Associate Director Information Security

About The Position

Requirements

• Master's and 4+ years of relevant experience or Bachelor's degree and 6+ years of relevant experience. Or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219.
• Excellent verbal and written communication skills
• Demonstrate a strong commitment to delivering high-quality customer service.
• The successful candidate will be a highly motivated self-starter, capable of managing multiple deadlines and effective in a fast-paced environment.
• This role requires experience with internet technologies and information security issues, including: Risk assessments Compliance testing
• As well as demonstrated expertise in security policy development, security awareness, and education programs Risk analysis, network penetration testing, and application vulnerability assessments.
• The position requires comprehensive knowledge of: Information security standards and frameworks (such as ISO 17799/27002) Applicable rules and regulations governing information security and data confidentiality (including FERPA, HIPAA, and similar requirements), and Hands-on understanding of desktop, server, application, database, and network security in Linux and Microsoft Windows Server environments.
• Familiarity with change management processes as they relate to information security is required.

Nice To Haves

• Experience managing, leading, or expanding a Security Operations Center
• Experience working within a higher education environment
• Experience managing and developing operational and capital budgets

Responsibilities

• Provide leadership, coordination, and technical direction for the University’s information security systems, services, and programs.
• Execute and operationalize the Information Security strategic plan, translating strategy into measurable, day-to-day security initiatives and outcomes.
• Contribute to the development, refinement, and maturation of the University’s information security strategy, standards, and roadmaps.
• Serve as a subject matter expert on information security risks, controls, and best practices within a higher education environment.
• Direct and support security operations, including: Incident response and cyberattack preparedness Threat mitigation and vulnerability management Risk assessments and compliance testing Disaster recovery and cybersecurity training exercises
• Implement and maintain security standards, audit processes, and monitoring capabilities to identify, assess, and remediate security risks.
• Analyze existing security operations and recommend improvements to enhance protection, efficiency, and scalability of security services.
• Lead, supervise, and mentor a team of security professionals, including security engineers, analysts, managers, and interns.
• Provide operational oversight and strategic guidance for a Student-Led Security Operations Center (SOC), in partnership with the SOC Manager.
• Support student workforce development by ensuring appropriate security processes, training pathways, and real-world learning opportunities within the SOC.
• Delegate work, manage priorities, and resolve escalations to ensure effective and timely delivery of security services.
• Participate in the development, implementation, and maintenance of information security policies, standards, and procedures.
• Ensure alignment with applicable legal, regulatory, and contractual requirements, including FERPA, HIPAA, and other data protection obligations.
• Act as a trusted advisor to University leadership, faculty, staff, and students on information security matters.
• Partner with campus stakeholders to support secure administrative, academic, and research technology initiatives.
• Develop and maintain clear documentation, standards, and guidance related to security controls, procedures, and high-risk data.
• Promote a culture of secure computing through education, awareness, and engagement activities.
• Serve on University committees, task forces, and working groups related to information security, risk management, and compliance.
• Serve as a Tier 2 respondent during declared campus and technology emergencies.
• Assist leadership with coordination for technology disaster recovery and business continuity plans.
• Maintain regular communication with IT leadership and the campus community during incidents.
• Perform job-related duties remotely or on campus as required during emergencies.
• The incumbent provides supervision to the Information Security team.