27 days old

Information Security Manager (0662)

University of California Office of the President
Oakland, California 94607
  • Job Type
  • Job Status
    Full Time

Information Security Manager (0662)

University of California Office of the President

Requisition Number: 20180122

Appointment Type: Staff - Career

Personnel Program: MSP

Work Hours: Monday-Friday, 8:00am-5:00pm

Percentage of Time: 100

Organizational Area: Information Technology Services- Immediate Office

Location: Oakland, CA

Posting Salary: salary to commensurate with experience

Position Summary:
Reporting to the Chief Information Security Officer, the Information Security Manager provides leadership subject matter expertise to support the execution of Universitywide and as-defined UCOP location information security activities. Participates in systemwide groups and UCOP location group as requested, the Manger collaborates with peers across the University to develop, review and disseminate expertise related to the implementation University policy and other information practices, The Manager coordinates other information security related projects, both systemwide in nature including development of guidelines and best practices, at the systemwide level, and provides guidance and leadership on local UCOP policy development and implementation.

This position also supports Outreach and Risk Assessment activities related to the Information Security Program Systemwide, and as-defined UCOP functions.

Special Conditions of Employment:
Travel outside of normal business hours

Other Special Conditions of Employment:
Job offer is contingent on successfully passing a background check.

Job Close Date:


Duty 1: Provides management and support for cyber-risk management systemwide and as-defined UCOP locations function under the purview of the Associate Vice President Pertinent issues include information security, privacy, and confidentiality; use of electronic communications resources; availability and integrity of information; access to and use of information technology assets; preservation and collection of information related to investigation and discovery; electronic identity management; digital rights management; and records retention and disposition.

Supports development of new policies and policy revisions, including review with appropriate groups and constituencies. Identifies and analyzes issues, and conducts formal consultative processes for policy development or revision as required.

Streamlines and clarifies cyber-risk management wherever possible and develops and implements strategies to enhance understanding and support implementation across the University.

Develops materials, programs, and effective communication and education mechanisms to familiarize campus, health system and defined UCOP units with policy requirements, compliance procedures, and recommended practices. Prepares position papers and reports in consultation with subject area experts.

Interprets the application of policy cyber-risk to specific situations for campuses and the Universitywide community. Works to support shared understanding and interpretation across the campuses and UCOP of systemwide policies.

Stays abreast of emerging IT and cyber-risk management, by participating in national discussions, when appropriate to UC priorities. Maintains expertise in substantive subjects related to IT and information management, including information security and privacy, contractual controls, developments in technical systems, records management principles, and federal and state regulations.

May represent the Associate Vice President in discussions and negotiations within the Office of the President, with the campuses, and with external organizations. Works with a wide range of executive, management, and professional staff systemwide and with the UC-wide Academic Council.
Function:UCOP Information Security Officer
Percent: 40

Duty 2: Serves as a cyber-risk contractual expert and resource to the campuses, UCOP, and ITS.

Provides leadership on cyber-risk contractural matters in coordination with systemwide groups such as the Campus IT Policy Coordinators, the Electronic Communications Policy Coordinators, the Records Management Committee, the Information Technology Policy and Security Officers, the Digital Millennium Copyright Agents, the Archivists Council, and the Identity Management Work Group. May chair systemwide committees.

Establishes collaborative, cross-functional relationships between Universitywide groups, ensuring appropriate consultation with experts and enabling the University to address emerging contractual cyber-risk issues effectively. Such groups may include the IT policy officers, information security officers, HIPAA privacy officers, records and information managers, Public Records Act coordinators, material managers/strategic sourcing administrators, administrative policy officers, prcourement and legal counsel.

Coordinates a variety of multicampus or systemwide initiatives, as requested by the UC IT Leadership Council, collaborating with campus and systemwide personnel across a broad range of functional areas.

Collects and maintains systemwide data on cyber-riskissues for which as-defined UCOP functions provides centralized guidance or responses to external inquiries. Such issues include security breaches and notifications, exceptions to the Electronic Communications Policy, DMCA copyright infringement notices, campus information security strategies, and network management technologies.

Manages all information resources associated with the cyber-risk management function, including Web sites, databases, and e-mail lists.
Function:Collaboration with Campuses
Percent: 20

Duty 3: Serves as cyber-risk management coordinator for ITS and other as-defined UCOP departments.

Consults to local UCOP IT (TDS) on information management policies, guidelines, recommendations for best practices.

