Director IT
Company: University of Utah
Location: Salt Lake City
Posted on: October 19, 2024
Job Description:
Information Security Office, Director Enterprise SecurityThe
Director of Enterprise Security (DES) is a key position within the
Information Security Office (ISO) with leadership responsibilities
over the Enterprise Security groups (ISO-ES) and is responsible for
facilitating communication between Senior IT and business
leadership and operationally focused IT management and
administrators at the University of Utah. Reporting directly to the
Chief Information Security Officer (CISO), the DES plays a critical
role within the Information Security Office and the Chief
Information Security Officer's team, serving both University of
Utah Health and the University of Utah as a
whole.ResponsibilitiesThe DES will be responsible for aligning
ISO-ES strategic and operational efforts with the CISO's direction
and the University's objectives and missions. The DES will be
responsible for assessing risks, evaluating emerging technologies
and determining long-term needs for ISO-ES.The DES will serve as a
primary liaison between the ISO-ES with other parts of the
organization, including senior leadership and other key
stakeholders. The DES will communicate unmanaged risk, escalate
security-related issues or incidents, and ensure alignment with
business strategies. The DES will regularly communicate
cybersecurity risks and initiatives to stakeholders, ensuring they
are informed and engaged with the organization's security posture.
The DES will maintain cross-departmental collaboration by working
closely with other IT leaders, business units, and external
partners to ensure cybersecurity measures are integrated across all
areas of the organization.The DES is responsible for leadership and
supervision for three groups that make up ISO Enterprise Security:
Security Operations Center (SOC), Security Assurance, and Security
Engineering. All three groups have an Associate Director which will
report to the DES. The DES will provide guidance, set priorities,
and ensure the teams are working cohesively. The Associate
Directors will maintain operational leadership, project, and team
management for each group. Through these groups, the DES will
oversee the continuous monitoring of the University's IT systems
for potential security threats.The DES will lead ISO incident
response and management efforts and planning. This includes
collaboration in developing and managing ISO incident response
plans and preparations for cybersecurity incidents, such as data
breaches or ransomware attacks. The DES will also lead crisis
management and response to significant security incidents,
coordinating internally within ISO-ES and ISO as well as with other
departments, Office of General Counsel, leadership, and external
entities.The DES will also participate with the evaluation of the
cybersecurity practices of third-party vendors and partners to
ensure they meet the organization's security standards. This
includes conducting security assessments and managing vendor
risks.The DES will also support the CISO in helping develop and
manage the overall ISO-ES budget, making decisions on how resources
may be allocated across projects, teams, and in support of
initiatives.The DES will need to remain up to date and informed on
emerging threats and vulnerabilities. Incorporating threat
intelligence into ISO's strategy and defense posture.This job
description is not designed to contain or be interpreted as a
comprehensive inventory of all duties, responsibilities, and
qualifications required of employees assigned to the job.Minimum
QualificationsBachelor's degree in related computer science,
Business Administration, or related area, or equivalency (one year
of education can be substituted for two years of related work
experience); eight years of progressively more responsible
management experience; and demonstrated leadership, human
relations, and effective communications skills required.Applicants
must demonstrate the potential ability to perform the essential
functions of the job as outlined in the position
description.Preferences
- Professional information security experience in higher
education and/or the health care industry.
- Industry accepted certifications, such as Certified Information
Systems Security Professional (CISSP), Certified Information
Security Manager (CISM), Certified Information Systems Auditor
(CISA), or other comparable professional certifications.
- A strong understanding of the institutional impact of security
tools, technologies, and policies.
- An excellent understanding of information security concepts,
protocols, industry best practices, and strategies.
- Experience working with legal, audit, and compliance
staff.
- Experience with common information security management
frameworks, such as CIS 18, NIST Special Publication 800-171, and
NIST Cyber Security Framework (CSF).
- Familiarity with applicable legal and regulatory requirements,
including, but not limited to, the US Health Insurance Portability
and Accountability Act (HIPAA), EU General Data Protection
Regulation (GDPR), Payment Card Industry Data Security Standard
(PCI DSS).
- Proficiency in performing risk, business impact, control, and
vulnerability assessments, and in defining remediation
strategies.
