IT Administrator IV, Security - Department of Technology Solutions with UT System

IT Administrator IV, Security - Department of Technology Solutions with UT System
Market Range 14

About the UT System
The University of Tennessee System is comprised of campuses at Knoxville, Chattanooga, Pulaski and Martin; the Health Science Center at Memphis; the Space Institute at Tullahoma; and the statewide Institute of Agriculture and Institute for Public Service. The UT System enrolls about 54,000 undergraduate and graduate students statewide, and more than 13,000 students graduate from UT campuses each year with bachelor's, master's, doctoral and professional degrees.

The UT System has a presence in each of Tennessee's 95 counties. Through the combined force of education, research and outreach, the University serves students, business and industry, schools, governments, organizations and citizens statewide.

The University of Tennessee System, through its multiple campuses and institutes, serves the people of Tennessee and beyond through the discovery, communication, and application of knowledge. The System is committed to providing undergraduate, graduate, and professional education programs in a diverse learning environment that prepares students to be leaders in a global society. The UT System's delivery of education, discovery, outreach, and public service contributes to the economic, social, and environmental well-being of all Tennesseans.

The Opportunity
Leads and manages team for large-scale projects, security assessments, compliance audits, etc. Serves as high level expert and leader in service area teams. Directly leads and coordinates the risk management program for UTSA and the University. Develop and oversee, as a part of the ISO team, the IT Governance, Risk, and Compliance (GRC) program system-wide. GRC will involve multiple federal and state compliance programs, including but not limited to Center for Internet Security (CIS), Graphics-Leach-Bliley Act (GLBA) Safeguards Rule, PCI, HIPAA, and the National Institute of Standards and Technology (NIST). Recommends and assesses security controls for applications, systems, networks, cloud-based solutions, or databases. Provides leadership support for the IT Security Department in terms of planning, direction, and services.

Primary responsibilities will include:

• Governance, Risk, and Compliance
  • Develop and lead IT Governance, Risk, and Compliance (GRC) program system-wide (CIS, GLBA, PCI, HIPAA, NIST) with a focus on the risk management program

  • Implements the AuditBoard GRC application statewide with a focus on risk management for all campuses and institutes statewide

  • Implements the risk assessment program for use by all campuses with assigned responsibility and accountability for all risk mitigation tasks

  • Performs risk assessments for UTSA departments and enterprise systems as well as for systems, departments, or applications statewide based on request

  • Implements reporting processes for risk mitigation for the university

  • Participates in the technical assessment and compliance portion of the PCI program

  • Participates in the technical assessment and compliance portion of the HIPAA program

  • Directly accountable for the assessment of security controls applied to applications, systems, networks, and/or databases

  • Directly accountable for all risk mitigation efforts for UTSA applications, systems, networks, and/or databases

  • Directly accountable for UTSA compliance with the CIS critical security controls

  • Requires travel to campus and institute locations statewide
    

• Security Leadership and Planning

  • Directly responsible for the resolution of lower impact or urgency problem and incident management issues

  • Reviews work of junior staff to ensure that services requests are correctly and effectively performed

  • Leads project teams to develop and implement new security controls for applications, systems, networks, and/or databases including leadership of multiple personnel that do not report to him

  • Leads projects, including planning, managing resources, and delivering final products

  • Directs and supervises project team members efforts

  • Maintains a current level of knowledge for all information security concepts and technologies (e.g. by reading, attending

  • conferences, training, professional communication/networking)

  • Actively engages and promotes new technologies (e.g. through networking, presenting at conferences, providing training)

  • Possesses expert domain knowledge in service area and knowledge of many related areas
    

• Security Solutions
  • Seeks out new and innovative IT security solutions with the goal to enhance the overall IT security footprint of both UTSA and the University.

  • Designs, modifies, and implements routine, complex, and emergency security solutions to ensure and maximize service security

  • Responsible for the most critical and highest impact services with the largest (e.g. enterprise/university-wide) user bases including both UTSA wide and statewide.

  • Responsible for technical, procedural, and administrative security solutions for enterprise applications, systems, networks, and/or databases

  • Responsible for overall work efforts in the development and implementation of new systems, networks, and/or databases

  • Researches and trains on advanced systems, networks, and/or database technologies

• Security Response
  • Directly responsible for resolution of high impact or urgency problem and incident management issues

  • Fulfills security focused service requests for applications, systems, networks, and/or databases under their responsibility
    

• Performs other related duties as required