Director, IT Security Operations

About The Position

Requirements

• Bachelor's degree in relevant field
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Security + Certified Ethical Hacker
• Cloud Security certification
• 7+ years of experience in information security, especially on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
• 7+ years of experience in another IT function, especially IT Audit
• 7+ years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)
• Ability to react quickly, decisively and deliberately in high-stress, high-impact situations
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Ability to lead, motivate, develop, and train others.
• Skill in collecting, organizing, and analyzing data.
• Knowledge of business and management principles.
• Ability to direct, manage, implement, and evaluate department operations.
• Ability to establish department goals, and objectives that support the strategic plan.
• Ability to effectively plan, delegate and/or supervise the work of others.
• Any appropriate combination of relevant education, experience and/or certifications may be considered.

Responsibilities

• Supervises the performance management of all assigned staff including making decisions as they pertain to hiring, training, evaluation, promotion, and termination.
• Manages daily operations and directs staff to achieve departmental goals and objectives.
• Assumes responsibility for campus-wide initiatives involving computer support services.
• Develops, promotes, and maintains standards as they relate to technical support services and devices, including manufacturing and architectural standards.
• Designs improved work systems by revising work standards, policies, and procedures.
• Directs and manages project plan development, risk assessment, communications, budget tracking, status reporting, vendor management, and successful project completion.
• Manages projects with support staff by giving them a clear understanding of the departmental mission.
• Monitors project prioritization, active projects, and the development of dashboard and reporting mechanisms.
• Assumes responsibility for enterprise-wide IT projects and ensures an efficient and timely conclusion.
• Contributes to strategic plan and assists in providing short- and long-term solutions to help meet campus-wide strategic and tactical planning initiatives.
• Communicates with administration and staff regarding the efficient and timely delivery of services.
• Performs follow-up investigations on inquiries, complaints, and problems.
• Assists in the determination of critical milestones.
• Seeks ways to improve operations and oversees the preparation of productivity reports.
• Establishes departmental goals and objectives, identifies areas of improvement, and implements action plans to meet these.
• Attends professional meetings, workshops, conferences, and seminars to keep abreast of technological market advancements.
• Establishes and continuously assesses the effectiveness of the internal controls within the unit and compliance with University policies and procedures.
• Ensures employees are trained on controls within the function and on University policy and procedures.
• In charge of managing the enterprise security operations team
• Serve as the main point of contact for supporting the enterprise patch and vulnerability management
• In charge of managing and monitoring the University’s security platforms
• Serve as the point of contact with Managed Detection and Response security service sroviders/MDDRs
• Manage the day-to-day Enterprise IT Security Operations
• Oversee the day-to-day deploying and managing end-point protection solutions
• Oversee the log ingestion from all enterprise critical systems and applications in the Security Incident and Event Monitoring (SIEM) and MDR tools
• Experience in Cybersecurity Incident Response
• Responsible for periodically reviewing network and security architecture
• Evaluate and provide recommendations on implementation of security controls to detect, prevent, protect the University’s network resources
• Support all cybersecurity incident response (IR) investigations, help prioritize the necessary actions to protect the University’s network resources
• Stay current with industry trends, emerging threats, and best cybersecurity practices
• Collect, analyze, and disseminate cyber threat intelligence from various sources to stay ahead of emerging threats

Benefits

• The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more.