Provides support for the operational and consultative functions of the University of the Pacific Information Security Office in collaboration with the Office of Information Technology and stakeholders across the University. Leads one or more aspects of the information security program under CISO supervision, maintains broad involvement in the information security and risk management program, and acts as a subject matter expert in multiple information security domains.
1. May function as a technical leader, either as a subject matter expert with proficiency in on or more defined area(s) of information security (network architecture, forensics, penetration testing, incident response, IT governance, risk management, etc) or as a generalist, with a broad knowledge of all aspects of the information security profession.
2. May function as a team leader, responsible for supporting management in day-to-day personnel oversight and management activities.
3. Through technical expertise, thought leadership, and effective communication, assists in developing and establishing the strategic direction for the information security program and development and enforcement of information security policies, standards, procedures, and processes.
4. Actively surveys the external environment to identify emerging industry trends and technologies that are relevant to reducing the organization’s information security risk. Conducts threat-modeling exercises and analyzes business objectives to identify, document, and establish security requirements for strategic IT initiatives.
5. Leads complex information security initiatives, coordinating with project management and technical resources from other departments to achieve project objectives.
6. Assists in the risk assessment and mitigation process by working with data owners and custodians to identify information assets, perform risk analysis, review or develop security plans, determine control objectives, perform control gap analysis, and recommend or implement solutions.
7. Acts as a primary liaison to information security product and service vendors, escalating support issues and communicating product enhancement requests.
8. As appropriate, participates in external professional organizations that are relevant to the objectives of the information security program.
9. Develops and delivers training on information security policies, standards, procedures, and best practices for faculty, staff, students, and others.
10. Identifies and assists in remediation of information security threats, including internal and external attackers, malicious software, malicious websites, social engineering, physical security, etc.
11. Performs other related duties as assigned.
How to Apply
Apply on University of the Pacific employment website. Job may also allow working from Sacramento, CA campus.