Assistant Chief Information Security Officer (Aciso)

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures. In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems. This includes executing a comprehensive UCLA Information Security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality.
The Assistant Chief Information Security Officer (ACISO) at UCLA will have comprehensive responsibility for overseeing the Information Security Operations Center (SOC), Security Engineering teams, and the Identity and Access Management (IAM) capability/team. This pivotal leadership role involves providing strategic direction and management for these units, ensuring their objectives are aligned with the university's overarching security program and broader institutional goals. The Assistant CISO will play a key role in designing and implementing robust security infrastructure to safeguard against various threats and vulnerabilities. Additionally, they will oversee the effective detection, response, and mitigation of security incidents, including the development and refinement of incident response plans. This role also encompasses the crucial task of managing and enhancing UCLA's IAM strategies and processes, ensuring secure and efficient access control across university systems. As a critical leader at UCLA, the Assistant CISO holds significant responsibility for fortifying the university's Information Security and advancing the overall security posture of UCLA and its assets.
The Assistant Chief Information Security Officer will positively impact UCLA's operations and culture by protecting University stakeholders' information and data in service of the institution's academic mission. This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students. This role will execute UCLA's vision while modeling UCLA's culture and values.
Percentage of Time:
100%
Shift Start:
8:00 am
Shift End:
5:00 pm
Qualifications for Position
19
Records
Qualifications
Required/Preferred
Seven years of experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field.
Required
Six years of experience leading teams in a management or leadership role, particularly in a fast-paced, service-oriented environment.
Required
In-depth knowledge of Information Security functional areas and as it relates to managing large security operations and engineering teams in a complex environment.
Required
In-depth understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy / security regulations relevant to higher education and / or medical center and patient information.
Required
Demonstrated experience with security incident response, including leading and managing incident response teams.
Required
Experience managing large security operations and engineering teams in a complex environment.
Required
Strong technical skills in security technologies and tools, such as SIEM, IDS/IPS, endpoint protection, and vulnerability management.
Required
Strong knowledge of directory services (e.g., Active Directory, LDAP), Single Sign-On (SSO) technologies, multi-factor authentication (MFA) solutions, role-based access control (RBAC), identity governance and administration (IGA), and privileged access management (PAM).
Required
Highly skilled in written and verbal communications and is able to communicate on behalf of large teams and relay highly complex technical information. Significant experience communicating with technical and non-technical leaders.
Required
Significant demonstrated experience leading and managing teams, including advanced abilities in persuasion, negotiation, change management, and mentorship.
Required
Significant experience solving complex, technical and non-technical problems with budget, timeline, and other resource implications. Able to delegate solutioning when appropriate to the proper resources. Experience operating as a point of escalation or final decision making. Demonstrated understanding of how decisions affect teams. Demonstrated ability to make decisions with integrity.
Required
Significant experience providing inclusive leadership of others, establishing and advancing an inclusive environment that values equity, diversity, inclusion and belonging.
Required
Integrates creative thinking and industry-leading practices into diverse team operations; has demonstrated experience inspiring teams to innovate and grow. Has significant experience leading in an ever-changing, fast-paced environment.
Required
Bachelor's degree or equivalent combination of experience/training in one or more of the following fields: information technology, cybersecurity, computer science, public administration, business administration, communications, or related field.
Required
Ten or more years of experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field.
Preferred
Eight or more years of experience leading teams in a management or leadership role, particularly in a fast-paced, service-oriented environment.
Preferred
Project management skills with significant experience delivering multiple complex projects, delegating responsibility between teams, overseeing multiple projects, managing others, and leading teams to prioritize among competing project/customer needs. Experience managing teams in a project-based environment using leading project management practices including schedule management, status reporting, and communication of project risks and issues.
Preferred
Experience in complex higher education environments, serving academic and administrative functions of a large public university.
Preferred
Advanced degree in one or more of the following fields: information technology, cybersecurity, computer science, public administration, business administration, communications.
Preferred
Additional Posting Information
Bargaining Unit:
99-Policy Covered
Application Deadline:
04-05-2024
External Posting Date: