Vacancy expired!
TITLE Security Operations Lead
JOB SUMMARYThe Security Operations Lead is responsible for the university-wide information security operations for information protection (IP). The position will design, implement, monitor, and evaluate the security systems that protect the university's computer systems and data. As a member of the IT Solutions (ITS) team, the Security Operations Lead is expected to uphold the division's mission to "empower an agile, digital university and elevate technology as a strategic institutional asset" and contribute positively to a collaborative, human-centered, innovative, accountable, transparent, and inclusive culture within ITS.ORGANIZATIONAL RELATIONSHIPSReports to: Associate Director, Security & Network OperationsSupervises: No supervisory responsibilitiesESSENTIAL DUTIES - May include, but not limited to the following: Information Security Management (90%)• Responsible for the architecture & design of security systems.• Plans, implements, and upgrades security measures, tools and controls.• Manages Identity and Access Management (IAM), and the protection of user identities.• Conducts vulnerability scanning and remediates vulnerabilities in a timely manner.• Maintains and monitors security information and event management (SIEM) systems for real-time analysis of security alerts generated by applications and network hardware.• Protects digital files and information systems against unauthorized access, modification or destruction.• Conducts internal and external security audits.• Manages intrusion detection and prevention systems.Builds & improves endpoint remediation process.• Leads incident response discovery and remediation process.• Documents and analyzes security breaches to determine their root cause, and recommends appropriate countermeasures.• Conducts and/or participates in security risk assessments, and coordinates security plans with outside vendors.• Advises on and/or participates in the creation of security training, policies, and tools, including proper anti-virus/anti-malware protection for computing and end user platforms.• Provides high quality and timely IT security support, including responding to incident problem tickets and troubleshooting errors and issues related to overall cybersecurity.ADDITIONAL DUTIESParticipation & Support (10%)• Maintains awareness of current practices and future trends in network security, data loss prevention (DLP), intrusion detection & prevention, cloud security, and cybersecurity best practices.• Represents IT Solutions and participates in the campus community by serving on working groups, project teams, and university committees.• Coordinates and delegates tasks to Security Engineer(s).• Provides back up to other Information Security team personnel as needed.• Performs other duties as requested.EDUCATIONBachelor's degree required.Additional job-related experience may substitute for the required education on a year-for-year basis.EXPERIENCEThree years of relevant experience in information or cyber security. Additional job-related education may substitute for the required experience on a year-for-year basis. Experience with security assessments of network infrastructure, hosts, and applications required. REQUIREMENT Regular and reliable attendance at the University during regular scheduled days and work hours is an essential function of this position. Work is performed under general supervision and performance is based on the effective completion of assignments and results obtained. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures.KNOWLEDGE, SKILLS, AND ABILITIES - The following are essential:• Ability to perform vulnerability and risk assessments on business processes and functional areas.• Strong written and oral communication skills (including ability to present ideas in user friendly, business-friendly and technical language) and interpersonal skills with a focus on rapport-building, listening and questioning skills.• Analytical and problem-solving abilities, including ability to anticipate, identify, and solve critical problems.• Ability to build effective relationships and strong commitment to working collegially and collaboratively with constituents at all levels in a diverse and distributed environment.• Ability to use a personal computer and other office equipment, including related university software and email. Additional/Desirable Skills & Abilities• CompTIA Security+, (ISC)2 Systems Security Certified Practitioner (SSCP), or (ISC)2 Certified Information Systems Security Professional (CISSP). .• Understanding of penetration testing of applications and infrastructure.• Experience with investigation and analysis of information breaches.• Knowledge of an information security framework like ISO27001, NIST 800-53, or NIST 800-171.• Experience in a higher education setting.• Familiarity with Texas Administrative Code (TAC 202) and Texas Cybersecurity Framework (TCF).PHYSICAL DEMANDSThe physical demands described in the Essential Duties and below are representative of those that must be met by an employee to successfully perform the essential duties of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties. The employee may be required to travel. May be required to work a flexible schedule, including evenings, weekends and holidays.WORK ENVIRONMENT All employees are responsible for maintaining an environment that is free from discrimination, intimidation, harassment, including sexual harassment. Work is normally performed in a typical interior work environment.SAFETYPromotes a safe working environment. Employees are responsible for completing assigned tasks safely and efficiently, and supervisors are responsible for creating and maintaining a safe work environment. Employees must report any unsafe work conditions or practices, as well as any near-miss incidents, to their supervisor and Risk Management. Supervisors and employees should ensure that injury/accident reports are submitted to the Office of Human Resources and Risk Management within 24 hours of the incident. The job description does not constitute an employment agreement between the employer and employee and is subject to change by the employer as the needs of the employer and requirements of the job change.Equal Opportunity Employer/Veterans/DisabledTo read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to ;br>The Company will consider qualified applicants with arrest and conviction records