| The Information Technology Security Office (ISO) is currently seeking an Information Security Architect. The security architect develops, implements, and monitors the University’s information security technology environment to protect the confidentiality, availability, and integrity of all institutional data and systems. The incumbent serves as the University’s most senior security solutions strategist, technologist, and technical subject matter expert. This individual identifies cost-effective security solutions, tools, appliances, and services to best protect UM’s information systems and data assets. Additionally, the security architect maintains current knowledge of emerging information security threats and the countermeasures to mitigate risks. Primary Duties and Responsibilities: (Performs duties and responsibilities under minimal supervision) Determines security requirements by evaluating business strategies and requirements and researching information security standards
Analyzes technology and industry trends and the organization’s current technology deployments to recommend solutions that address complex and unique business requirements
Designs security solutions and processes by evaluating network and security technologies
Develops requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices
Designs public key infrastructures, including the use of certification authorities and digital signatures, as well as hardware and software
Develops security solutions and processes to support different compliance environments such as PCI, FISMA, GLBA, FDA Part 11, and HIPAA
Performs and oversees risk assessment and analysis, conducts system and application vulnerability evaluations to provide corrective actions, coordinates security penetration testing, and oversees on-site partner assessments
Verifies security systems by developing and implementing test scripts
Maintains security by monitoring and ensuring compliance with standards, policies, and procedures
Upgrades security systems by monitoring security environment, identifying security gaps and evaluating and implementing enhancements
Prepares system security reports by collecting, analyzing, and summarizing data and trends
Collaborates with compliance and quality control areas
Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations
Adheres to University and unit-level policies and procedures and safeguards University assets
Excellent verbal and written communication skills
Strong organizational skills |
