Job Location: Main Campus - Edmond, OK
Position Type: Staff
Job Category: OTRS Classified
Description Position Title:IT Manager Security - ITACD - 991679Position Overview & Job Duties:Under general direction of the CISO & Director of Information Security, the Manager of Information Security provides leadership for centralized, enterprise-level technology service delivery of information security systems and services. Understands the business strategy of enterprise-wide business and IT management, security, infrastructure and operations, disaster recovery, incident response, and works with teams to define security requirements. Ensures the area’s technological level remains up to date, defines standards, and implements new procedures and techniques. Participates in the strategic planning for the Office of Information Technology. Supervises and provides functional direction to assigned staff and student employees. Establishes team goals and objectives. Effectively collaborates across technology teams and business units through excellent communication skills, diplomacy and a positive attitude.Responsible for activities involving the planning, development, administration, management and support of university information security operations. Manages and leads teams of system engineers, administrators, and third-party systems integrators. Assists with the management of UCO’s disaster recovery (DR) program. Directly leads and manages the University’s information security incident response team including security incident investigation, mitigation, and managing the adoption of UCO’s information security program.
- Serves as UCO’s Information Security and Incident Response Manager.
- Manages security audits, vulnerability and threat assessments, and directs responses to network or system intrusions.
- Provides leadership, guidance, and training to information security personnel.
- Conducts on-demand and scheduled vulnerability assessments and penetration testing.
- Prepares and presents reports to management regarding scans, RCAs, and provides recommendations to management on information security matters.
- Leads and manages system upgrades, rollouts and implementations, developing workflows, documenting processes, developing policies and ensuring they are followed.
- Manages professional staff and daily operations, provides technical expertise to staff supervised, and resolves problems escalated to the Manager level.
- Develops work plans, goals and objectives in relation to staff activities to ensure service delivery and alignment with OIT priorities.
- Monitors, analyzes and reports on the progress of service delivery; takes a customer-centric approach to problem solving; solicits customer feedback to improve service; and responds to customer needs.
- Assesses, identifies and recommends innovative solutions that provide continuous improvement in the organization.
- Creates and maintains documentation including diagrams, operational and support procedures. Documents all communication activities pertaining to plans and/or incidents.
- Performs other duties as assigned.
Bachelor’s degree in job related field plus 5+ years of work experience or equivalent combination of education and experience. Requires work experience with leading, planning, including program development and innovation, program prioritization, and assessment. Appropriate professional accomplishments and credentials.
- Possess and maintain current information security certification or other industry security certification such as but not limited to: CISM, CISSP, CISA or equivalents.
- Experience conducting security audits, investigations, and vulnerability assessments.
- Experience implementing, industry controls related to regulatory frameworks including but not limited to: FERPA, GLBA, PCI-DSS, GDPR, HIPAA, CCPA, FISMA, COBIT, NIST, and CIS.
- Experience managing network security appliances including IDS, IPS, firewalls, and identity management solutions.
- Working knowledge of the NIST framework.
- Advanced networking experience and certifications such as CCNP Route & Switch or Security are highly desired.
- 5+ years of experience securing large enterprise systems.
- Previous experience in large enterprise systems delivery with leadership or managerial role.
- Experience with VMware, UCS, and SAN environments.
- Experience in higher education