Manager of Security Operations

About The Position

Requirements

• Bachelor's degree in information systems or related field,
• Eight (8) years of progressive IT experience.
• Five (5) years in information security or identity management.
• Two (2) years in a managerial or supervisory role.
• OR twelve (12) of an equivalent mix of education and relevant experience in similar role.
• Ability to think critically and analytically to identify, analyze, and resolve complex problems and security-related issues within the organization's IT environment.
• Proficiency in employing a systematic approach to break down problems and develop effective solutions.
• Demonstrated understanding of high-level policies, regulations, and industry best practices related to information security and the ability to apply them to daily responsibilities.
• Familiarity with relevant frameworks and standards such as NIST, ISO, or CIS Controls.
• Proven ability to work proactively and independently, taking ownership of assigned tasks and projects related to security operations.
• Capacity to identify potential risks and vulnerabilities, anticipate security needs, and implement proactive measures to mitigate them.
• Ability to exercise sound judgment and make informed decisions based on available information and established security protocols.
• Capability to assess risks and prioritize actions to ensure the protection of sensitive data and systems.
• Excellent verbal, written, and interpersonal communication skills, enabling clear and concise communication with various stakeholders including IT teams, management, and business personnel.
• Proficiency in translating technical security concepts into understandable terms for non-technical audiences.
• A solid understanding of industry-standard security frameworks and best practices.
• Applicants for this position must pass a Criminal Justice Information Systems (CJIS) fingerprint-based background check and maintain CJIS eligibility. Due to CJIS requirements related to system access, the following will result in being disqualified for this position: Felony Convictions, Felony Deferred Adjudication, Class A Misdemeanor, Class B Misdemeanor Convictions in the last 10 years, Class A Misdemeanor Deferred Adjudication, Class B

Nice To Haves

• Master's degree in information security, or related field.
• Experience leading and mentoring security teams, a solid grasp of IT risk management principles, and a proven track record of implementing and maintaining security controls.
• Certifications for this role include CISSP, CISM, and CPP.

Responsibilities

• Develop a DevSecOps program of security and identity, addressing risks and business requirements.
• Focus on automation and orchestration to ensure system agility and security.
• Develop budget projections aligned with short- and long-term goals for business growth.
• Monitor and report on compliance with security policies and enforce policies within the IT department.
• Propose changes to existing policies and procedures for operational efficiency and regulatory compliance.
• Manage staff of information security and identity management professionals, fostering growth and versatility.
• Assist resource owners and IT staff in understanding and responding to audit risks.
• Provide communication, awareness, and training for various stakeholders.
• Establish mutually acceptable contracts and service-level agreements with vendors and internal departments.
• Work with stakeholders to classify data and systems within a control framework implementation.
• Participate in information security and identity and access management governance processes.
• Define metrics and reporting strategies to communicate successes and progress in the security and identity program.
• Consult with IT and campus staff to incorporate security and identity management into hardware, application, and software evaluation, selection, installation, and configuration.
• Recommend and coordinate the implementation of technical controls to enforce policies.
• Research, evaluate, and plan the implementation of new hardware or software, considering its impact on the existing environment.
• Coordinate with the Information Security Office and report on technical aspects of security and identity management.
• Manage outsourced vendors' compliance with service-level agreements.
• Oversee incident management, knowledge base maintenance, and testing procedures.
• Performs other duties as assigned

Benefits

• We are proud to offer a comprehensive benefits package to all our employees at the University.
• https://www.uta.edu/hr/employee-benefits