- Knowledge of and experience in developing and documenting
security assessments and remediation plans, including strategic,
tactical, and project plans.
- Strong analytical skills to analyze security requirements and
relate them to appropriate security controls.About UIT: University
Information Technology (UIT), the central IT service provider for
the University of Utah, reports to the U's Chief Information
Officer and is responsible for many of the U's shared IT services
including the wired and wireless network; Campus Information
Services (CIS) portal; UMail, telephone, and online collaboration;
digital learning technologies; information security; software
licensing; and a host of other IT systems and services.About the
University of Utah: Located in Salt Lake City, the U is the
flagship institution of the State of Utah's system of higher
education, home to arts and museum venues and a member of the
BIG-12 Conference. Skiing and snowboarding opportunities are a
short distance from campus, and opportunities to pursue activities
from biking to hiking to fishing abound. Salt Lake City is home to
the Utah Symphony and Opera, Ballet West, professional sports
teams, and a wide range of other cultural and recreational
activities.University of Utah BenefitsThe University is a
participating employer with Utah Retirement Systems ("URS").
Eligible new hires with prior URS service may elect to enroll in
URS if they make the election before they become eligible for
retirement (usually the first day of work). Contact Human Resources
at (801) 581-7447 for information. Individuals who previously
retired and are receiving monthly retirement benefits from URS are
subject to URS' post-retirement rules and restrictions. Please
contact Utah Retirement Systems at (801) 366-7770 or (800) 695-4877
or University Human Resource Management at (801) 581-7447 if you
have questions regarding the post-retirement rules.This position
may require the successful completion of a criminal background
check and/or drug screen.The University of Utah values candidates
who have experience working in settings with students and patients
from all backgrounds and possess a strong commitment to improving
access to higher education and quality healthcare for historically
underrepresented students and patients.All qualified individuals
are strongly encouraged to apply. Veterans' preference is extended
to qualified applicants, upon request and consistent with
University policy and Utah state law. Upon request, reasonable
accommodations in the application process will be provided to
individuals with disabilities.The University of Utah is an
Affirmative Action/Equal Opportunity employer and does not
discriminate based upon race, ethnicity, color, religion, national
origin, age, disability, sex, sexual orientation, gender, gender
identity, gender expression, pregnancy, pregnancy-related
conditions, genetic information, or protected veteran's status. The
University does not discriminate on the basis of sex in the
education program or activity that it operates, as required by
Title IX and 34 CFR part 106. The requirement not to discriminate
in education programs or activities extends to admission and
employment. Inquiries about the application of Title IX and its
regulations may be referred to the Title IX Coordinator, to the
Department of Education, Office for Civil Rights, or both.To
request a reasonable accommodation for a disability or if you or
someone you know has experienced discrimination or sexual
misconduct including sexual harassment, you may contact the
Director/Title IX Coordinator in the Office of Equal Opportunity
and Affirmative Action (OEO/AA). More information, including the
Director/Title IX Coordinator's office address, electronic mail
address, and telephone number can be located at:
https://www.utah.edu/nondiscrimination/Online reports may be
submitted at oeo.utah.edu.Posting Specific QuestionsRequired fields
are indicated with an asterisk (*).
- * Do you have a related Bachelor's degree or equivalency? (2
years related work experience may be substituted for 1 year of
education)
- Yes
- No
- * How did you hear about this position?
- University of Utah Web Page
- Internet: search engine, online job board, etc
- University of Utah employee referral
- Career Services/Campus Job Fair
- Community/Government Agency
- Other/Unknown
- * How did you hear about this position? Please specify the name
of the job board, community, education, government agency, search
engine, etc. used to find out about this position.(Open Ended
Question)Required Documents
- ResumeOptional Documents
- Cover Letter
- Appropriate discharge document (such as a DD-214 - Member Copy
4) - Veteran Only - Call 801.581.2169
- Addendum to the University of Utah - Veteran Only - Call
801.581.2169 after submissionUniversity Human Resource
Management250 East 200 South, Suite 125 Salt Lake City, UT
84111Contact us: (801) 581-2169 By Email: employment@utah.edu
#J-18808-Ljbffr
Keywords: University of Utah, Logan , Director IT, Executive , Salt Lake City, Utah
Didn't find what you're looking for? Search again!
Loading more jobs...