Associate Director Information Security

Associate Director Information Security Jacksonville, FL Job Details Full-time $115,000 a year 11 hours ago Qualifications Penetration testing Managerial strategic planning Strategic management HIPAA compliance management Operations management Technical documentation Faculty collaboration Regulatory compliance HIPAA Family Educational Rights and Privacy Act (FERPA) Windows Database security management Master's degree Change management Team development Policy & process development Bachelor's degree Team management System risk assessment (security system operation) Mentoring

ISO 27002

Business continuity planning IT services information & network security Vulnerability management Linux Training & development Windows Server administration Senior level 4 years Escalation handling Leadership Incident response implementation Delegation Communication skills Workforce development Operational budget management Organizational budget management IT security monitoring IT disaster recovery planning Full Job Description Department Chief Information Security Officer Compensation $115,000.00 to Negotiable Annual General Description/Primary Purpose The Associate Director of Information Security provides leadership, technical direction, and day-to-day management for the University's information security program. Reporting to a Director or above, this role is primarily responsible for the tactical execution of the University's Information Security strategic plan, while also contributing to its ongoing development and evolution. The Associate Director ensures the protection of University information systems, data, and technology resources in support of administrative, academic, and research missions. Job Function Information Security Leadership & Program Execution Provide leadership, coordination, and technical direction for the University's information security systems, services, and programs. Execute and operationalize the Information Security strategic plan, translating strategy into measurable, day-to-day security initiatives and outcomes. Contribute to the development, refinement, and maturation of the University's information security strategy, standards, and roadmaps. Serve as a subject matter expert on information security risks, controls, and best practices within a higher education environment. Security Operations & Risk Management Direct and support security operations, including: Incident response and cyberattack preparedness Threat mitigation and vulnerability management Risk assessments and compliance testing Disaster recovery and cybersecurity training exercises Implement and maintain security standards, audit processes, and monitoring capabilities to identify, assess, and remediate security risks. Analyze existing security operations and recommend improvements to enhance protection, efficiency, and scalability of security services. Team Leadership & Student-Led SOC Oversight Lead, supervise, and mentor a team of security professionals, including security engineers, analysts, managers, and interns. Provide operational oversight and strategic guidance for a Student-Led Security Operations Center (SOC), in partnership with the SOC Manager. Support student workforce development by ensuring appropriate security processes, training pathways, and real-world learning opportunities within the SOC. Delegate work, manage priorities, and resolve escalations to ensure effective and timely delivery of security services. Policy, Compliance & Governance Participate in the development, implementation, and maintenance of information security policies, standards, and procedures. Ensure alignment with applicable legal, regulatory, and contractual requirements, including FERPA, HIPAA, and other data protection obligations. Collaboration, Communication & Advisory Role Act as a trusted advisor to University leadership, faculty, staff, and students on information security matters. Partner with campus stakeholders to support secure administrative, academic, and research technology initiatives. Develop and maintain clear documentation, standards, and guidance related to security controls, procedures, and high-risk data. Promote a culture of secure computing through education, awareness, and engagement activities. Marginal Functions Serve on University committees, task forces, and working groups related to information security, risk management, and compliance. Serve as a Tier 2 respondent during declared campus and technology emergencies. Assist leadership with coordination for technology disaster recovery and business continuity plans. Maintain regular communication with IT leadership and the campus community during incidents. Perform job-related duties remotely or on campus as required during emergencies. Supervision Exercised The incumbent provides supervision to the Information Security team. Required Qualifications Master's and 4+ years of relevant experience or Bachelor's degree and 6+ years of relevant experience. Or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219. Departmental Requirements The Associate Director of Information Security must possess: Excellent verbal and written communication skills Demonstrate a strong commitment to delivering high-quality customer service. The successful candidate will be a highly motivated self-starter, capable of managing multiple deadlines and effective in a fast-paced environment. This role requires experience with internet technologies and information security issues, including: Risk assessments Compliance testing As well as demonstrated expertise in security policy development, security awareness, and education programs Risk analysis, network penetration testing, and application vulnerability assessments. The position requires comprehensive knowledge of: Information security standards and frameworks (such as

ISO 17799/27002

) Applicable rules and regulations governing information security and data confidentiality (including FERPA, HIPAA, and similar requirements), and Hands-on understanding of desktop, server, application, database, and network security in Linux and Microsoft Windows Server environments. Familiarity with change management processes as they relate to information security is required.

Preferred qualifications include:

Experience managing, leading, or expanding a Security Operations Center; Experience working within a higher education environment; and Experience managing and developing operational and capital budgets Statement(s) of Understanding This position requires a background check. In conjunction with the University's policy, this position may also require a credit check. The holder of this position is designated as a "Responsible Employee" pursuant to their role under Title IX. Therefore, the incumbent must promptly report allegations of sexual misconduct, sexual violence, and child sexual abuse by or against any student, employee, contractor, or visitor to the University's Title IX Administrator or any divisional Title IX Coordinator Equal Opportunity The University of North Florida (UNF) is committed to providing an inclusive and welcoming environment for all who interact in our community. In building this environment, we strive to attract students, faculty and staff from a variety of cultures, backgrounds and life experiences. The University of North Florida does not commit or permit discrimination or harassment on the basis of genetic information, race, color, religion, age, sex, disability, marital status, national origin, or veteran status in any educational, employment, social, recreational program or activity that it offers. In addition, UNF will not commit or permit retaliation against an individual who reports discrimination or harassment or an individual who cooperates in an investigation of an alleged violation of university regulation. Carnegie UNF is a Carnegie Community Engaged Institution. This designation celebrates the University's collaboration with community partners from the local to the global level. It reflects UNF's mission to contribute to the public good and prepare educated, engaged citizens.