Information Security Compliance Manager

University of Central Florida•Orlando, FL

About The Position

UCF IT's Information Security Office seeks applications for an IT Security Compliance Manager. This position is responsible for overseeing day to day cybersecurity compliance for research identified to require adherence to federal standards and regulations such as DFARS 252.204-7012, NIST 800-171, NIST 800-53, HIPAA Security Rule, and Export Control/ITAR. This position will lead a team of compliance analysts and risk assessors and oversee compliance administration activities within the Research Cyber Risk Management team of the Information Security Office. The Manager will ensure continuous monitoring tasks are conducted and deficiencies (if any) are identified and resolved, will support risk and security assessments, and will maintain system security plans. Additionally, this role will establish, review, and update cybersecurity compliance policies, procedures, and guidelines to meet current federal requirements.

Requirements

Bachelor’s degree and 4 years of relevant experience; or High School Diploma (or equivalent) and 8 years of relevant work experience in lieu of degree, or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219(6).
Demonstrated organizational abilities and attention to detail.
Demonstrated strong written and oral communication.
Outstanding interpersonal and communication skills.
Applicant must be authorized to work for any U.S. employer, as sponsorship is not available for this position.

Nice To Haves

Experience managing CUI in accordance with DFARS 7012, NIST SP 800-171, or NIST 800-53.
6+ years of experience with federal compliance frameworks and information security.
Interest in developing, documenting, and maintaining security policies, standards, and procedures.
Experience in university-based research projects.
Experience with federal agencies.
Information Security certification.
Strong Microsoft Office skills.

Responsibilities

Provides oversight for the review and tracking of contractual data protection requirements and completion of associated compliance activities for research contracts.
Leads compliance administration activities, ensuring continuous monitoring tasks are conducted and deficiencies (if any) are identified and resolved.
Works closely with Knight Shield Operations team, supporting risk and security assessments for the enclave and research projects, and maintenance of the Knight Shield System Security Plan.
Establishes, reviews, and updates cybersecurity compliance policies, procedures and guidelines to meet current federal requirements.
Employs federal standards and practices based on NIST, CSF, and DOD guides when planning, designing, and documenting the security controls and derived requirements to be implemented.
Communicates effectively with industry partners, university colleagues, and peer institutions to ensure compliance and information security initiatives of the Office are met.
Provides IT security consulting services and training for researchers and university entities.
Provides metrics/reports as required.
Stays abreast of current security concerns and changes in the federal landscape affecting cybersecurity.
Other duties as assigned.

Benefits

Benefit packages, including Medical, Dental, Vision, Life Insurance, Flexible Spending, and Employee Assistance Program
Paid time off, including annual and sick time off and paid holidays
Retirement savings options
Employee discounts, including tickets to many Orlando attractions
Education assistance

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume