Description
Required Qualifications
Job Opening ID: 67601 Reports To: Assistant CISO, IT Security Operations & Engineering Working Title: SUPERVISOR, IT SECURITY RISK AND COMPLIANCE Department: OIT/IT Security Bargaining Unit: 99 FLSA: Exempt Payroll Job Code: 005937 Job Location: UCI Campus- Irvine Percent of Time: 100% Work Schedule: 8-5, M-F Employee Class: Career
Position Summary:
The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University. The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs.
Under the general direction of the Assistant CISO, IT Security Operations & Engineering, the Supervisor, IT Security Risk and Compliance is responsible for overseeing the day-to-day operations of our security risk and compliance functions, managing our governance, risk & compliance (GRC) tools, and ensuring adherence to a variety of security compliance requirements and standards. Assignments will be received in the form of objectives with goals and the process by which to meet goals. This position will be responsible for providing direction to staff according to established policies and management guidance as well as administering policies that directly affect subordinate staff. As the Supervisor of IT Security Risk and Compliance you will recommend changes to department policies and practices, identify risks and respond accordingly and provide priority setting and workflow analysis.
In addition to the salary range listed below, we offer a wealth of benefits to make working at UCI even more rewarding. These benefits may include medical insurance, sick and vacation time, retirement savings plans, and access to a number of discounts and perks. Please utilize the links listed here to learn more about our compensation practices and benefits.
Department Website:
https://www.oit.uci.edu/
- Five (5) to ten (10) years of experience in information security, especially in an information risk analysis role, risk management and/or IT audit role. Five (5) to ten (10) years of experience with regulatory compliance and information security management frameworks (e.g., IS0 27000, COBIT, NIST 800, etc.)
- Bachelor's degree or equivalent work experience with an emphasis in computer science, data processing, computer information systems, or in a related field.
- Knowledge of department processes and procedures.
- Advanced knowledge of the IT security function. Advanced knowledge of IT security risk frameworks and relevant compliance regulations (e.g., NIST 800-53, NIST 800-171, ISO 27001/27002, NIST CSF, DOJ, PCI-DSS, HIPAA, NSPM-33, GLBA, IS-3).
- Broad knowledge of other areas of IT. Ability to create and interpret technical diagrams (e.g., network diagrams, data flow diagrams).
- Demonstrated knowledge of secure hardware, software and network design techniques.
- Ability to communicate best practices to diverse audiences.
- Expert knowledge of security risk management methodologies, tools, and security risk assessment processes.
- Excellent critical thinking, persuasion / negotiation, mentoring, leadership / management and problem solving abilities.
- Excellent verbal and written communication, quantitative and analytical skills.
- Demonstrated skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items.
- Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners.
- Self-motivated with a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, and integrity.
- Project management experience.
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), SANS GIAC Security Essentials (GSEC), Project Management Professional (PMP)
- Human Resources policies and procedures relating to management responsibilities.
- Demonstrated skill in managing technical staff. Familiarity with UC information security policy (IS-3), UC Data classification, and procedures, and/or higher education experience.
- Must pass a background check.
- Occasional after-hours work may be required.
- Must be able to work outside of normal business hours and occasionally on weekends.
Conditions of Employment:
The University of California, Irvine (UCI) seeks to provide a safe and healthy environment for the entire UCI community. As part of this commitment, all applicants who accept an offer of employment must comply with the following conditions of employment:
- Background Check and Live Scan
- Legal Right to work in the United States
- Vaccination Policies
- Smoking and Tobacco Policy
- Drug Free Environment
The following additional conditions may apply, some of which are dependent upon business unit or job specific requirements.
- California Child Abuse and Neglect Reporting Act
- E-Verify
- Pre-Placement Health Evaluation
Details of each policy may be reviewed by visiting the following page - https://hr.uci.edu/new-hire/conditions-of-employment.php
Closing Statement:
The University of California, Irvine is an Equal Opportunity/Affirmative Action Employer advancing inclusive excellence. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories covered by the UC nondiscrimination policy.
We are committed to attracting and retaining a diverse workforce along with honoring unique experiences, perspectives, and identities. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
UCI provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Human Resources at (949) 824-0500 or eec@uci.edu
#OIT
Apply on company website
Find Connections via Linkedin
