Job Postings > Information Security Officer for UT System Common Use Infrastructures
The University of Texas System Job Title Information Security Officer - Information Security Officer for UT System Common Use Infrastructures Posting number 12-01-04-01-9306 Job Status Open Earliest Start Date Immediately Location Austin, TX, travel required Required Application Materials A Resume is required in order to apply
Purpose of Position To establish and administer an information security program for UT System Common Use Infrastructures (CUI).
Essential Functions Works with UT institutions to coordinate information security efforts relating to UT System Common Use Infrastructures including Shared Applications, Shared Data Centers, UT System Network, UT System-wide Information Services, UT System Identity Management Federation, UT System Research Cyberinfrastructure, UT System institutions, and other groups to ensure sound security standards and practices are defined, responsible parties are assigned, and security activities are carried out as defined. Defines, implements, and manages an information security program the scope of which includes UT System Common Use Infrastructures, in accordance with requirements of the UT Systemwide Information Security Compliance Program. Monitors the effectiveness of defined information security controls, and submits required reports to the UT System CISO. Develops security awareness programs, security policies, guidelines and procedures; meets with advisory and steering committees, institutional information security officers, facility and resource managers, and other staff as required to implement and monitor the information security program. Responds to compliance and audit issues, performs risk assessments, writes management response to audits; and coordinates implementation of audit findings. Works collaboratively with institutional ISOs to perform vulnerability and penetration tests; remediate vulnerabilities and address compliance violations. Advises UT System CISO and institutional ISOs on vulnerabilities. Identifies and responds to security incidents; works closely with UT, local and federal law enforcement agencies as required. Reviews and approves data security requirements, specifications, and, if applicable, third-party risk assessments of new information technology hardware, software, and systems development services. Advises and reports on security, including tactical information security processes and operations and strategic issues such as security implications of emerging technologies, to advisory and steering committees, and senior management. Reviews advisories and bulletins, researches new security threats, and attends technical training and security conferences. Researches and evaluates new technologies. Works with resource managers and ISOs to ensure implementation of Disaster Receovery Plans in accordance with Texas Administrative Code, DIR Guidelines and industry practice. Serves as a member of the Information Security Officer Council.
Marginal/Incidental functions Other related functions as assigned.
Required qualifications Bachelor's degree in related field. Seven years IT experience in network administration, server administration, applications development or IT Audit, including four years working with network security applications and appliances and developing, implementing and/or auditing information security programs. Familiarity with missions, challenges and opportunities of higher education. Excellent organization, leadership, and communication skills. Strong interpersonal, negotiation, and conflict management skills. Ability to establish credibility and effective working relationships at all levels of UT System. Ability to manage and solve complex problems. Knowledge of current information security laws, standards, and accepted industry practices. Knowledge of network infrastructures; current information systems technologies; networking and security devices; and risk assessment methodologies.
Preferred Qualifications Certified Information Systems Auditor and/or Certified Information Systems Security Professional or equivalent certifications preferred.
The University of Texas System
Job Title Information Security Officer - Information Security Officer for UT System Common Use Infrastructures
Posting number 12-01-04-01-9306
Job Status Open
Earliest Start Date Immediately
Location Austin, TX, travel required
Required Application Materials
A Resume is required in order to apply
Purpose of Position To establish and administer an information security program for UT System Common Use Infrastructures (CUI).
Essential Functions Works with UT institutions to coordinate information security efforts relating to UT System Common Use Infrastructures including Shared Applications, Shared Data Centers, UT System Network, UT System-wide Information Services, UT System Identity Management Federation, UT System Research Cyberinfrastructure, UT System institutions, and other groups to ensure sound security standards and practices are defined, responsible parties are assigned, and security activities are carried out as defined. Defines, implements, and manages an information security program the scope of which includes UT System Common Use Infrastructures, in accordance with requirements of the UT Systemwide Information Security Compliance Program. Monitors the effectiveness of defined information security controls, and submits required reports to the UT System CISO. Develops security awareness programs, security policies, guidelines and procedures; meets with advisory and steering committees, institutional information security officers, facility and resource managers, and other staff as required to implement and monitor the information security program. Responds to compliance and audit issues, performs risk assessments, writes management response to audits; and coordinates implementation of audit findings. Works collaboratively with institutional ISOs to perform vulnerability and penetration tests; remediate vulnerabilities and address compliance violations. Advises UT System CISO and institutional ISOs on vulnerabilities. Identifies and responds to security incidents; works closely with UT, local and federal law enforcement agencies as required. Reviews and approves data security requirements, specifications, and, if applicable, third-party risk assessments of new information technology hardware, software, and systems development services. Advises and reports on security, including tactical information security processes and operations and strategic issues such as security implications of emerging technologies, to advisory and steering committees, and senior management. Reviews advisories and bulletins, researches new security threats, and attends technical training and security conferences. Researches and evaluates new technologies. Works with resource managers and ISOs to ensure implementation of Disaster Receovery Plans in accordance with Texas Administrative Code, DIR Guidelines and industry practice. Serves as a member of the Information Security Officer Council.
Marginal/Incidental functions Other related functions as assigned.
Required qualifications Bachelor's degree in related field. Seven years IT experience in network administration, server administration, applications development or IT Audit, including four years working with network security applications and appliances and developing, implementing and/or auditing information security programs. Familiarity with missions, challenges and opportunities of higher education. Excellent organization, leadership, and communication skills. Strong interpersonal, negotiation, and conflict management skills. Ability to establish credibility and effective working relationships at all levels of UT System. Ability to manage and solve complex problems. Knowledge of current information security laws, standards, and accepted industry practices. Knowledge of network infrastructures; current information systems technologies; networking and security devices; and risk assessment methodologies.
Preferred Qualifications Certified Information Systems Auditor and/or Certified Information Systems Security Professional or equivalent certifications preferred.