Provides direction and leads the implementation and operation of the Enterprise-wide information security program to safeguard the confidential information, assets, and intellectual property belonging to UTHSCSA and associated relationships.
Fulfills the responsibilities of the Information Security Officer as defined by TAC 202, including serving as an advisor to the VP/CIO (IRM) on all aspects of information security.
Maintains a broad understanding of Federal and State laws relating to information security, industry best practices, exposures, and their application to UTHSCSA's information technology environment.
Maintains a cost effective information security program including implementation of security standards, policies and procedures, awareness and training plan, and overall information security infrastructure.
Leads the investigation and remediation of security incidents, initiates appropriate action to protect information assets, and is responsible for appropriate reporting.
Responsible for addressing information security requirements and required reporting with external entities including UT System and State and Federal agencies. Works closely with Audit/Compliance in remediating cited deficiencies.
Consults and advises all UTHSCSA organizational units on information security issues.
Conducts recurring information security risk assessment and training programs.
Coordinates with UT Police and other law enforcement agencies relating to potential technology related-criminal activities and investigations.
Designs and tests information security-related systems.
Chairs the UTHSCSA Information Security Council and participates in UT System-related forums regarding for information security issues.
Builds, motivates, and leads a professional information security team committed to integrity and excellence attuned to organizational culture and responsive to University needs.
Recommends security product purchase proposals and manages product implementation.
Works with consultants to fulfill independent security audit needs and to enhance UTHSCSA's information security solutions.
Performs other duties as assigned.
Bachelor's degree in Computer Science, Management Information Systems, Mathematics, Engineering, or Business Administration, with 15 years of experience in an information security role leading, designing, implementing, and/or auditing information technology security and/or compliance. CISSP and/or CISA are preferred. Classified Security Clearance is preferred.
Deep knowledge of current information security risks, trends, regulatory requirements, and accepted industry best-practices within academic health, education, clinical, and research environment is required.
MUST APPLY ONLINE AT WWW.UTHSCSAJOBS.COM
- Process-oriented with good analytical skills and a strong ability to provide thought-leadership. Structured with a solid operations and efficiency focus. Ability to present fiscally responsible, operationally effective, and sustainable recommendations to executive management is required.
- Strong orientation around user-defined needs and collaborative approach to resolving information security challenges, applying policy and procedure, and implementing solutions in a practical effective manner.
- Deep knowledge of network, server hardware, software, security tools, and end-user and mobile devices in a complex, large organization is required. Strong ability to plan, budget, and deliver, and maintain Enterprise-wide technology solutions.
- Must possess excellent verbal and written communication skills so as to facilitate a customer service atmosphere while developing key organizational relationships.
- Able to understand legal, audit, compliance issues as well as Federal and State agency requirements relating to information security. Strong ability to translate requirements into effective, cost-efficient policy, standards, and guidelines.
- Must have or be able to obtain a classified security clearance.
THIS POSITION IS SECURITY SENSITIVE
AN EQUAL OPPORTUNITY/AFFIRMATIVE ACTION EMPLOYER
- 2 years ago - save job