Description:

Assistant or Associate Director, Cybersecurity Program AdministrationTechnology ServicesUniversity of Illinois at Urbana–Champaign

The Assistant or Associate Director, Cybersecurity Program Administration is a proactive, collaborative, detail-oriented, problem-solving leader for their team of administrative managers, execution teams, contractors, and business partners. The person in this role resources, equips, and enables the university’s cybersecurity program to successfully execute upon its charge, as well as deliver direct value and utility to all program stakeholders. This leader plans and executes within several program administrative domains, including governance, risk and compliance; cybersecurity project and portfolio management; marketing, outreach and communications; training and awareness; data analysis and intelligence; cybersecurity customer support, staffing, and business administration. This role reports to the Chief Privacy and Security Officer as a part of the cybersecurity leadership team, and works closely with the Director of Cybersecurity Operations to ensure the program is set up to execute upon its charge successfully.

The University of Illinois is an Equal Opportunity, Affirmative Action employer that recruits and hires qualified candidates without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability or veteran status. For more information, visit http://go.illinois.edu/EEO.

Why Work at Technology Services?
Highlights of Employee Benefits (PDF)

Major Duties and Responsibilities - Assistant Director:

Lead and direct program administrative functions which enable, resource, and privilege the program:

• Implement, manage, and maintain work products, services, and offerings required to enable the cybersecurity program and plan.
• Direct a team delivering services and value to the enterprise in the domains of Governance, Risk, and Compliance.
• Direct a matrixed team delivering cybersecurity program portfolio of projects, technologies, platforms, services, offerings, and tools; and who also negotiate, author and maintain administrative documentation such as service level agreements, project planning documentation, memoranda of understanding, OLAs, ITIL process documentation, and other administrative agreements.
• Direct teams delivering cybersecurity training, outreach and awareness.
• Direct a team of communicators, marketing specialists, and outreach.
• Manage the solutions and provisioning of security intelligence and analytics for the operational benefit of the program.
• Direct and manage the delivery of Cybersecurity customer and user support.
• Direct and deliver business functions of the program, including fiscal planning, procurement, vendor relationships, solutions providers, inventory, human resources process, and space management.
• Manage and delegate workload of reports, assets, and teams based on organizational priorities, objectives, and key results.
• Manage other program administrative functions

Assist in development, implementation, staffing, measurement, and maintenance of the cybersecurity program.

• Coordinate with peers and the Chief Privacy and Security Officer in the planning and execution of administrative initiatives and activities.
• Assist in development of cybersecurity program operational metrics.
• Assist in the measurement and reporting of institutional cybersecurity and cybersecurity compliance risks.
• Identify, communicate and deliver timely information to relevant internal and external stakeholders.
• Champion and represent the program.
• Develop brand recognition, dialogue, and understanding of the cybersecurity program and its offerings, challenges, and value amongst critical stakeholders.
• Define, develop, implement, measure and analyze processes with focus on performance, key outcomes/goals, operational design, consistency, scalability, excellence, and continuous improvement.
• Oversee the maintenance, development, curation, and implementation of process and reference documentation; customer-facing information, campaigns, and other materials.
• Measure and monitor cost, schedule, and performance against the strategic cybersecurity plan.
• Assist in development and maintain accurate, timely, budgeting, costing, and personnel allocation information.
• Ensure excellent Customer Service throughout Privacy and Security.

Major Duties and Responsibilities - Associate Director:

Lead and direct program administrative functions which enable, resource, and privilege the program to execute on its charge:

• Implement, manage, and maintain work products, services, and offerings required to enable the cybersecurity program and plan.
• Direct a team delivering services and value to the enterprise in the domains of Governance, Risk, and Compliance.
• Direct a matrixed team delivering cybersecurity program portfolio of projects, technologies, platforms, services, offerings, and tools; and who also negotiate, author and maintain administrative documentation such as service level agreements, project planning documentation, memoranda of understanding, OLAs, ITIL process documentation, and other administrative agreements.
• Direct a team delivering cybersecurity training, outreach and awareness.
• Direct a team of communicators, marketing specialists, and outreach.
• Manage the solutions and provisioning of security intelligence and analytics for the operational benefit of the program.
• Direct and manage the delivery of Cybersecurity customer and user support.
• Direct and deliver business functions of the program, including fiscal planning, procurement, vendor relationships, solutions providers, inventory, human resources process, and space management.
• Manage and delegate workload of reports, assets, and teams based on organizational priorities, objectives, and key results.
• Manage other program administrative functions

Manage in development, implementation, staffing, measurement, and maintenance of the cybersecurity program.

• Coordinate with peers and the Chief Privacy and Security Officer in the planning and execution of administrative initiatives and activities.
• Develop cybersecurity program metrics.
• Measures and report institutional cybersecurity and cybersecurity compliance risks.
• Identify, communicate and report to all relevant internal and external stakeholders.
• Champion and represent the program.
• Develop recognition, dialogue, and understanding of the cybersecurity program and its offerings, challenges, and value amongst critical stakeholders.
• Define, develop, implement, measure and analyze process with focus on performance, outcomes/goals, operational design, consistency, scalability, excellence, and continuous improvement.
• Define, develop, curate, and implement internal process and reference documentation, as well as customer and user-facing information, campaigns, and other materials adding recognition, value, and appreciation of the cybersecurity program.
• Measure and monitor cost, schedule, and performance against the strategic cybersecurity plan.
• Assist in development and maintain accurate, timely, budgeting, costing, and personnel allocation information.
• Ensure excellent Customer Service throughout the privacy and security office.

