Senior Information Security Engineer
University of South Carolina Upstate
This position, the Senior Information Security Engineer, is the primary leader of information security efforts at the University of South Carolina Upstate (USC Upstate) and reports directly to the Chief Information Officer. The Director of Information Security is responsible for designing security elements in IT environments, information systems, and data repositories and implementing security measures and practices that meet policies and standards to safeguard information and technology assets. A key competency of this position is to serve as subject matter expert in designing secure computing environment and consulting with users and management in identifying, selecting, and implementing technical controls. This role is also the Security Liaison for USC Upstate, which includes indirect responsibilities to the University of South Carolina Information Security office.
This position requires a significant range of technology knowledge due to the projects and efforts it is directly responsible for overseeing which range in complexity, impact and scope across the University. The role addresses technology, process, data security, and regulatory compliance as it pertains to the safety and privacy of all institutional data. Establishes and maintains information security training and awareness programs.
- Serves as a subject matter expert and consultant. Design security standards for the University. Analyzes, develops and executes processes and procedures that ensure all systems, products and services meet South Carolina security standards, service level agreements, and University requirements along with security plans which leads to advancement in security, efficiency, and cost savings.
- Partners with functional teams to access technical feasibility and solutions of security systems and processes. Provide information security leadership on how to design and implement secure systems and processes through. Establishes information security training and awareness programs.
- Monitors technology environment and investigates incidents in conjunction with the USC Information Security Office. Responsible for reporting and metrics based on security efforts, tools and baselines. Develops and validates baseline security configurations for technology environment system. Performs or coordinates information security risk and vulnerability reviews, including penetration tests and security design reviews on network infrastructure and applications.
- Analyzes current processes and procedures to create security plans which lead to gains in security, efficiency, and reduction of risks. Manages projects and drives the implementation of new and redesigned tools, systems, processes, and audits to ensure institutional goals and compliance audits are achieved.
- Responsible for designing security solutions that ensuring regulatory compliance which includes but not limited to: FERPA, HIPAA, PCI. DSS, PII (Personally Identifiable Information), and CJIS.
- Assists in other duties and responsibilities as needed by colleagues in Division of Information Technology.
Minimum Qualifications: Bachelor’s degree in information technology systems, computer science, business administration or related fields and 4 years experience working in an information technology systems networking, information security, or related area; or equivalency. Successful background check is required.
Preferred Qualifications: Professional certifications such as CISSP, GSEC, CRISC, CIPT, GSTRT are preferred. Five plus years of experience in areas of information security administration, network administration and/or information technology administration.
Salary: $64,944 – $73,492; Salary commensurate with education and experience.
For more information and/or to apply, go to: https://uscjobs.sc.edu/postings/112764
The University of South Carolina does not discriminate in educational or employment opportunities on the basis of race, sex, gender, gender identity, transgender status, age, color, religion, national origin, disability, sexual orientation, genetics, protected veteran status, pregnancy, childbirth or related medical conditions.