Job Number: 24487067 Full/Part Time: Full Time Schedule: 8AM - 5PM Salary: Commensurate with Experience
Position Information The Information Security Office (ISO) Risk Manager oversees core information security functions in the risk, compliance and outreach areas for the university. The ISO Risk Manager is responsible for establishing and maintaining an enterprise-wide information security risk management program to support the adequate protection of university's information assets. This position is responsible for leading a team and a program for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. This includes the establishment of formal guidelines for secure technologies, architectures, and programs, such as: GRC tool, vendor risk assessments, PCI compliance, unit/department risk assessments, etc.
This position will work with the CISO and other ISO managers to develop, manage, and report on risk metrics at all levels within the university. It will also proactively work with business units to implement practices that meet defined policies and standards for information security. The ISO Risk Manager also oversees a variety of IT-related risk management activities, as well as outreach, and compliance activities.
This position is classified as remote with occasional visits to the campus as needed. Working hours will be based on Pacific Standard Time (PST). The maximum budgeted annual salary for this position is $131,100.
As a condition of employment, you will be required to comply with the University of California SARS-CoV-2 (COVID-19) Vaccination Program Policy. All Covered Individuals under the policy must provide proof of Full Vaccination or, if applicable, submit a request for Exception (based on Medical Exemption, Disability, and/or Religious Objection) or Deferral (based on pregnancy) no later than the applicable deadline. For new University of California employees, the applicable deadline is eight weeks after their first date of employment.
Education Education Requirements Degree Requirement Bachelor's degree or equivalent work experience with an emphasis in computer science, data processing, computer information systems, or in a related field. Required
Experience Requirement 6 - 10 years of related experience. Required Previous supervisory/managerial experience. Preferred
Requirement Must pass a background check. Required Occasional travel for university related business meetings, conferences and/or professional development. Required Travel Outside of Normal Business Hours Required
Preferred Qualifications Advanced knowledge of the IT security function. Expert knowledge of data encryption technologies. Advanced knowledge of IT security. Excellent verbal and written communication, quantitative and analytical skills. Excellent critical thinking, persuasion/negotiation, mentoring, leadership/management and problem solving abilities. Demonstrated knowledge of secure hardware, software and network design techniques. Broad knowledge of other areas of IT. Human Resources policies and procedures. relating to management responsibilities. Demonstrated skill in managing technical staff.
Additional Information Knowledge of department processes and procedures.
UCR is a world-class research university with an exceptionally diverse undergraduate student body. Its mission explicitly states the goal of providing routes to educational success for underrepresented and first-generation college students. A commitment to this mission is a preferred qualification.The University of California, Riverside is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic protected by law.Advancement through the faculty ranks at the University of California is through a series of structured, merit-based evaluations, occurring every 2-3 years, each of which includes substantial peer input.