Assistant Chief Information Security Officer (Aciso)

Department Summary

Situated on 419 acres, five miles from the Pacific Ocean, the University of California, Los Angeles (UCLA) is enriched by the cultural diversity of the dynamic greater Los Angeles area, as well as the geographic advantages of Southern California. One of the world's preeminent public research universities, UCLA is an international leader in breadth and quality of academic, research, health care, wellness, cultural, continuing education and athletic programs, with more than 5,200 faculty members who teach approximately 47,500 students in the UCLA College and 12 professional schools.

UCLA is consistently ranked among the top institutions nationally for research funding, having generated $1.7 billion in research grants and contracts in the last fiscal year alone. The Information Technology Services (ITS) department at UCLA is a vital part of the university community, providing essential technology services and support to ensure the campus can effectively pursue its mission. It is UCLA's spirited tradition of thought leadership and commitment to excellence that enables an ambitious and resourceful approach to transforming our networked, ever-changing campus environment.

Position Summary

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures.

In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems. This includes executing a comprehensive UCLA information security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality.

The Assistant Chief Information Security Officer (ACISO) at UCLA will have comprehensive responsibility for overseeing the Information Security Operations Center (SOC), Security Engineering teams, and the Identity and Access Management (IAM) capability/team. This pivotal leadership role involves providing strategic direction and management for these units, ensuring their objectives are aligned with the university's overarching security program and broader institutional goals.

The Assistant CISO will play a key role in designing and implementing robust security infrastructure to safeguard against various threats and vulnerabilities. Additionally, they will oversee the effective detection, response, and mitigation of security incidents, including the development and refinement of incident response plans. This role also encompasses the crucial task of managing and enhancing UCLA's IAM strategies and processes, ensuring secure and efficient access control across university systems.

As a critical leader at UCLA, the Assistant CISO holds significant responsibility for fortifying the university's information security and advancing the overall security posture of UCLA and its assets.The Assistant Chief Information Security Officer will positively impact UCLA's operations and culture by protecting University stakeholders' information and data in service of the institution's academic mission. This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students. This role will execute UCLA's vision while modeling UCLA's culture and values.

Salary & Compensation

• UCLA provides a full pay range. Actual salary offers consider factors, including budget, prior experience, skills, knowledge, abilities, education, licensure and certifications, and other business considerations.
  
  Salary offers at the top of the range are not common. Visit UC Benefit package to discover benefits that start on day one, and UC Total Compensation Estimator to calculate the total compensation value with benefits.

Qualifications

7 years experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field. (Required) 6 years experience leading teams in a management or leadership role, particularly in a fast-paced, service-oriented environment. (Required) Demonstrated experience with security incident response, including leading and managing incident response teams. (Required) Experience managing large security operations and engineering teams in a complex environment. (Required) Significant experience communicating with technical and non-technical leaders. (Required) Significant demonstrated experience leading and managing teams, including advanced abilities in persuasion, negotiation, change management, and mentorship. (Required) Significant experience solving complex, technical and non-technical problems with budget, timeline, and other resource implications. (Required) Significant experience providing inclusive leadership of others, establishing and advancing an inclusive environment that values equity, diversity, inclusion and belonging. (Required) Has significant experience leading in an ever-changing, fast-paced environment. (Required) 10+ years experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field. (Preferred) 8+ years experience leading teams in a management or leadership role, particularly in a fast-paced, service-oriented environment. (Preferred) In-depth knowledge of information security functional areas and as it relates to managing large security operations and engineering teams in a complex environment. (Required) In-depth understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy / security regulations relevant to higher education and / or medical center and patient information. (Required) Strong technical skills in security technologies and tools, such as SIEM, IDS/IPS, endpoint protection, and vulnerability management. (Required) Strong knowledge of directory services (e.g., Active Directory, LDAP), Single Sign-On (SSO) technologies, multi-factor authentication (MFA) solutions, role-based access control (RBAC), identity governance and administration (IGA), and privileged access management (PAM). (Required) Highly skilled in written and verbal communications and is able to communicate on behalf of large teams and relay highly complex technical information. (Required) Able to delegate solutioning when appropriate to the proper resources. Experience operating as a point of escalation or final decision making. (Required) Integrates creative thinking and industry-leading practices into diverse team operations; has demonstrated experience inspiring teams to innovate and grow. (Required) Project management skills with significant experience delivering multiple complex projects, delegating responsibility between teams, overseeing multiple projects, managing others, and leading teams to prioritize among competing project/customer needs. (Required)

Education, Licenses, Certifications & Personal Affiliations

Bachelor's Degree Information technology, cybersecurity, computer science, public administration, business administration, communications, or related field, or equivalent experience. (Required) Other Type of Degree Advanced degree in one or more of the following fields: information technology, cybersecurity, computer science, public administration, business administration, communications. (Preferred)

Special Conditions for Employment

Background Check: Continued employment is contingent upon the completion of a satisfactory background investigation.

Live Scan Background Check: A Live Scan background check must be completed prior to the start of employment.0%

Schedule

8:00 A.M. to 5:00 P.M. PT, Monday through Friday and/or variable based upon operational needs.

Union/Policy Covered

99-Policy Covered

Complete Position Description

https://universityofcalifornia.marketpayjobs.com/ShowJob.aspx?EntityID=38&JDName=IT%20Security%20Manager%202%20(41068509)