We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
University of California - San Francisco Campus and Health jobs

Manager, IT Security Risk Management

University of California - San Francisco Campus and Health
United States, California, San Francisco
Jan 30, 2025

Manager, IT Security Risk Management

IT - Security

Full Time

83574BR

Job Summary

Receives assignments in the form of objectives and determines how to use resources to meet IT compliance, privacy and security goals. Reviews and approves recommendations for functional programs. Provides guidance to subordinates to achieve goals in accordance with established policies. Erroneous decisions or failure to achieve goals results in additional costs and personnel, and serious delays in overall schedules. Additional responsibilities include:
* Directly supervise 4 employees and manage 1 employee of a contracting firm
* Manage system-level Security Risk Assessment Program development and operations
* Oversee PCI Compliance Program development and operations
* Oversee Security Awareness and Training Program development and operations
* Manage annual Enterprise Security Risk Assessment Program
* Manage annual Promoting Interoperability Assessment for Epic
* Lead risk management process improvement efforts
* Manage security risk assessments for affiliate clinics and UCSF Health expansion activity
* Represent IT Security on enterprise-level committees and task forces
* Co-manage Security Exception process
* Serve as consulting SME for UC and UCSF IT security policies and standards
* Consult on development of security plans for major enterprise systems
* Review 3rd Party Security Control Attestation Requests
* Serve as IT Security SME during procurement contract negotiations; serve as content owner for Appendix DS paper
* Collaborate with and advise UCSF Audit during IT security audits and advisory reviews

The final salary and offer components are subject to additional approvals based on UC policy.

Your placement within the salary range is dependent on a number of factors including your work experience and internal equity within this position classification at UCSF. For positions that are represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement.

The salary range for this position is $124,400 - $291,600 (Annual Rate).

To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html

Department Description

The UCSF IT Security group's responsibilities include, but are not limited to:

  • Managing policies and standards for information security
  • Providing security consulting services
  • Conducting risk assessments of systems that handle UCSF data
  • Providing security awareness training and education
  • Managing threat detection and response services
  • Managing incident response, forensic analysis, and e-discovery
  • Managing endpoint security solutions, including encryption, anti-malware, and EDR agent
  • Issuing digital certificates

Required Qualifications


  • Bachelor's degree in Information Technology or related area and / or equivalent experience / training.
  • Minimum of 5 years of experience managing an IT security program or operations.
  • Broad knowledge of information technology security functional areas and as it relates to student data; health information; research subjects; finance; including credit card and loan transactions; management of IT resources and applications; and general computer use practices.
  • Demonstrated understanding of privacy and security regulations and best practices, including federal and state laws, policies and standards, as well as extensive knowledge about a wide range of privacy / security regulations relevant to higher education and / or medical center and patient information.
  • Broad management expertise in determining and recommending actions, for campus, medical center or Office of the President departments, to follow in IT security and privacy matters.
  • Demonstrated communication skills with project teams, stakeholders, and external contacts including both technical and non-technical audiences.
  • Demonstrated interpersonal skills in order to work with both technical and non-technical personnel at various levels in organization.
  • Demonstrated ability to change the thinking of, or gain acceptance from, others in sensitive situations, without damage to the relationship.
  • Broad knowledge of subject area sufficient for strategic planning, technology assessment and direction
  • Demonstrated experience managing technical staff.
  • Experienced in leading change management activities and managing their impact within the department.
  • Broad knowledge of technical concepts and basic operating principles of data communications, computer hardware, vendor IT products, and software.
  • Demonstrated oral and written communication skills, including the ability to effectively present technical topics to large groups with potentially varied levels of technical sophistication.

Preferred Qualifications


  • Advanced degree preferred.
  • CISSP, CRISC, CISA, CISM or equivalent
  • ITIL Foundations
  • Lean IT Foundations

About UCSF

At UCSF Health, our mission of innovative patient care, advanced technology and pioneering research is redefining what's possible for the patients we serve - a promise we share with the professionals who make up our team.

Consistently ranked among the top 10 hospitals nationwide by U.S. News & World Report - UCSF Health is committed to providing the most rewarding work experience while delivering the best care available anywhere. In an environment that allows for continuous learning and opportunities for professional growth, UCSF Health offers the ideal atmosphere in which to best use your skills and talents.

Pride Values

UCSF is a diverse community made of people with many skills and talents. We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence - also known as our PRIDE values.

In addition to our PRIDE values, UCSF is committed to equity - both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at diversity.ucsf.edu

Join us to find a rewarding career contributing to improving healthcare worldwide.

Equal Employment Opportunity

The University of California San Francisco is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Organization

Health

Job Code and Payroll Title

006019 IT SCRTY MGR 1

Job Category

Clinical Systems / IT Professionals, Supervisory / Management

Bargaining Unit

99 - Policy-Covered (No Bargaining Unit)

Employee Class

Career

Percentage

100%

Location

San Francisco, CA

Campus

Mission Center Building (SF)

Work Style

Hybrid

Shift

Days

Shift Length

8 Hours

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-j5kl7)