Information Security Professional I

About The Position

Requirements

• Bachelor’s degree; or High School Diploma (or equivalent) and 4 years of relevant work experience in lieu of degree or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219(6).

Nice To Haves

• Experience with Identity and Access Management (IAM) tools and processes and hands-on experience managing privileged accounts and machine identities.
• Familiarity with NIST Cybersecurity Framework (CSF), CMMC compliance requirements and knowledge of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
• Strong understanding of audit preparation and compliance documentation.
• Ability to create and maintain Standard Operating Procedures (SOPs) and Work Instructions (WIs).
• Excellent communication skills for training and awareness programs.
• Experience working in higher education IT environments or similar regulated industries.
• Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Identity and Access Manager (CIAM).
• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.

Responsibilities

• Manage and Audit Privileged Accounts: Design and improve processes to track highly privileged accounts and perform annual audits in line with NIST Cybersecurity Framework (CSF) and CMMC requirements.
• Stay Current on Compliance Standards: Maintain up-to-date knowledge of evolving NIST CSF and CMMC requirements and their impact on identity and access management in higher education.
• Promote Awareness and Training: Provide training and raise awareness on policies and procedures related to NIST and CMMC compliance.
• Manage Machine Identities: Develop and enhance processes for tracking machine identities (e.g., service accounts, application registrations, service principals) and audit them annually.
• Support Access Governance: Assist with identity and access management governance activities, including adoption of NIST CSF-based requirements for enterprise resource planning systems.
• Document Processes: Build and maintain Standard Operating Procedures (SOPs) and Work Instructions (WIs) for identity security and related business processes.
• Participate in Change Management: Engage in Change Advisory Board (CAB) processes and configuration management when appropriate.
• Assist with Assessments and Audits: Help prepare for internal and third-party assessments required by NIST CSF, CMMC, and other audits.
• Manage Administrative Access: Develop processes to manage, report, and audit administrative access to endpoints across campus in compliance with NIST CSF and CMMC.
• Contribute to Security Planning: Support the creation and execution of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms) related to identity security.

Benefits

• Benefit packages, including Medical, Dental, Vision, Life Insurance, Flexible Spending, and Employee Assistance Program
• Paid time off, including annual and sick time off and paid holidays
• Retirement savings options
• Employee discounts, including tickets to many Orlando attractions
• Education assistance