continuity
Technical knowledge of information technology and cybersecurity practices
Knowledge of project and operations management to include team leadership skills including motivating team members, leading group processes, team collaboration, empowering, coaching, mentoring, training, ethical integrity, championing diversity and inclusiveness, and supervising staff
Ability to translate specific strategic information into operational programs
Additional Information:
Salary Information:
$140,000-$150,000 per year (Commensurate with education and experience)
Required Documents to Apply:
Cover Letter/Letter of Application, List of three Professional References (name, email, business title), Resume
Optional Documents:
Proof of Veteran Status
Recruitment Contact Information:
Julia Menke, [email protected], Sr. HR Partner
All application materials must be uploaded to the University of Arkansas System Career Site https://uasys.wd5.myworkdayjobs.com/UASYS
Please do not send to listed recruitment contact.
Special Instructions to Applicants:
Pre-employment Screening Requirements:
Criminal Background Check, Sex Offender Registry
The University of Arkansas is committed to providing a safe campus community. We conduct background checks for applicants being considered for employment. Background checks include a criminal background check and a sex offender registry check. For certain positions, there may also be a financial (credit) background check, a Motor Vehicle Registry (MVR) check, and/or drug screening. Required checks are identified in the position listing. A criminal conviction or arrest pending adjudication or adverse financial history information alone shall not disqualify an applicant in the absence of a relationship to the requirements of the position. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law.
The University of Arkansas seeks to attract, develop and retain high quality faculty, staff and administrators that consistently display practices and behaviors to advance a culture that embeds inclusion, opportunity, educational excellence and unparalleled access for all.
The University of Arkansas is an equal opportunity, affirmative action institution. The University does not discriminate in its education programs or activities (including in admission and employment) on the basis of age, race, color, national origin, disability, religion, marital or parental status, protected veteran status, military service, genetic information, or sex (including pregnancy, sexual orientation, and gender identity). Federal law prohibits the University from discriminating on these bases. Questions or concerns about the application of Title IX, which prohibits discrimination on the basis of sex, may be sent to the University's Title IX Coordinator and to the U.S. Department of Education Office for Civil Rights.
Persons must have proof of legal authority to work in the United States on the first day of employment.
All application information is subject to public disclosure under the Arkansas Freedom of Information Act.
Constant Physical Activity:
Talking
Frequent Physical Activity:
N/A
Occasional Physical Activity:
N/A
Benefits Eligible:
Yes
Similar Positions
-
Physiology Faculty, Alice L. Walton School of Medicine, United States, 14 days ago
Alice L. Walton School of Medicine (AWSOM) is seeking experienced, motivated, and dedicated leaders and educators to participate in the design and delivery of an innovative four-year medical schoo...