University of Central Florida (UCF)
Chief Information Security Officer
University of Central Florida (UCF), Orlando, Florida, us, 32885
Chief Information Security Officer
Facilities and Business Operations at UCF is dedicated to fostering a conducive educational environment for our faculty, staff, students, and the broader community. We are committed to excellence, providing unparalleled expertise, and maintaining a world-class standard in service.
The UCF IT department within Facilities and Business Operations is seeking to hire a Chief Information Security Officer (CISO). This role is responsible for leading, developing, and managing the organization's comprehensive information security program.
Responsibilities Strategic Leadership and Planning
Develop, implement, and oversee the university's enterprise-wide information security strategy, policies, and procedures.
Align security initiatives with institutional goals such as digital transformation, research excellence, and compliance with FERPA, HIPAA, NIST, GLBA, and Florida state laws.
Introduce modern security tools and capabilities, and cultivate a skilled workforce to stay ahead of emerging threats from nation-state and criminal actors.
Risk Management and Compliance
Conduct regular risk and vulnerability assessments and audits to identify and mitigate threats.
Partner with the Board of Trustees' VP for Compliance and Risk, and Chief Audit Executive to ensure audit readiness.
Oversee compliance with federal, state, and industry standards, as well as domain integrity, SSL certificate management, and posture management across cloud, on-premises, and federated systems.
Security Operations and Incident Response
Direct daily security operations, including SIEM, CASB, DLP, MFA, endpoint protection, and threat intelligence.
Lead incident detection, response, and remediation efforts for cybersecurity events.
Develop and maintain disaster recovery and business continuity plans tailored for a large R1 research institution.
Awareness and Training
Design and deliver security awareness and training programs for faculty, staff, students, and researchers.
Foster collaboration with distributed IT teams, academic departments, and research groups to embed security into operations.
Network Operations and Engineering
Provide leadership for the university's network operations and ongoing modernization efforts.
Develop and track performance metrics to ensure optimal network performance, reliability, and security.
Oversee real-time issue resolution and long-term capacity planning.
Stakeholder Engagement and Advisory
Advise the CIO, President, Provost, and Board of Trustees on emerging threats, risks, and mitigation strategies.
Build partnerships with federal agencies (FBI, DHS, DoD), vendors, and higher-education consortia to strengthen threat intelligence and response capabilities.
Communicate technical risks in clear, actionable terms for non-technical audiences.
Team Leadership and Development
Supervise and mentor cybersecurity professionals, including managers and analysts.
Manage budgets, staffing, and vendor relationships to maximize the impact of security investments.
Innovation in Research Security
Safeguard research environments, including intellectual property, classified data, and collaborative platforms.
Support secure high-performance computing, AI / ML initiatives, and grant compliance.
Enhance protections that advance UCF's R1 research status.
Minimum Qualifications Minimum qualifications include a Bachelor's or Master's degree and 12+ years of relevant experience with at least 5+ years of leadership experience. Preferred qualifications include a Master's degree or Doctorate in Information Security, Computer Science, Information Technology, or related discipline, 10+ years of progressive experience in information security leadership, professional certifications such as CISSP, CISM, CISA, CRISC, or equivalent, experience working in higher education, research-intensive (R1) institutions, or large complex organizations, expertise in securing research data, intellectual property, and compliance with grant and funding agency requirements, familiarity with advanced technologies, including AI / ML, cloud platforms, and high-performance computing environments, strong background in building partnerships with federal agencies (FBI, DHS, DoD) and higher-education security consortia, demonstrated success leading network modernization and security integration projects at scale, strong knowledge of regulatory and compliance requirements such as FERPA, HIPAA, GLBA, NIST, and state / federal privacy laws, demonstrated experience leading security operations, incident response, risk management, and governance programs, proven ability to communicate complex technical risks and solutions to executives, governing boards, and non-technical stakeholders, experience managing budgets, vendor contracts, and cross-functional teams, and effective leadership skills with experience supervising, mentoring, and developing security professionals.
#J-18808-Ljbffr
The UCF IT department within Facilities and Business Operations is seeking to hire a Chief Information Security Officer (CISO). This role is responsible for leading, developing, and managing the organization's comprehensive information security program.
Responsibilities Strategic Leadership and Planning
Develop, implement, and oversee the university's enterprise-wide information security strategy, policies, and procedures.
Align security initiatives with institutional goals such as digital transformation, research excellence, and compliance with FERPA, HIPAA, NIST, GLBA, and Florida state laws.
Introduce modern security tools and capabilities, and cultivate a skilled workforce to stay ahead of emerging threats from nation-state and criminal actors.
Risk Management and Compliance
Conduct regular risk and vulnerability assessments and audits to identify and mitigate threats.
Partner with the Board of Trustees' VP for Compliance and Risk, and Chief Audit Executive to ensure audit readiness.
Oversee compliance with federal, state, and industry standards, as well as domain integrity, SSL certificate management, and posture management across cloud, on-premises, and federated systems.
Security Operations and Incident Response
Direct daily security operations, including SIEM, CASB, DLP, MFA, endpoint protection, and threat intelligence.
Lead incident detection, response, and remediation efforts for cybersecurity events.
Develop and maintain disaster recovery and business continuity plans tailored for a large R1 research institution.
Awareness and Training
Design and deliver security awareness and training programs for faculty, staff, students, and researchers.
Foster collaboration with distributed IT teams, academic departments, and research groups to embed security into operations.
Network Operations and Engineering
Provide leadership for the university's network operations and ongoing modernization efforts.
Develop and track performance metrics to ensure optimal network performance, reliability, and security.
Oversee real-time issue resolution and long-term capacity planning.
Stakeholder Engagement and Advisory
Advise the CIO, President, Provost, and Board of Trustees on emerging threats, risks, and mitigation strategies.
Build partnerships with federal agencies (FBI, DHS, DoD), vendors, and higher-education consortia to strengthen threat intelligence and response capabilities.
Communicate technical risks in clear, actionable terms for non-technical audiences.
Team Leadership and Development
Supervise and mentor cybersecurity professionals, including managers and analysts.
Manage budgets, staffing, and vendor relationships to maximize the impact of security investments.
Innovation in Research Security
Safeguard research environments, including intellectual property, classified data, and collaborative platforms.
Support secure high-performance computing, AI / ML initiatives, and grant compliance.
Enhance protections that advance UCF's R1 research status.
Minimum Qualifications Minimum qualifications include a Bachelor's or Master's degree and 12+ years of relevant experience with at least 5+ years of leadership experience. Preferred qualifications include a Master's degree or Doctorate in Information Security, Computer Science, Information Technology, or related discipline, 10+ years of progressive experience in information security leadership, professional certifications such as CISSP, CISM, CISA, CRISC, or equivalent, experience working in higher education, research-intensive (R1) institutions, or large complex organizations, expertise in securing research data, intellectual property, and compliance with grant and funding agency requirements, familiarity with advanced technologies, including AI / ML, cloud platforms, and high-performance computing environments, strong background in building partnerships with federal agencies (FBI, DHS, DoD) and higher-education security consortia, demonstrated success leading network modernization and security integration projects at scale, strong knowledge of regulatory and compliance requirements such as FERPA, HIPAA, GLBA, NIST, and state / federal privacy laws, demonstrated experience leading security operations, incident response, risk management, and governance programs, proven ability to communicate complex technical risks and solutions to executives, governing boards, and non-technical stakeholders, experience managing budgets, vendor contracts, and cross-functional teams, and effective leadership skills with experience supervising, mentoring, and developing security professionals.
#J-18808-Ljbffr