Responsible for supporting day-to-day information security operations and governance, risk and compliance (GRC) functions of the Information Security Office. Major functions include information security risk management, security policy enforcement, 3rd party vendor management, providing oversight on monitoring intrusion detection and prevention systems, vulnerability assessments and remediation. Assist with the development and delivery of risk assessments and risk mitigation. Assist with the development, monitoring, and enforcement of policy and practice standards to ensure that UT Arlington’s resources and information are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion.
1. Governance, Risk and Compliance (GRC) – Assist with: information security risk management; develop or implement risk assessments, risk identification methods, track controls, audit controls, risk ranking, risk disposition, etc. Lead due-diligence risk reviews of third parties, new software and/or applications. Support office operations and procedures that ensure compliance with applicable state and federal requirements, e.g. PCI, GLBA, FERPA, TAC 202, NIST 800-171, etc. Provide risk consulting to institution stakeholders, make recommendations on remediation of risks and assist business owners with information security risk assessments and risk treatment plans. Assist with the Information Security Advisory Committee, and other security governance activities. Assist with the development, monitoring, and enforcement of policy, along with policy exception tracking.
2. Security Metrics and Reporting – Assist with periodic reports for the President, Executive Management, UT System and Texas DIR. Maintain the Information Security Office Risk Register and risk reports.
3. Information Security Projects – Assist with the development of requirements for, and take part in, information security projects. Provide strategic direction and consulting to support cross-functional security activities and project teams including security strategy, solution, architecture, technology products, design and implement security architecture, infrastructure hardening and compliance. Interface with OIT and non-OIT personnel to resolve security related issues.
4. Security Monitoring – Assist with monitoring the security of specific components or supporting infrastructure at UTA- including but not limited to Intrusion Prevention Systems, Intrusion Detection Systems, vulnerability scanning, Security Incident Event Management (SIEM), log analysis, firewall rules, Virtual Private Networks (VPNs), identity management, access management, risk assessments, encryption, sensitive data discovery, Data Loss Prevention (DLP), Mobile Device Management MDM. Reports, records, and works with departments to resolve security related issues and incidents.
5. Security Awareness – Support the development and implementation of security awareness training programs. Performs other duties assigned.
Bachelor's degree in information technology or related field with three to four (3-4) years of experience in one or more of the following: networks, databases, security, web development, IT audit or risk management or the equivalent experience.
In depth knowledge and practical experience with security controls and implementing and/or auditing risk frameworks, e.g. NIST 800 series, ISO 20001, CIS Top20. Knowledgeable about information security risk management practices.
Master's degree preferred. Certifications related to the duties and responsibilities specified, including but not limited to: CISSP, CISM, CRISC, and/or CISA.
Technical knowledge of operating systems, defense-in-depth concepts, networks, security related technologies, and security configurations. Working knowledge of Microsoft Windows, Linux/UNIX systems, firewalls, TCP/IP, VPN, DNS, access management, encryption, configuration management, vulnerability scanning, and application security best practices.
Experience in the implementation of GRC strategies. Solid knowledge regarding risk management practices and GRC concepts and automation tools.
Applicants must include in their online resume the following information: 1) Employment history: name of company, period employed (from month/year to month/year), job title, summary of job duties and 2) Education: school name, degree type, and major.
UTA is an Equal Opportunity/Affirmative Action institution. Minorities, women, veterans and persons with disabilities are encouraged to apply. Additionally, the University prohibits discrimination in employment on the basis of sexual orientation. A criminal background check will be conducted on finalists. The UTA is a tobacco free campus.
Open Until Filled: No
Location: Ft. Worth
Internal Number: 10124
About University of Texas at Arlington
With annual research expenditures in excess of $100M, the University of Texas at Arlington is a Carnegie Research-1 “highest research activity” institution committed to life-enhancing discovery, innovative instruction, and caring community engagement. A leading institution in the heart of the thriving North Texas region, UTA nurtures minds within an environment that values excellence, ingenuity, and diversity. With a total global enrollment of over 59,000 in AY 2018-19, UTA is one of the largest institutions in the University of Texas System. Guided by its Strategic Plan Bold Solutions | Global Impact, UTA fosters interdisciplinary research and teaching to enable the sustainable megacity of the future within four broad themes: health and the human condition, sustainable urban communities, global environmental impact, and data-driven discovery. UTA was cited by U.S. News & World Report as having the second lowest average student debt among U.S. universities in 2018. U.S. News & World Report also ranks UTA fourth in the nation for undergraduate diversity. The University is a Hispanic-Serving Institution and is ranked as the top four-year college in Texas for veterans on Military Times’ 2018 Best for Vets list.