| Description: |
The University of Florida is searching for Information Security Office. The Information Security Officer (ISO) provides strategic leadership, analysis, planning, and recommendations related to the security of the University's information assets.
The role of the ISO spans the entire University of Florida enterprise, including Direct Support Organizations and Affiliates. The ISO exercises enterprise-wide authority for compliance with University information security policies consistent with applicable industry standards and governmental regulations.
By fostering communication and leveraging relationships at all levels of the enterprise, the ISO raises the visibility of information security and compliance as an enterprise-wide activity. This position reports directly to the Vice President and Chief Information Officer. The ISO works closely with the Chief Privacy Officer, the Office of General Counsel, University Police Department, senior administrators of the University and leaders of Direct Support Organizations to support their collective and individual information security governance and oversight responsibilities.
The ISO will ensure a framework for managing risk and aligning information security strategies with the University's missions and administrative functions. The ISO will be responsible for providing information security leadership, strategy and vision. Responsibilities
Direct all University information security functions of risk management, training and awareness, policy development and compliance, disaster recovery and business continuity, and incident management.
Develop, evaluate and communicate short and long term information security strategies that align with established University goals. Such strategies will incorporate threat research, vulnerability assessment, risk management and incident management.
Provide information security oversight and planning for University Direct Support Organizations (DSOs).
Represent the University's information security plans to appropriate constituents.
Provide leadership for information security analysis and reporting. Ensure that all information security policies and procedures are in compliance with all regulatory requirements.
Perform information security analysis for enterprise-wide initiatives.
Using appropriate performance metrics to demonstrate the effectiveness of security strategies, the ISO advances a multilayered and adaptive approach for addressing a dynamic threat environment. By collaborating with peers within and outside the enterprise, the ISO maintains an understanding of the latest threats and security tools and techniques.
Manage a team of information security professionals responsible for: - Risk management
- Development of policies, standards, procedures and guidelines
- Compliance with policies and standards
- Information security training and awareness program
- Incident management
- Community assistance and support with development and deployment of effective security systems, products and services
- Collaboration and coordination with IT professionals, vendors, peer institutions, consultants and others to improve the security posture of the University
- Information security and compliance research
Serve as a member of the UF IT Management Council, providing council and support to the CIO and team members.
Maintain an understanding of the latest threats and security tools and techniques. Minimum Requirement
Bachelors Degree in an appropriate area of specialization and six years of appropriate experience.
Criminal Background Check required. Preferred Requirement
Significant information security management experience required with five or more years of direct responsibility for management of security professionals, risk management, policy and compliance, training and awareness, and incident management.
Proven record of advanced verbal and written communications skills including the ability to write institutional information technology policies and procedures.
Excellent presentation skills and demonstrated ability to present effectively to diverse university audiences.
Excellent analytical and organizational skills. Ability to analyze information security risks and develop sustainable risk strategies commensurate with university risk tolerance. Comprehensive experience with the following IT security systems: - Network and host firewall systems
- Network access control
- Port and vulnerability scanning
- Data discovery
- Intrusion detection systems
Knowledge of federal, state and industry information security standards and regulations.
Demonstrated experience in and knowledge of information security management practices of professional staff in a large higher education enterprise with an academic health center is preferred.
Prefer graduate or professional degree preferably in an information technology-related field. Information security-related certification preferred.
To review posting & apply see https://jobs.ufl.edu , requisition #0803139, the position is posted open until fill. The University of Florida is an Equal Opportunity Institution & women & minorities are encouraged to apply. If an accommodation due to a disability is needed to apply, call (352) 392-4621 or TDD 1-800-955-8771. |
