Information Security Professional II

About The Position

Requirements

• Bachelor’s degree and 2 years of relevant experience; or High School Diploma (or equivalent) and 6 years of relevant work experience in lieu of degree. Or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219.
• Applicant must be authorized to work for any U.S. employer, as sponsorship is not available for this position now or in the future.
• Position requires a valid Class E driver’s license.
• The position may involve driving to various locations on and off campus to conduct University business.

Nice To Haves

• 2+ years of progressively responsible professional experience in information security, IT risk management, vendor risk management programs, compliance, or related technical areas.
• Knowledge of information security frameworks, standards, and regulations (e.g., NIST, ISO 27001, FERPA, HIPAA, GLBA).
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Professional security certifications such as CISSP, CISM, CISA, Security+, or equivalent.
• Familiarity with higher education IT environments and unique compliance requirements.
• Demonstrated ability to research and apply emerging security technologies and practices.
• Strong customer service, analytical, problem-solving, and communication skills to foster productive partnerships across multiple units to maintain the confidentiality, integrity, and availability of institutional data.

Responsibilities

• Conduct vendor risk reviews and manage the Vendor Risk Management (VRM) program.
• Partner with business units and InfoSec teams to assess compliance, identify risks, and recommend corrective actions.
• Perform risk, compliance, and vulnerability analyses of existing and proposed technology solutions, and communicate recommendations to stakeholders.
• Maintain and monitor compliance with university security policies, standards, applicable laws, and contractual obligations.
• Track remediation efforts, verify security patches, and ensure required configurations are in place.
• Develop and maintain information security policies, standards, guidelines, and best practices.
• Monitor and analyze security data, including vulnerability scans, system assessments, patch details, and configurations.
• Coordinate and track mitigation and remediation activities with relevant parties.
• Research and evaluate new security tools, technologies, and practices to address emerging threats.
• Use automated and manual techniques to identify, validate, and assess security vulnerabilities.
• Proactively identify security trends and evolving cyber-attack techniques to strengthen the university’s security posture.
• Conduct compliance activities to ensure security objectives and best practices are met.
• Provide excellent customer service and foster productive working relationships while protecting the confidentiality, integrity, and availability of institutional data.
• Perform other related duties as assigned.

Benefits

• Benefit packages, including Medical, Dental, Vision, Life Insurance, Flexible Spending, and Employee Assistance Program
• Paid time off, including annual and sick time off, and paid holidays
• Retirement savings options
• Employee discounts, including tickets to many Orlando attractions
• Education assistance
• Flexible work environment