Manager of Information Security Services (Florida A&M University) [ARCHIVED]

TITLE: Manager of Information Security Services ***

POSITION NUMBER: 19284 (A&P)

LOCATION: Enterprise Information Technology (EIT)

PAY GRADE/SALARY RANGE 04/$38,120.25 – OPEN**

DEADLINE DATE: OPEN

MINIMUM QUALIFICATIONS: A master's degree in Computer Science and two year of appropriate experience; or bachelor's degree in Computer Science and four years of appropriate experience. PREFER: Excellent management skills; the ability to interface with top management; 5-8 years of information systems processing experience; familiar with information security concepts and objectives; excellent communication skills, both written and verbal; a business-based attitude; i.e., the recognition that no policies can be implemented with demonstrable academic or business benefit and customer services benefits.

Note: The Manager of Information Security Services reports directly to the Chief Information Offices (CIO) and also has a reporting relationship to the Director of Internal Audit specifically for oversight and support in the conduct of special security analyses and network and application intrusion studies. The incumbent in this position is the leader of the data/information security function for Florida A&M University, which includes responsibility for information security strategy, security architecture development, and global function oversight. The scope of this role covers all utilized enterprise technologies, including mainframe, distributed and infrastructure-based systems.

To perform this job successfully, an individual must be able to:

Develop, implements and manage the overall enterprise process for information security strategy and the associated architecture;
Develop and implement policies, standards and guidelines related to information security;
Oversee the continuous monitoring and protection of information processing resources. Evaluate suspected security breaches and recommend corrective actions;
Serves as the enterprise focal point for computer security incident response planning and execution;
Define and implement an ongoing risk assessment program, which will define, identify and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement safeguard recommendations; and assist in internal audit in the development of appropriate criteria needed to assess the level of new/existing applications and/or technology infrastructure elements for compliance with enterprise security standards.

** Salary is based on educational requirements, experience and knowledge, skills and abilities.

***NOTE: SUCCESSFUL COMPLETION OF A BACKGROUND INVESTIGATION IS A CONDITION OF EMPLOYMENT.