University of Rochester Manager, IT Security - 226024 in Rochester, New York
Manager, IT Security
Full Time 40 hours Grade 056 University IT / IS
8 AM-5 PM
The University of Rochester is one of the country's top-tier research universities. Our campuses are home to 200 academic majors, more than 2,000 faculty and instructional staff, and some 10,000 students from all over the United States and around the world. The University of Rochester Medical Center (URMC) is one of the nation’s leading academic medical centers, which forms the centerpiece of the University of Rochester’s health research, teaching and patient care missions.
University IT and the Center for Integrated Research Computing (CIRC) provide University-wide leadership for the extensive and diverse technology initiatives required by a leading research university. As the primary hub for IT programs and initiatives, this organization engages constituents University-wide to provide:
Advanced computational and data analytics support to departments and centers across the University.
Enterprise-wide academic and administrative applications.
An institution-wide information security program to protect the University’s data and ensure compliance with regulatory requirements.
Robust IT infrastructure including a 24x7 150-mile optical network and 12,000 square foot primary and secondary Data Center facilities.
And, a collaborative and diverse team that creates integrated, secure and dependable IT systems and practices that support efficient and cost-effective distribution of information in support of University missions.
General Summary of Role:
The Incident Response Manager leads a team of Tier 1 SOC analysts in detecting, analyzing and responding to cyber security incidents in a hybrid managed SOC environment where Tier 2 and Tier 3 services our provided by an external Managed SOC service.
Specific Duties and Responsibilities:
25% - Team / personnel supervision
Conduct weekly 1:1 meetings with each team member.
Approve time and handle team scheduling to ensure adequate coverage.
Maintain 24x7 on-call schedule.
Provide technical and professional guidance to team members on a daily basis.
Handle performance management including providing prompt feedback and documentation of both performance issues and exceptional work.
Ensure team camaraderie and job satisfaction.
25% - Oversee Incident Response Team Operations
Drive efficient and timely responses to security incidents.
Actualize continuous improvement and innovation in detecting, investigating and resolving security incidents.
Ensure adherence to SOC Provider’s standards, processes and procedures.
Oversee operational maintenance of IR team tools including upgrades, patching and vulnerability management.
Ensure adherence to change control protocols.
25% - Liaison to IT Operations
Participate in various IT meetings including change control, architectural and technology reviews, security liaison meetings, manager meetings and project meetings.
Ensure IR Team awareness of IT projects, processes and policies.
Promote the IR Team’s accomplishments and advocate for IR Team needs.
Leverage security threats and incidents to promote security awareness.
Advocate for SIEM logging and EDR expansion.
Partner with IT Operations and Departmental IT to build repeatable processes that leverage Desktop and Help Desk resources to respond to routine security events.
15% - Mature the SOC program
Keep abreast of the latest trends, threats and technologies related to security incident response.
Ensure a continual increase in the security team’s capabilities to detect and respond to security incidents.
Leverage Managed SOC Provider’s expertise to optimize the IR Team’s function.
Attend conferences and training to maintain proficiency.
10% - On-call Support
Provide secondary on-call support to team members as needed during business and non-business hours.
Participate in Security Team Leadership on-call rotation in support of medical center 24x7 operations.
Required Business Skills
Management or supervisory experience preferred.
Strong attention to detail and organizational skills.
Robust problem solving skills.
Exhibits a sense of urgency as needed.
Process improvement and quality assurance mindset.
Customer service approach including consistent follow-through in all interactions and strong verbal and written communication skills.
Ability to command cross-functional teams in high-pressure situations.
Strong decision-making skills including ongoing prioritization of many critical efforts.
Understands and models organizational mission, vision and values.
Required Technical Skills
Familiarity with security vulnerabilities, exploits, attacks and malware.
SIEM and EDR experience.
SOC Team Lead and/or SOC Level 2/3 experience.
In-depth foundational IT skills in security administration, network security and/or system administration.
Bachelor's degree in related discipline such as IT Management, Computer Science, Business, Mathematics, Statistics, Science or a related field; plus 3 – 5 years’ experience preferably in a University or business environment and 2 years in a supervisory capacity; or an equivalent combination of education and experience.
NOTE: This document describes typical duties and responsibilities and is not intended to limit management from assigning other work as required.
How To Apply
All applicants must apply online.
EOE Minorities/Females/Protected Veterans/Disabled