Careers

Information Security Lead

Apply now Job no: 503876
Position type: Staff Full Time
Campus: UMass President's Office
Department: UITS-Security Operations
Categories: Information Technology
Advertised: Eastern Standard Time
Applications close: Eastern Standard Time

Position Summary:

The Information Security Lead is a technical / supervisory role in the Information Security department supporting the Chief Information Security Officer with developing and maintaining a comprehensive information security program and managing a team of subject matter experts. The Lead will be required to provide direct experience with secure design, policy writing, troubleshooting, monitoring, incident management, procurement, training and end user support functions.

The Information Security Lead will work with each of the UMass campuses, procurement, legal, treasury, human resources, internal audit as well as a large population of skilled IT professionals across all technical verticals. In addition, the Security Lead will need to feel comfortable adapting to a given audience, and must be capable of developing discrete actionable tasks and plans. The Lead  must adapt to a wide range of  competing priorities and think and work independently to develop solutions and effect change.

The Information Security Lead will be a driven self-starter who executes on work projects with little intervention. The Lead works effectively being a SME and can develop ideas and strategy with actionable plans. The Lead will be part of the UITS Senior Management Team and will collaborate with other senior managers in UITS on cross-functional initiatives focused on process improvement, staff and organizational development, and adoption of new capabilities.

Essential Functions:

  • Oversee information security awareness training to UMass President’s Office personnel
  • Collaborate, create and manage security strategies
  • Oversee information security audits performed by internal and external organizations
  • Manage security team members including prioritizing work, coaching, performance management, professional development, and ensuring a positive and results-driven team environment.
  • Evaluate department budget and costs associated with technology deployments
  • Assess current technology architectures for vulnerabilities, weaknesses and for possible upgrades or improvement
  • Implement and/or oversee technology upgrades, improvements and major changes to the information security platforms
  • Provide expertise with physical security, privacy, disaster recovery and cloud technologies
  • Communicate information security goals and new programs effectively with other department managers within the organization

Other Functions/Responsibilities:

  • Typical information technology or business line off-hours configuration and on-call support are also required for this position, as well general support of other UITS team projects and initiatives as well as responding to any type of institutional incident.

Minimum Qualifications:

  • Bachelor’s degree in a technical or humanities discipline, or equivalent experience
  • Minimum of (3) three years of experience in a supervisory capacity
  • 5-7 years production support and hands-on work experience in high performance information security environments with an ability to resolve complex issues in a multiple vendor, technology, and customer environment
  • Networking, firewall, and application deployment experience
  • Web application firewall knowledge, configuration, and support experience
  • Experience with any outsourced IT environment including SaaS, cloud or trusted third party
  • Excellent oral and written communication skills with ability to develop and deliver presentations (MS Word, PowerPoint, Visio or any cloud based equivalent)
  • Strong interpersonal skills with ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies and organizational relationships
  • Specific skills and working knowledge of networking, security, and application architectures and protocols
  • Detailed knowledge of at least one industry standard information security framework and will be able to describe its implementation in a diverse and complex enterprise level entity

Preferred Qualifications:

  • Higher Education experience
  • Any industry related certification (Vendor, ISC2, GIAC, SANS, ISACA, CSA etc) – if you don’t have a certification, we’ll expect you to achieve at least one certification within one year of hire and we have learning resources to support you in that goal
  • Experience with any SIEM product or deployment
  • Network Access Control (NAC) or any role based access experience
  • Cloud Access Security Broker (CASB) experience
  • CIS20 experience
  • Disaster Recovery or Business Continuity Planning experience
  • General data privacy experience

Working Conditions:

  • General office environment in a professional facility
  • Some remote site work is required as dictated by equipment installations, modifications, or troubleshooting
  • On call and off hours work may be required
  • Some travel to University locations across Massachusetts will be required

Additional Information:

Salary up to $130,000.00

Back to search results Apply now Refer a friend

Share this:

| More

The University of Massachusetts is an Equal Opportunity/Affirmative Action, Title IX employer. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, ancestry, age over 40, protected veteran status, disability, sexual orientation, gender identity/expression, marital status, or other protected class.