Organizational Area: Information Technology Services
Location: Oakland, CA
Posting Salary: commensurate with experience
Position Summary: Under the general guidance of the CIO and in coordination with the System-Wide CISO and other UC Information Security colleagues, the Director of Information Security acts as the information security officer for the University of California Office of the President location (UCOP) - responsible for ensuring the confidentiality, integrity and availability of the University's information assets.
The Director oversees the delivery of critical security functions and services including identity management, incident response, breach management, and network intrusion detection. In addition, the Director interprets UC privacy and security policy, manages the UCOP information risk governance process, guides the acquisition/implementation of security technologies, capably represents UCOP policy makers and senior administrators, and actively participates in system-wide committees developing information security policy, standards and practices.
Successful candidates will demonstrate the ability to provide leadership and hands-on execution across a broad range of complex security, privacy and risk-related issues as they understand business needs, evaluate risk and expeditiously develop prevention and mitigation strategies in a large, complex organization.
The ideal candidate weighs operational needs against risk and proposes multiple solutions for leadership decision making. This position requires initiative, enterprise IT knowledge and judgment to interpret policy and apply technical solutions to protect networks, electronic systems and data in service of the University of California's education, research, public health, and community service missions.
Special Conditions of Employment:
Other Special Conditions of Employment:
successful completion of background check required
Job Close Date:
Monitors operations and actively hunts for and detects adversaries and instances of suspicious and unauthorized events. Leads periodic security risk and gap assessments and defines and leads action plans for prioritized remediation of vulnerabilities. Defines and implements an annualized set of strategic goals that provide ongoing oversight, management, performance measurement, and course correction of all cyber-security activities - including compliance with internal and external policies and regulations.
Job Requirements Education/Experience: Bachelor's degree in related area and / or equivalent experience / training which includes enterprise IT management experience and Information Security experience.
Knowledge/Skills: In-depth knowledge of information technology security functional areas and best practices including ISO 2700X, COBIT/Risk IT, and the NIST Cybersecurity and CERT Resilience Management Frameworks.
Thorough understanding of privacy and security regulations, including federal and state laws, policies and standards.
Excellent enterprise security architecture, design and technology skills developed deploying and supporting SIEM, DLP/CASB, VPN, DMZ, intrusion detection and prevention, encryption, anti-virus and malware, and related solutions.
Comprehensive knowledge of the identity and access management domain including process, technologies and best practices.
The ability to establish priorities, develop/manage a budget, consistently meet strategic deadlines, effectively support operational needs, and manage technical staff in a complex, multi-dimensional environment.
Demonstrated leadership expertise in determining and recommending actions and affecting change across the organization, providing a clear understanding and the information necessary for departments and individuals to carry out their responsibility for information security risk management.
Excellent communication skills, including the ability to effectively present technical topics to groups with varied levels of technical sophistication and demonstrated experience influencing or gaining acceptance from others.
Detailed knowledge of technical concepts and basic operating principles of data communications, computer hardware, vendor IT products, and software. Required
Experience in the management of ongoing technology infrastructure acquisition and expansion, including the identification and integration of suitable emerging technologies. Preferred
About us The University of California, one of the largest and most acclaimed institutions of higher learning in the world, is dedicated to excellence in teaching, research and public service. The University of California Office of the President is the corporate headquarters to the ten campuses, five medical centers and three Department of Energy National Labs and enrolls premier students from California, the nation and the world.
The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age or protected veteran status.
Copyright 2017 Jobelephant.com Inc. All rights reserved.
About University of California Office of the President
The Office of the President is the systemwide headquarters of the University of California, managing its fiscal and business operations and supporting the academic and research missions across its campuses, labs and medical centers.