Associate Director, Information Security Office



Classification Title:

ASO DIR, IT

Job Description:

This position is located in Information Technology (IT), Information Security Office, reporting to the Chief Information Security Officer. The Associate Director is responsible for the execution of the UF integrated risk management program which includes assessing and documenting the institution’s risk and compliance posture as they relate to its information assets. Responsibilities of this role include directing the activities of integrated risk management team leads, analysts, and coordinators performing these functions, mentoring and motivating staff, measuring performance and makings continuous improvements. This role also acts as advisor to IT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems, educates IT and business executives on appropriate mitigation strategies and approaches and provides oversight regarding audit, regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation.

Employment with UFIT provides an excellent opportunity to work with other employees dedicated and focused on understanding and interpreting the technological needs of the University of Florida’s innovative and inspirational community.

The Associate Director will lead the UF integrated risk management team and engage with the university constituency to accomplish the following goals:

  • Assess IT security risks in the UF computing environment to ensure information security risks are identified and monitored
  • Collaborate with unit level IT and information security liaisons to ensure that the information security environment is well coordinated throughout UF
  • Work collaboratively with UF administrative offices in the education, design, and implementation of risk assessment and regulatory compliance practices for IT
  • Advise IT and business executives on the status of technology risk and compliance issues based on assessment results
  • Reduce organizational risk from cyber-attacks by creating a risk aware culture focused on improving security behaviors

About UF Information Technology
The UF Information Technology division is comprised of seven departments reporting to the Vice President & Chief Information Officer. The departments reporting directly to the VP & CIO are: Academic Technology, Research Computing, Infrastructure & Communications Technology, Enterprise Systems, Information Security Office, and the UFIT Business Center. With established governance advisory committees and a set of well-defined, transparent processes aiding decision-making, UFIT strives to provide exceptional IT services in support of UF’s mission. For more information about UFIT and its goals and governance, visit: http://www.it.ufl.edu/vp-cio-office/strategic-plan/.

Learn more about UFIT at https://it.ufl.edu/ and @GoGatorsUFIT.

About the University of Florida
UF is one of the nation’s top universities and a dynamic and rewarding place to work. The University seeks to recruit and retain a diverse workforce as a reflection of its commitment to serve a diverse global community. Plus, UF is in Gainesville, one of Florida’s most livable cities. Known for its natural attractions (wetlands, forests, springs, wildlife) and cultural offerings (music, theater, visual arts, and historic districts), the area also is gaining a reputation as a thriving hub for high-tech start-ups, as well as invention and research collaborations. We are excited about what’s happening here and know you will want to be a part of it.

Learn more about Gainesville, Florida at https://guidetogreatergainesville.com/ .

The University of Florida is an Equal Opportunity Employer. The University is committed to non-discrimination with respect to race, creed, color, religion, age, disability, sex, sexual orientation, gender identity and expression, marital status, national origin, political opinions or affiliations, genetic information and veteran status in also aspects of employment including recruitment, hiring, promotion, transfers, discipline, terminations, wage and salary administration, benefits and training.

UF Information Technology is committed to attracting, hiring, and retaining a diverse workforce and values diversity of thoughts, background, and experience. We welcome applications from individuals who would bring additional dimensions to the university’s vision and mission. Expected Salary:

$115,000 – $130,000; commensurate based on education and experience. In addition, the University of Florida offers a very competitive benefits package. https://hr.ufl.edu/benefits/

Minimum Requirements:

Master's degree in an appropriate area and five years of relevant experience; or a bachelor's degree in an appropriate area and seven years of relevant experience. Appropriate college coursework or vocational/technical training may substitute at an equivalent rate for the required experience.

Appropriate college coursework or vocational/technical training may substitute at an equivalent rate for the required experience but does not negate the minimum degree requirement(s).

Preferred Qualifications:

The ideal candidate will possess the following education, experience and skills:

  • 10 years of combined IT and security experience with a broad range of exposure to data, networks, systems, and web applications preferred
  • Previous management experience
  • Certified Information Systems Security Professional (CISSP)

Preferred skills, expertise and experience:

Advanced level knowledge of the following:
  • Security issues, techniques and implications across all existing computer platforms
  • Client/server, network topology, network/infrastructure security, network operating systems, web technologies, and e-commerce operations
  • IT auditing and risk management
  • Information security awareness program design, execution, and sustainment
  • RSA Archer and the use cases related to risk management
  • Security standards, applicable laws, and regulations (e.g., NIST, HIPAA, HITECH, CMMC, PCI, FERPA, Florida Statutes)


To be successful in this position, the incumbent must possess:

  • Advanced level leadership, team building, conflict resolution, strategic planning and management, and IT project management skills
  • Outstanding communicator and possess excellent written and verbal communication skills; interpersonal skills; and the ability to work collegially and interact effectively with a diverse constituency
  • Excellent organizational skills and an ability to prioritize and complete simultaneous projects with minimal supervision
  • Accuracy, attention to detail and a customer service-oriented approach and mindset
  • Advanced level problem solving
  • Work collaboratively and build strategic relationships with both internal and external clients
  • Ability to think critically and creatively, have a high standard of integrity and be motivated to incorporate best practices into the organizational structure
Special Instructions to Applicants:
Applicants are required to submit with their application:
  • Cover Letter
  • Resume or CV
  • Professional References (Minimum of 3)


Application must be submitted by 11:55 p.m. (ET) of the posting end date.

This position has been reposted. Previous applicants are still under consideration and need not reapply.

Health Assessment Required: No

Similar jobs

Similar jobs