Careers

Job Summary:

This is a technical/supervisory role in the Information Security department supporting the Chief Information Security Officer with developing and maintaining a comprehensive information security program and managing a team of subject matter experts. You will be required to provide direct experience with secure design, policy writing, troubleshooting, monitoring, incident management, procurement, training, and end user support functions.

You will work with each of the UMass campuses, procurement, legal, treasury, human resources, internal audit as well as a large population of skilled IT professionals across all technical verticals. In addition, you will need to feel comfortable adapting to a given audience and must be capable of developing discrete actionable tasks and plans. You must adapt to a wide range of competing priorities and think and work independently to develop solutions and effect change.

You will be a driven self-starter who executes on work projects with little intervention. You should feel comfortable working effectively as an SME and can develop ideas and strategy with actionable plans. You will be part of the UITS Senior Management Team and will collaborate with other senior managers in UITS on cross-functional initiatives focused on process improvement, staff and organizational development, and adoption of new capabilities.

Essential Functions:

• Oversee information security awareness training to UMass President’s Office personnel
• Collaborate, create and manage security strategies
• Oversee information security audits performed by internal and external organizations
• Manage security team members including prioritizing work, coaching, performance management, professional development, and ensuring a positive and results-driven team environment.
• Evaluate department budget and costs associated with technology deployments
• Assess current technology architectures for vulnerabilities, weaknesses and for possible upgrades or improvement
• Implement and/or oversee technology upgrades, improvements and major changes to the information security platforms
• Provide expertise with physical security, privacy, disaster recovery and cloud technologies
• Communicate information security goals and new programs effectively with other department managers within the organization

Other Functions:

• Typical information technology or business line off-hours configuration and on-call support are also required for this position, as well general support of other UITS team projects and initiatives as well as responding to any type of institutional incident.

Minimum Qualifications (Knowledge, Skills, Abilities, Education, Experience):

• Bachelor’s degree in a technical or humanities discipline, or equivalent experience
• Minimum of (3) three years of experience in a supervisory capacity or currently performing a supervisory role
• 5-7 years production support and hands-on work experience in high performance information security environments with an ability to resolve complex issues in a multiple vendor, technology, and customer environment
• Networking, firewall, and application deployment experience
• Cloud security knowledge, configuration, and support experience
• Experience with any outsourced IT environment including SaaS, cloud or trusted third party
• Excellent oral and written communication skills with ability to develop and deliver presentations (MS Word, PowerPoint, Visio or any cloud-based equivalent)
• Strong interpersonal skills with ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies and organizational relationships
• Specific skills and working knowledge of networking, security, and application architectures and protocols
• Detailed knowledge of at least one industry standard information security framework and will be able to describe its implementation in a diverse and complex enterprise level entity

Preferred Qualifications (Knowledge, Skills, Abilities, Education, Experience):

• Higher Education experience
• Any industry related certification (Vendor, ISC2, GIAC, SANS, ISACA, CSA etc) – if you don’t have a certification, we’ll expect you to achieve at least one certification within one year of hire and we have learning resources to support you in that goal
• Experience with any SIEM product or deployment
• Network Access Control (NAC) or any role based access experience
• Cloud Access Security Broker (CASB) experience
• CIS18 experience
• Disaster Recovery or Business Continuity Planning experience
• General data privacy experience

Working Conditions:

• General office environment in a professional facility
• Some remote site work is required as dictated by equipment installations, modifications, or troubleshooting
• On call and off hours work may be required
• Some travel to university locations across Massachusetts will be required

Additional Details:

Salary commensurate with experience up to $130,000.