This is the most senior security executive for both UC San Diego Health and UC Irvine Health. This role will be responsible for setting the strategic vision for Cyber Security protection for both organizations as well as ensuring tactical execution and day-to-day operations occur in a industry leading manner. This role needs to have a high degree of comfort in communicating throughout all levels of the organizations to appropriately communicate and develop alignment and support around the Cyber Security program.
Primary responsibility involves monitoring, detecting, protecting and maintaining the security of data, systems and networks. Plans, configures, designs, develops implements and maintains tools, systems and procedures to insure the integrity, reliability and security of data, systems and networks.
Oversees through subordinate managers one or more large, complex departments or business units with multiple functional disciplines / occupations, OR manages a program, regardless of size, that has critical impact upon the organization as a whole, such as most or all of a campus, medical center, UCOP or the UC System. Has significant responsibility for formulating and administering policies and programs, manages significant human, financial, and physical resources, and functions with a very high degree of autonomy. Oversees through subordinate managers the accountability and stewardship of department resources and the development of systems and procedures to protect organizational assets.
Participates with other senior managers to establish strategic plans and objectives to protect privacy and security for the organization. Makes decisions on IT security matters and ensures achievement of short and long term strategic objectives. Responsible for managing and directing a large department or organization-wide program(s) relating to security and privacy compliance. Reviews and approves recommendations for operational planning and control. Erroneous decisions will have a serious impact on the overall success of department, division, or organization.
Directs IT compliance for entire organization with privacy and security regulations.
Oversees through subordinate managers all programs, projects and activities required to support organization and / or systemwide stewardship of electronic resources.
Advises and directs senior managers and executives throughout system on privacy, security and compliance.
Directs all communication and awareness initiatives to drive and integrate organization-wide IT privacy and security strategies.
Guides senior management on controversial situations and negotiations.
Serves as the organization authority and representative in organization-wide, systemwide or national meetings regarding privacy, security, policy, and communication expertise in the higher education sector.
Leads issues, projects and initiatives that are diverse in scope and complexity.
Other duties as assigned.
Minimum of one professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is required.
Bachelor's degree or related area, and / or equivalent combination of experience / training.
Ten (10) years or more of experience managing an Information technology organization.
Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry/Data Security Standard and FISMA.
Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
Project management skills: financial/budget management, scheduling and resource management.
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST.
Experience with contract and vendor negotiations.
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
Master's degree or higher.
Must pass a background check.
Must pass physical and TB test.
Must be able to work various hours and locations based on business needs.
UC San Diego is an academic powerhouse and economic engine, recognized as one of the top 8 public universities by U.S. News and World Report. Innovation is central to who we are and what we do. Here, students learn that knowledge isn't just acquired in the classroom - life is their laboratory. UC San Diego's rich academic portfolio includes six undergraduate colleges, five academic divisions and five graduate and professional schools. The university's award-winning scholars are experts at the forefront of their fields with an impressive track record for achieving scientific, medical and technological breakthroughs.