The Deputy Information Security Officer will be responsible for office operations of the Information Security Office and assist the CISO with management of the Information Security Program. Collaborate, on behalf of the CISO, with key business and IT leaders to ensure information security compliance, to develop security policies, standards, procedures and action plans. Consult with senior IT and business leaders regarding their information security risks and responsibility in minimizing those risks. Must maintain reliable, up- to-date, information from the federal and local government and across the industry regarding identification of new threats and vulnerabilities. Manage the day to day operations and staff of the Information Security Office. Oversee the Information Security's GRC program. Develop metrics and status reports for the information security program and manage the coordination of state and UT System Reporting.
Departmental Leadership: Provide departmental leadership in the absence of the CISO. Represent the mission and interest of the Information Security Office on behalf of the CISO, including providing reports to senior management. Direct, plan, manage, and coordinate the day-to-day operations and budget of the Information Security Office. Governance, Risk and Compliance (GRC): Responsible for the management of UT Arlington's Security Governance, Risk and Compliance (GRC) program. Ensure that institutional risk assessments are completed. Oversee security reviews on all 3rd party vendors and cloud applications. Establish and monitor minimum security requirements for research and ensure the protection of intellectual property and research data. Implement or make effective use of GRC software. Assist the CISO in the development and management of security policies and procedures. Manage the policy exception process. Establish a reporting process to ensure that management is kept appraised of the effectiveness of information security program. Prepare periodic reports for the CISO, CFO, President, Executive Management, UT System and Texas DIR. Cybersecurity Oversight and Incident Response: Assist the CISO in the management of escalated security related issues and incidents. Monitor a variety of sources including government, industry or professional organizations for prevailing or emerging threats. Ensure required security controls are enforced on UT Arlington's security infrastructure including but not limited to firewalls, IPS/IDS, DLP, and cloud environments and that controls are effective. Identify vulnerabilities and ensure appropriate mitigation is occurring. Provide departmental leadership in the management of the Incident Response Plan. Oversee security controls testing, audit of systems, and threat hunting to detect emerging threats or vulnerabilities to our institution and escalate known risks to executive leadership. Provide departmental leadership in the management and execution of the Security Incident Response Plan. Security Project Management and Research Support: Assist the CISO with managing security projects to include those resulting from UT System initiatives or mandates. Architect or participate in the planning of IT projects involving or requiring information security. Work with Office of Information Technology server and network infrastructure groups to identify or develop security safeguards or solutions. Collaborate with the Office of Information Technology to ensure security configuration baselines are developed and implemented. Oversee support for research in the development and review of data management plans and technology control plans. Security Awareness: Oversee the development and presentation of information security awareness and security training within the various academic and administrative departments, and to the campus at large. Ensure that information security related alerts are disseminated in a timely manner. Provide leadership and coordination of the Information Security Administrator Program. Collaborate with centralized and decentralized IT stakeholders to promote improved information security practices and compliance. Other duties as assigned.
Bachelor of Science in related field such as Computer Science, Management Information Systems, Information Science and Security, or related field. Bachelor degree in an unrelated field is acceptable with demonstrated information security knowledge and experience. A minimum of 7 years of progressively responsible and demonstrated information technology or information security work experience, including experience in designing, implementing, auditing and/or managing information resources, information security, or risk management projects, operations, and/or programs. Demonstrated experience with developing and maintaining information security policies and procedures. Extensive knowledge of and experience in information technology, information security and/or risk management. 2 years supervisory experience required. Experience supervising, coaching, and mentoring information technology professionals. Must have excellent interpersonal, verbal and written communication skills. Successful experience working, collaborating and establishing credibility and relationships with senior leadership, colleagues and customers. Ability to translate technical language to common language for non-technical users.
Master’s degree in information technology or related field. Advanced information security certificates in one or more of the following: CISSP, GIAC/GSEC, CISA, CISM, GRISC, CGEIT, etc. Practical experience with implementing security frameworks, e.g. NIST 800 series, NISTCSF, ISO 20001, CIS Top 20. Experience in the protection of research data and intellectual property, implementing NIST 171 controls and/or familiarity with CMMC a plus. Technical experience in network administration, system administration, application development, database administration, and/or data center operations preferred Experience in the implementation of GRC strategies. Solid knowledge regarding risk management practices and GRC concepts and automation tools. Knowledgeable about information security risk management practices. Experience in higher education. Experience in Texas State government. Ability to devise strategies, organize work, coordinate work of collaborative groups, and oversee technical projects and staffs to achieve effective cost efficient solutions. Demonstrated experience with developing and providing an information security awareness and training program. Experience in assessing, managing as well as in negotiating vendor contracts and agreements with end users, service providers and regulatory agencies.
Applicants must include in their online resume the following information: 1) Employment history: name of company, period employed (from month/year to month/year), job title, summary of job duties and 2) Education: school name, degree type, and major.
UTA is an Equal Opportunity/Affirmative Action institution. Minorities, women, veterans and persons with disabilities are encouraged to apply. Additionally, the University prohibits discrimination in employment on the basis of sexual orientation. A criminal background check will be conducted on finalists. The UTA is a tobacco free campus.
Open Until Filled: No
Location: Ft. Worth
Internal Number: 13114
About University of Texas at Arlington
With annual research expenditures in excess of $100M, the University of Texas at Arlington is a Carnegie Research-1 “highest research activity” institution committed to life-enhancing discovery, innovative instruction, and caring community engagement. A leading institution in the heart of the thriving North Texas region, UTA nurtures minds within an environment that values excellence, ingenuity, and diversity. With a total global enrollment of over 59,000 in AY 2018-19, UTA is one of the largest institutions in the University of Texas System. Guided by its Strategic Plan Bold Solutions | Global Impact, UTA fosters interdisciplinary research and teaching to enable the sustainable megacity of the future within four broad themes: health and the human condition, sustainable urban communities, global environmental impact, and data-driven discovery. UTA was cited by U.S. News & World Report as having the second lowest average student debt among U.S. universities in 2018. U.S. News & World Report also ranks UTA fourth in the nation for undergraduate diversity. The University is a Hispanic-Serving Institution and is ranked as the top four-year college in Texas for veterans on Military Times’ 2018 Best for Vets list.