Job Requisition Number: 22813. The Office of the Chief Information Officer (OCIO) includes eight departments and functions that directly report to the Associate Vice Chancellor for Information Technology and Chief Information Officer (AVC-IT & CIO). These reporting units include more than 290 staff and 30 student employees. The AVC-IT & CIO directly manages an operating budget of approximately $80 million which includes about $35 million of recharge revenue, and $1 million in grants and contracts.
The Chief Information Security Officer (CISO) provides leadership to campus-wide committees and workgroups of campus policy-makers, senior administrators, and lead technical staff from various departments in the active analysis, discussion and development of information security policy and strategic campus technology directions. The Chief Information Security Officer directs and coordinates the campus information risk governance program and co-chairs the associated committee with the Campus Privacy Officer . Represents campus policy makers and senior administrators and provide leadership in system-wide committees developing broad information security policy, standards and practices, addressing institutional decisions on the balance of privacy and information security and guiding the acquisition of advanced security technology. Deals with a broad range of complex security, privacy and risk-related issues in information technologies and relate to the varying needs and viewpoints of the constituents that use them. Moreover, the incumbent must be able to evaluate risk, be able to act expeditiously in making decisions and understand the factors associated with decision-making in a technological environment and within the larger institutional context with competing values and objectives. The objectives are to adequately secure institutional information and campus IT resources and manage the risk of a compromise of the confidentiality, integrity, or availability of these information assets. Finally, the position oversees the direction of critical operational Campus security functions and services, such as incident response, breach management, and network intrusion detection. This position requires original thinking and judgment and the development deployment and innovative application of policy and technical solutions to protect university networks, electronic systems and data within a large public research institution.
The CISO has a dual reporting structure to both the CIO and the Deputy CIO.
Strategy ? Develop, maintain, promote and socialize across all Campus constituents a Campus information security strategy that is consistent with a public research institution. Provide broad oversight and direction to the Campus identity and access management team.
Program Management - Oversee campus information security programs (including Identity and Access Management) and activities within the unit and across the Campus to ensure effective implementation of the Campus information security strategy and critical security-related functions and services. Maintain and oversee security-related requirements for campus suppliers and partners doing business with the Campus. Manage large-scale security incident response efforts.
Policy - Manage campus information security policies, standards, procedures and guidelines are aligned with the Campus strategy, and regularly reviewed to reflect changing threat landscapes, Campus conditions, regulatory requirements, and industry best practices. Manage campuswide IT policies.
Governance ? Ensure the proper functioning of information risk governance on the Campus, obtaining senior leadership consensus on information security strategy, reporting to senior leadership the current state of the Campus information security program, and balancing information security with privacy concerns for the Campus.
Consultation - Provide expertise to senior management and executives levels on information risk.
Coordination - Manage security-related interaction with the Campus and System Legal, the Privacy, Business Contracts and Brand Protection, Office of Ethics Risk and Compliance Services, Campus Police, other law enforcement agencies, and other Risk Management offices to ensure sufficient coordination of the Campus information security risk management program.
Representation/Outreach - Serve as the campus authority and representative campus-wide, system-wide, nationally and beyond on matters related to information security.Education/Training: ?Bachelors degree in related area and/or equivalent experience/training. Advanced degree preferred
Knowledge/Skills: ?In-depth knowledge of information technology security functional areas and as it relates to all aspects of the protection of Campus information assets and institutional data, including but not limited to personally identifiable information, education records, health records, human subjects data and financial data. ?In-depth understanding of privacy and security laws (state and federal), industry standards, information security policy frameworks, as well as extensive knowledge about a wide range of privacy/security laws, regulations and standards relevant to higher education. ?Proven management expertise in determining and recommending actions and affecting change across the Campus, providing a clear understanding and the information necessary for departments and individuals to carry out their responsibilities for information security risk management. ?Strong understanding of identity and access management domain including associated technologies and solutions ?Proven ability to balance information security needs with the organization's strategic plans, values, and other risks to formulate effective solutions ?Proven strong communication skills with project teams, stakeholders, senior management, and external contacts including both technical and non-technical audiences. ?High level interpersonal skills in order to work with both technical and non-technical personnel at various levels on campus. ?The ability to influence, or gain acceptance from, others in sensitive situations, without damage to the relationship.
The University of California was chartered in 1868 and its flagship campus - envisioned as a "City of Learning" - was established at Berkeley, on San Francisco Bay. Today the world's premier public university and a wellspring of innovation, UC Berkeley occupies a 1,232 acre campus with a sylvan 178-acre central core. From this home its academic community makes key contributions to the economic and social well-being of the Bay Area, California, and the nation.