Provides advise and guidance regarding the applicability of UC IT and records and information management policies to specific situations at UCOP

Provides guidance to UCOP departments in the development of internal information management processes and procedures related to cyber-risk management, in conjunction with TDS Operational Security staff.

Develops cyber-risk materials and programs to raise awareness about pertinent issues and advance compliance

Coordinates with functional partners, legal counsel, systems personnel, and other representatives as appropriate

Seeks and develops opportunities for streamlining records and information management activities across UCOP departments
Function:Local Support
Percent: 20

Duty 4: Coordinates Outreach function of the Information Security Program, including but not limited to:

Develop and manage Security Awareness Campaigns and Consultative Outreach Program for both end user, system/application developer, and higher education community.

Coordinate information security training for UCOP and systemwide. Review and revision of content as required.

Present best practices to UC groups/departments both at OP and systemwide, and proactively make groups and departments aware of the need and method to address information security in their specific area.
Percent: 10

Duty 5: Coordinates Risk Assessment function of the Information Security Program, including but not limited to:

Guidance and, where required, conduct risk assessment on applications and systems within OP.

Coordinate systemwide to promote best practices on risk assessment, and sharing of frameworks, solutions and educational materials.

Work with Procurement, both OP and Systemwide, to ensure risk assessments are integrated into the procurement process
Function:Special Projects
Percent: 10

Job Requirements
Bachelor's degree in public policy, information science, law, or a related field and/or equivalent experience/training.

Eight to ten (8-10) years of experience in Enterprise Information Technology and five (5) years of professional experience working in Information Security, Policy, Legal and Risk Management.

Proficiency in the following competencies:

- Shows respect
- Creates a positive environment
- Takes ownership
- Aligns to team and departmental objectives
- Acts cross functionally

Demonstrated ability to be an effective leader and project manager, and to be able to set and meet deadlines. Demonstrated ability to be a self-starter, independently motivated, with the ability to think strategically and intuitively about cyber-risk level problems and issues, and to understand and focus on priorities.

Demonstrated research, analytical, and writing skills, as well as excellent interpersonal and oral communications skills reflecting tact, diplomacy, and flexibility.

Demonstrated ability to effectively develop and encourage collaborative processes, specifically through soliciting input, listening actively, and formulating collective decisions and opinions.

Demonstrated ability to work collaboratively with teams of professionals and
committees, and to be able to interact effectively with executives, faculty, and professional and support staff across the organization and in national associations.

Demonstrated direct experience with implementation of complex technology initiatives, such as network security, desktop support, etc., involving coordination with multiple groups. Demonstrated general knowledge of and expertise with resource management issues as well as network, physical, logical and wireless security issues.

Expert level written and oral skills, and competencies in IT policy development and communication.

Master degree in information technology, public policy, law or related field, education, business, or equivalent experience.

Professional experience in an academic, healthcare, or regulated environment related to information security.

Demonstrated understanding of emerging cybersecuirty, and institutional issues in the complex and rapidly changing information technology environments.

Abililty to analyze changes in cybersecurity and and their impact upon the University. Demonstrated ability to provide guidance on cyber-risk management in accordance with regulatory, statutory, and best practices issues.

Knowledge of risk assessment security domain and experience conducting risk assessments associated with technology solutions. Knowledge and experience in incidents response, litigation hold, chain of custody, and risk management (insurance).

Expertise in development and execution of education and marketing campaigns associate with cyber-risk management initiatives.

Thorough knowledge of other areas of IT and In-depth knowledge and understanding of department and campus, medical center or Office of the President processes and procedures.

Demonstrated direct experience with developing and shaping IT and information management policies to support effective implementation in operational environment.

Extensive experience in cybersecurity technology and supporting functions such as Legal, Compliance, and Privacy. Knowledge of pertinent issues, trends, technical advancements, and principles.

How to Apply
For complete job description and application instructions, visit: https://jobs.ucop.edu

About us
The University of California, one of the largest and most acclaimed institutions of higher learning in the world, is dedicated to excellence in teaching, research and public service. The University of California Office of the President is the corporate headquarters to the ten campuses, five medical centers and three Department of Energy National Labs and enrolls premier students from California, the nation and the world.

The University of California is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age or protected veteran status.

Copyright ©2017 Jobelephant.com Inc. All rights reserved.

Posted by the FREE value-added recruitment advertising agency



Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Security Manager (0662)

University of California Office of the President
Oakland, California 94607

Share this job

Information Security Manager (0662)

University of California Office of the President
Oakland, California

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account