Information Security Process Manager

University of New Mexico•Albuquerque, NM

2d•Hybrid

About The Position

The UNM Health Sciences Center Chief Information Office is seeking a self-motivated individual to serve as the Information Security Process Manager in the Information Security Office (ISO). The ISO provides enterprise security across all missions at the Health Sciences Center; clinical, academic, research, and administrative. This position provides specialized, professional-level leadership for the analysis, design, and continuous improvement of enterprise information security processes. Working within the ISO, this position applies independent judgment, cybersecurity expertise, and IT service management principles to improve process effectiveness, manage institutional risk, and support University objectives. The role operates under limited supervision and addresses work of advanced complexity with broad organizational impact. This position serves as a process owner and subject-matter expert for key security domains, including cybersecurity incident response, disaster recovery and business continuity, and change and configuration management. The Information Security Process Manager collaborates with IT leadership, project teams, and business stakeholders to ensure security processes are well-governed, measurable, documented, and aligned with regulatory requirements, industry best practices, and University policies. The role regularly prepares metrics, reports, and briefings for directors and executive leadership. The successful applicant will have strong communication skills, a collaborative approach, and the ability to work effectively with both technical and non-technical partners. This role is ideal for someone who enjoys improving processes, solving complex problems, and contributing to a service-oriented, academic health sciences environment. A commitment to customer service, continuous learning, and supporting others is essential. This is a hybrid position. To be considered for the position, candidates must submit a cover letter, completed UNM application, a resume and at least 3 professional references. The UNM HSC has earned a national and international reputation for its integrated education, patient care, research, and partnership initiatives which address the unique healthcare needs of New Mexico's urban and rural populations (http://hsc.unm.edu). See the Position Description for additional information.

Requirements

Bachelor's degree
At least 2 years of progressively responsible experience directly related to the duties and responsibilities specified.
Completed degree(s) from an accredited institution and/or experience that is directly related to the duties and responsibilities specified may be interchangeable on a year-for-year basis.

Nice To Haves

Experience leading or governing enterprise-level information security or IT service management processes of advanced complexity.
Experience working with cybersecurity principles, risk management, and regulatory or compliance frameworks applicable to higher education or large organizations.
Experience with IT service management frameworks and practices, such as ITIL, particularly in incident response, change management, configuration management, or service continuity.
Experience analyzing, documenting, and improving business or IT processes using structured methodologies (e.g., Lean, Six Sigma, or similar).
Experience developing metrics, dashboards, or performance indicators to measure process effectiveness and maturity.
Demonstrated ability to collaborate effectively with technical and non-technical stakeholders across multiple organizational units.
Experience preparing and presenting reports, recommendations, or briefings to senior management or executive leadership.
Familiarity with disaster recovery and business continuity planning, testing, or governance in a complex IT environment.

Responsibilities

Analysis, design, and continuous improvement of enterprise information security processes.
Improve process effectiveness, manage institutional risk, and support University objectives.
Serve as a process owner and subject-matter expert for key security domains, including cybersecurity incident response, disaster recovery and business continuity, and change and configuration management.
Collaborate with IT leadership, project teams, and business stakeholders to ensure security processes are well-governed, measurable, documented, and aligned with regulatory requirements, industry best practices, and University policies.
Prepare metrics, reports, and briefings for directors and executive leadership.