DEPUTY CHIEF INFORMATION SECURITY OFFICER

University of Texas Rio Grande Valley, United States

Updated: 2 months ago
Location: Rio Grande City, TEXAS
Deadline: ;

Posting Details
Position Information


Posting Number SRGV7335
Working Title DEPUTY CHIEF INFORMATION SECURITY OFFICER
Number of Vacancies 1
Location Rio Grande Valley
Department Information Security
FTE 1
FLSA Exempt
Scope of Job
Responsible for the University’s Cybersecurity Architecture, Engineering, and Security Operations. This is a key leadership role responsible for overseeing the strategic planning, design, implementation, and operationalization of cybersecurity solutions within the organization. Collaborates with the Chief Information Security Officer (CISO) and other senior leaders to develop and implement the cybersecurity strategy while managing a team of professionals responsible for the architecture, engineering, and security operations of the university.
Description of Duties
  • Responsible for defining and implementing the information security, cybersecurity, and data protection strategy and road map for the institution.
  • Works in collaboration with the CISO in developing and implementing the enterprise technology security risk management program.
  • Oversees the coordination of cyber investigations, incident response, and forensics.
  • Plans, designs, and sets configuration standards and oversees the firewall rule set to ensure compliance with laws, regulations, and best practices.
  • Protects the organization’s sensitive data and ensures the security of its digital assets.
  • Incorporates the principles of privacy-by-design in all aspects of information security.
  • Coordinates vulnerability and penetration analysis/tests on university systems and services to identify weakness.
  • Oversees the Information Security Office SIEM tools and primary Information Security oversight of 0365 security.
  • Oversees and leads cybersecurity architecture, design, engineering, and security operations efforts, including the implementation of security controls and solutions at the enterprise level and overseeing the development of security reference architectures.
  • Collaborates with IT teams to integrate security measures into the development and deployment of systems and applications.
  • Consults on disaster recovery and business continuity of operations plans.
  • Responsible for IT security planning and compliance reporting.
  • Leads efforts in the development of standard security configurations and reviews, tests, and approves of non-standard security configurations.
  • Manages, provides guidance, and directs workload of staff members within assigned area.
  • Serves as a member of the IT-CERT team.
  • Keeps current with IT network security and recommends improvements for disaster recovery, business continuity, intrusion detection, incident remediation, monitoring of network and bandwidth resources, and other pertinent security software and utilities.
  • Keeps current with advancements in information security related subjects, participates as an internal consulting resource on viruses, spyware, exploits, computer forensics, recovery and similar subject matter and recommends improvements to the university security program.
  • Evaluates and recommends new information security policies, procedures, standards, guidelines, tools, technologies, organizational changes, etc.
  • Actively participates in the higher education security community such as Educause, REN-ISAC, Unisog, etc.
  • Participates in university committees and meetings with the UT System Security Council.
  • Performs other duties as assigned.
Supervision Received
General supervision from assigned supervisor.
Supervision Given
Direct supervision of assigned staff.
Required Education
Bachelor’s degree in Information Security, Information Technology, Computer Sciences, Risk Management, or closely related field from an accredited university.
Preferred Education
Master’s degree in Information Security or Cyber Security or closely related field from an accredited University.
Licenses/Certifications
Preferred: Certified Penetration Tester (GPEN), or Certified Information Systems Security Professional (CISSP) within two (2) years of hire; and the Certified Information Systems Security Professional with Information Systems Security Architecture Professional designation.
Required Experience
  • Six (6) years of professional experience in Information Security, Identity and Access Management, PCI, Application Security, Networking, or Device Security including experience conducting risk assessments and identifying effective risk mitigation strategies, or
  • Bachelor’s degree in unrelated field from an accredited university with eight (8) years of the required experience or
  • Master’s degree in information or cybersecurity with three (3) years of the required experience.
  • Required experience can be substituted for up to two (2) years of education on a 1-for-1 basis.
Preferred Experience
  • Knowledge and experience with programing and computer languages such as SQL, PowerShell, Python, or similar. Experience in managing, configuring, deploying, and monitoring security infrastructure. Experience with standard concepts, practices, and procedures for security operation centers. Knowledge of ITIL processes and standards. Knowledge of and familiarity with Cloud security practices, network operating systems, endpoint devices, Active Directory, ITSM, Amazon Web Services, Environment and PII vulnerability scanning, Office 365, Splunk or similar and Oracle Identity Manager or similar IAM product.
  • Extensive demonstrated experience in the monitoring, management, oversight, and strategic expansion of communications and system infrastructures, advanced network topologies, and enterprise applications in a higher education setting.
Equipment
Use of standard office equipment. Proficiency in the use of a personal computer and applicable software necessary to perform work assignments e.g. word processing, spreadsheets (Microsoft Office preferred).
Working Conditions
Needs to be able to successfully perform all required duties. Indoor activity, exposure to fluorescent lighting, computer emissions, and confined space. Frequent use of personal computer, copiers, printers, and telephone. Frequent standing, sitting, listening, and talking. Frequent work under stress, as a team member, and in direct contact with others. Job involves moderate amount of walking daily, occasional bending and stooping and infrequent lifting and climbing. Some travel and weekend work are required, including travel to meetings and training outside the area. May work extended hours. UTRGV is a distributed institution, which requires presence at multiple locations throughout the Rio Grande Valley.
Work is performed primarily in a general office environment and can be performed remote within close proximity to a UTRGV campus. If the work is performed remote high-speed internet and a designated workspace are required. 
Other
Strong attention to detail and ability to problem solve. Ability to function independently and as a team player in a fast-paced environment. Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams. Knowledge of security best practice standards such as the Center for Internet Security (CIS) Top 20 Critical Security Controls, NIST Cybersecurity Framework and OWASP. Exceptional planning and organizational skills. Demonstrated ability to perform independent research and apply critical reasoning skills to solve technical issues. Familiarity with information security compliance and best practices, including COBITS, PCI, NIST, ISO, CJIS, and information security related federal and state laws and regulations, including privacy protection, identity protection, HIPAA, FERPA, records retention requirements, and CALEA. Demonstrated ability to multitask and self-manage assigned projects and daily tasks in an environment with shifting priorities. Demonstrated ability to follow established procedures, even in a high-pressure situation. Excellent communication skills, verbal and written, including the ability to convey technical information to a non-technical audience. Ability to independently analyze Information Security Threat Intelligence and vulnerability information and provide recommendations for remediation. Ability to coordinate IT security and compliance projects to meet legal, regulatory, and contractual guidelines.
Physical Capabilities
N/A
Employment Category Full-Time
Minimum Salary Commensurate with Experience
Posted Salary Commensurate with Experience
Position Available Date 02/06/2024
Grant Funded Position No
If Yes, Provide Grant Expiration Date

Posting Detail Information


EEO Statement
It is the policy of The University of Texas Rio Grande Valley to promote and ensure equal employment opportunities for all individuals without regard to race, color, national origin, sex, age, religion, disability, sexual orientation, gender identity or expression, genetic information or protected veteran status. In accordance with the requirements of Title VII of the Civil Rights Act of 1964, the Title IX of the Education Amendments of 1972, Section 504 of the Rehabilitation Act of 1973, and the Americans with Disabilities Act of 1990, as amended, our University is committed to comply with all government requirements and ensures non-discrimination in its education programs and activities, including employment. We encourage women, minorities and differently abled persons to apply for employment positions of interest.
Special Instructions to Applicants
Dear Applicant, Human Resources will not be held responsible for redacting any confidential information from the documents you attach with your application. The confidential information includes the following: *Date of Birth *Social Security Number *Gender *Ethnicity/Race Please make sure that you omit this information prior to submission. We are advising that Human Resources will be forwarding your application to the department as per your submission. If you have any questions, please do not hesitate to contact us at (956)665-2451 and/or [email protected].
Additional Information
UTRGV is a distributed location institution and working location is subject to change based on need.
All UTRGV employees are required to have a criminal background check (CBC). Incomplete applications will not be considered.
Substitutions to the above requirements must have prior approval from the VP of HR & Talent Development .
Quick Link https://careers.utrgv.edu/postings/41782