Major Duties and Responsibilities - Common to all levels:

Represent the IT Security office in collaborative and strategic initiatives, applying expertise and functioning as an integral, complementary part of the cybersecurity team

• Participate in and facilitate internal and external meetings. Drive discussions as needed to represent the needs of the assigned domain(s). Present findings/reports to technical and non-technical audiences.
• Provide excellent customer service on behalf of the IT Security office.
• Advocate for Technology Services or other clients and partners in service planning and deployment across the organization.
• Provide recommendations for continual process improvement across all Security workflows.
• Draft and review documentation such as analyses of technical, administrative, or procedural security issues; procedural documentation/playbooks; and team documentation.

Develop and maintain personal and professional excellence through university-provided and external training/seminars/courses; staying abreast of industry trends, methods, and published literature; and participating in manager-approved innovation programs and individual development initiatives.

Required Qualifications - Assistant Director

• Bachelor's degree
• Experience can be concurrent:
  • Five years of progressively responsible experience in IT, IT administration, or risk management; including two years of cybersecurity-related experience.
  • Two years of experience working with customers.
  • One year of experience managing either direct or indirect reports, with proven ability to coordinate staff efforts producing timely deliverables with a high complexity and specific quality standards.
  • Experience participating in and contributing to diverse, crossfunctional workgroups.

Required Qualifications - Associate Director

• Bachelor's degree
• Experience can be concurrent:
  • Seven years of progressively responsible experience in IT, IT administration, or risk management; including three years of cybersecurity-related experience.
  • Three years of experience working with customers.
  • Three years of experience in budget development, finance, and costing.
  • Three years of experience in information technology or cybersecurity planning, organization, and development.
  • One year or more of developing communications for non-technical and leadership audiences.
  • Three years or more of experience managing teams of direct reports, with proven ability to coordinate staff efforts producing timely deliverables with a high degree complexity and specific quality standards.
  • Experience participating in and contributing to diverse, cross-functional workgroups.

Preferred Qualifications - Common to all levels

• Bachelor’s Degree or higher in Information Technology or a related field
• Master’s Degree in information technology or related; business administration, organizational development, training, communications, marketing, or any other related to the primary functions listed in this job description
• Three years or more in R1 higher educational and/or research environments. (Associate Director: Five years)
• One year or more of developing communications for non-technical and leadership audiences.
• Experience with implementation of ITIL (version 3 or 4) functions
• Experience with process metrics and design
• Experience with customer success and service delivery
• Experience with project or project portfolio management
• Experience managing IT, cybersecurity security risk, privacy, cybersecurity operations, IT services, ITSM, service delivery
• Training in management or leadership practices and principles.
• ITIL v3 and/or ITIL v4 training and certification
• Have good standing with one or more of the following cybersecurity or risk certifications: CISSP, CISA, CISM, CRISC, SANS/GIAC

Knowledge, Skills, and Abilities:

Successful candidates will have:

• Ability to lead and enable a large talented, diverse, and cross-functional team.
• Demonstrated ability in effective communication and collaborating in a high performance team environment.
• Demonstrated commitment to customer service and customer success.
• Ability to prioritize between leading, managing, and doing such that strategic value and output are both maximized.
• Demonstrated ability to maintain high security/privacy controls when dealing with sensitive information.
• Knowledge of quality control principles
• Strong organizational, prioritization, and time management skills.
• Strong problem solving skills.
• Excellent negotiation, group facilitation, and team building skills.
• Knowledge of resource allocation and budgeting principles.
• Knowledge of ITIL principles and practices
• Knowledge of Security practices and principles.
• Knowledge of Privacy practices and principles
• Knowledge of Identity and Access Management practices and principles
• Excellent negotiation, group facilitation, and team building skills (Associate Director)

Salary and Appointment Information

This position is a full-time Academic Professional position appointed on a 12-month service basis. The expected start date is as soon as possible after March 1, 2021. Salary is commensurate with qualifications and experience.

To Apply:

Applications must be received by March 1, 2021. Apply for this position using the "Apply for Position" button below. Please create your candidate profile at http://jobs.illinois.edu and upload in one file a letter of application and resume. The online application will require names and contact information for three professional references.

For further information about this position, contact Phil Stanton, Technology Services HR at at prstanto@illinois.edu or 217-333-4222.

The University of Illinois conducts criminal background checks on all job candidates upon acceptance of a contingent offer. The University of Illinois System requires candidates selected for hire to disclose any documented finding of sexual misconduct or sexual harassment and to authorize inquiries to current and former employers regarding findings of sexual misconduct or sexual harassment. For more information, visit Policy on Consideration of Sexual Misconduct in Prior Employment. As a qualifying federal contractor, the University of Illinois System uses E-Verify to verify employment eligibility.

College Name or Administrative Unit:Technology Services Category:2-Administrative Title:Assistant or Associate Director, Cybersecurity Program Administration - Technology Services (141909) Open Date:02/15/2021 Close Date:03/01/2021 Organization Name:Technology Services - CIO