Director IT

Company: University of Utah
Location: Salt Lake City
Posted on: October 19, 2024

Job Description:

Information Security Office, Director Enterprise SecurityThe Director of Enterprise Security (DES) is a key position within the Information Security Office (ISO) with leadership responsibilities over the Enterprise Security groups (ISO-ES) and is responsible for facilitating communication between Senior IT and business leadership and operationally focused IT management and administrators at the University of Utah. Reporting directly to the Chief Information Security Officer (CISO), the DES plays a critical role within the Information Security Office and the Chief Information Security Officer's team, serving both University of Utah Health and the University of Utah as a whole.ResponsibilitiesThe DES will be responsible for aligning ISO-ES strategic and operational efforts with the CISO's direction and the University's objectives and missions. The DES will be responsible for assessing risks, evaluating emerging technologies and determining long-term needs for ISO-ES.The DES will serve as a primary liaison between the ISO-ES with other parts of the organization, including senior leadership and other key stakeholders. The DES will communicate unmanaged risk, escalate security-related issues or incidents, and ensure alignment with business strategies. The DES will regularly communicate cybersecurity risks and initiatives to stakeholders, ensuring they are informed and engaged with the organization's security posture. The DES will maintain cross-departmental collaboration by working closely with other IT leaders, business units, and external partners to ensure cybersecurity measures are integrated across all areas of the organization.The DES is responsible for leadership and supervision for three groups that make up ISO Enterprise Security: Security Operations Center (SOC), Security Assurance, and Security Engineering. All three groups have an Associate Director which will report to the DES. The DES will provide guidance, set priorities, and ensure the teams are working cohesively. The Associate Directors will maintain operational leadership, project, and team management for each group. Through these groups, the DES will oversee the continuous monitoring of the University's IT systems for potential security threats.The DES will lead ISO incident response and management efforts and planning. This includes collaboration in developing and managing ISO incident response plans and preparations for cybersecurity incidents, such as data breaches or ransomware attacks. The DES will also lead crisis management and response to significant security incidents, coordinating internally within ISO-ES and ISO as well as with other departments, Office of General Counsel, leadership, and external entities.The DES will also participate with the evaluation of the cybersecurity practices of third-party vendors and partners to ensure they meet the organization's security standards. This includes conducting security assessments and managing vendor risks.The DES will also support the CISO in helping develop and manage the overall ISO-ES budget, making decisions on how resources may be allocated across projects, teams, and in support of initiatives.The DES will need to remain up to date and informed on emerging threats and vulnerabilities. Incorporating threat intelligence into ISO's strategy and defense posture.This job description is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to the job.Minimum QualificationsBachelor's degree in related computer science, Business Administration, or related area, or equivalency (one year of education can be substituted for two years of related work experience); eight years of progressively more responsible management experience; and demonstrated leadership, human relations, and effective communications skills required.Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position description.Preferences

• Professional information security experience in higher education and/or the health care industry.
• Industry accepted certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other comparable professional certifications.
• A strong understanding of the institutional impact of security tools, technologies, and policies.
• An excellent understanding of information security concepts, protocols, industry best practices, and strategies.
• Experience working with legal, audit, and compliance staff.
• Experience with common information security management frameworks, such as CIS 18, NIST Special Publication 800-171, and NIST Cyber Security Framework (CSF).
• Familiarity with applicable legal and regulatory requirements, including, but not limited to, the US Health Insurance Portability and Accountability Act (HIPAA), EU General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS).
• Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining remediation strategies.
• Knowledge of and experience in developing and documenting security assessments and remediation plans, including strategic, tactical, and project plans.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.About UIT: University Information Technology (UIT), the central IT service provider for the University of Utah, reports to the U's Chief Information Officer and is responsible for many of the U's shared IT services including the wired and wireless network; Campus Information Services (CIS) portal; UMail, telephone, and online collaboration; digital learning technologies; information security; software licensing; and a host of other IT systems and services.About the University of Utah: Located in Salt Lake City, the U is the flagship institution of the State of Utah's system of higher education, home to arts and museum venues and a member of the BIG-12 Conference. Skiing and snowboarding opportunities are a short distance from campus, and opportunities to pursue activities from biking to hiking to fishing abound. Salt Lake City is home to the Utah Symphony and Opera, Ballet West, professional sports teams, and a wide range of other cultural and recreational activities.University of Utah BenefitsThe University is a participating employer with Utah Retirement Systems ("URS"). Eligible new hires with prior URS service may elect to enroll in URS if they make the election before they become eligible for retirement (usually the first day of work). Contact Human Resources at (801) 581-7447 for information. Individuals who previously retired and are receiving monthly retirement benefits from URS are subject to URS' post-retirement rules and restrictions. Please contact Utah Retirement Systems at (801) 366-7770 or (800) 695-4877 or University Human Resource Management at (801) 581-7447 if you have questions regarding the post-retirement rules.This position may require the successful completion of a criminal background check and/or drug screen.The University of Utah values candidates who have experience working in settings with students and patients from all backgrounds and possess a strong commitment to improving access to higher education and quality healthcare for historically underrepresented students and patients.All qualified individuals are strongly encouraged to apply. Veterans' preference is extended to qualified applicants, upon request and consistent with University policy and Utah state law. Upon request, reasonable accommodations in the application process will be provided to individuals with disabilities.The University of Utah is an Affirmative Action/Equal Opportunity employer and does not discriminate based upon race, ethnicity, color, religion, national origin, age, disability, sex, sexual orientation, gender, gender identity, gender expression, pregnancy, pregnancy-related conditions, genetic information, or protected veteran's status. The University does not discriminate on the basis of sex in the education program or activity that it operates, as required by Title IX and 34 CFR part 106. The requirement not to discriminate in education programs or activities extends to admission and employment. Inquiries about the application of Title IX and its regulations may be referred to the Title IX Coordinator, to the Department of Education, Office for Civil Rights, or both.To request a reasonable accommodation for a disability or if you or someone you know has experienced discrimination or sexual misconduct including sexual harassment, you may contact the Director/Title IX Coordinator in the Office of Equal Opportunity and Affirmative Action (OEO/AA). More information, including the Director/Title IX Coordinator's office address, electronic mail address, and telephone number can be located at: https://www.utah.edu/nondiscrimination/Online reports may be submitted at oeo.utah.edu.Posting Specific QuestionsRequired fields are indicated with an asterisk (*).
  • * Do you have a related Bachelor's degree or equivalency? (2 years related work experience may be substituted for 1 year of education)
    • Yes
    • No
    • * How did you hear about this position?
      • University of Utah Web Page
      • Internet: search engine, online job board, etc
      • University of Utah employee referral
      • Career Services/Campus Job Fair
      • Community/Government Agency
      • Other/Unknown
      • * How did you hear about this position? Please specify the name of the job board, community, education, government agency, search engine, etc. used to find out about this position.(Open Ended Question)Required Documents
        • ResumeOptional Documents
          • Cover Letter
          • Appropriate discharge document (such as a DD-214 - Member Copy 4) - Veteran Only - Call 801.581.2169
          • Addendum to the University of Utah - Veteran Only - Call 801.581.2169 after submissionUniversity Human Resource Management250 East 200 South, Suite 125 Salt Lake City, UT 84111Contact us: (801) 581-2169 By Email: employment@utah.edu
            #J-18808-Ljbffr

Keywords: University of Utah, Logan , Director IT, Executive , Salt Lake City, Utah