The Information Security Office (ISO) Risk Manager oversees core information security functions in the risk, compliance and outreach areas for the university. The ISO Risk Manager is responsible for establishing and maintaining an enterprise-wide information security risk management program to support the adequate protection of university's information assets. This position is responsible for leading a team and a program for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. This includes the establishment of formal guidelines for secure technologies, architectures, and programs, such as: GRC tool, vendor risk assessments, PCI compliance, unit/department risk assessments, etc. This position will work with the CISO and other ISO managers to develop, manage, and report on risk metrics at all levels within the university. It will also proactively work with business units to implement practices that meet defined policies and standards for information security. The ISO Risk Manager also oversees a variety of IT-related risk management activities, as well as outreach, and compliance activities. This position is classified as remote with occasional visits to the campus as needed. Working hours will be based on Pacific Standard Time (PST). The maximum budgeted annual salary for this position is $131,100. As a condition of employment, you will be required to comply with the University of California SARS-CoV-2 (COVID-19) Vaccination Program Policy. All Covered Individuals under the policy must provide proof of Full Vaccination or, if applicable, submit a request for Exception (based on Medical Exemption, Disability, and/or Religious Objection) or Deferral (based on pregnancy) no later than the applicable deadline. For new University of California employees, the applicable deadline is eight weeks after their first date of employment.
Bachelor's degree or equivalent work experience with an emphasis in computer science, data processing, computer information systems, or in a related field.
6 - 10 years of related experience.
Previous supervisory/managerial experience.
Educational Condition Requirements
Responsible for supervising the daily activities of IT security analysts who plan, design, develop, implement and maintain systems and programs to insure the integrity, reliability and security of data and systems.
Assesses the impact on the organization caused by theft, destruction, alteration, or denial of access to information.
Collaborates across the central IT (ITS), Security Leads across campus, and the campus community, as well as across the UC system on developing, maintaining, and communicating information security best practices.
Designs and implements security policies to control access to systems.
Develops and implements standards for appropriate security checkpoints and encryption methods.
Supervises the development of methods and procedures on new assignments and provides leadership to other members of department.
Recommends changes to department policies and procedures to enhance effectiveness of functional area.
Participates in developing and monitoring operational and budget processes, staff FTE, finance, human resources and space planning.
Participates in the development and monitoring of policies and procedures for department or department operations.
Recommends hiring of new employees, salary actions, terminations, and performance ratings.
Required to participate in ongoing professional development, training and educations.
Knowledge, Skills & Abilities
Advanced knowledge of the IT security function.
Expert knowledge of data encryption technologies.
Advanced knowledge of IT security.
Excellent verbal and written communication, quantitative and analytical skills.
Excellent critical thinking, persuasion/negotiation, mentoring, leadership/management and problem solving abilities.
Demonstrated knowledge of secure hardware, software and network design techniques.
Broad knowledge of other areas of IT.
Human Resources policies and procedures. relating to management responsibilities.
Demonstrated skill in managing technical staff.
Knowledge of department processes and procedures.
Special Requirements & Conditions
Must pass a background check.
Occasional travel for university related business meetings, conferences and/or professional development.
Travel Outside of Normal Business Hours
Other Special Requirements & Conditions
Level of Supervision Received
Remote with occasional visits to the UCR campus as necessary.
Standard Office Equipment
Bend : N/A
Sit : Constantly
Squat : N/A
Stand : Occasionally
Crawl : N/A
Walk : Occasionally
Climb : N/A
Read/Comprehend : Constantly
Write : Frequently
Perform Calculations : Frequently
Communicate Orally : Constantly
Reason & Analyze : Constantly
Is exposed to excessive noise : No
Is around moving machinery : No
Is exposed to marked changes in temperature and/or humidity : No