Title: Info Security Specialist

Employee Classification: Other Professionals

Institution: System Office

Department: Information Technology

Campus Location: Tennessee Board of Regents System Office

Job Summary

The Information Security Specialist provides security-focused support to users and leads key security initiatives for the TBR Central Office and TBR institutions, while operating under the direct guidance of the Chief Information Security Officer (CISO).

This role is responsible for incident monitoring, collecting metrics, generating detailed security reports, and conducting security-related audits as needed. The specialist manages the operation and maintenance of security infrastructure, evaluates, recommends, and implements approved new technologies and innovations, addresses and resolves reported information security issues.

Additional responsibilities include incident management, risk assessment, implementation and oversight of security controls, delivery of awareness training, development and enforcement of security policies and compliance measures, and maintaining IT security architecture, policies, and standards.

This position may have the opportunity to work remote within the state of Tennessee but with periodic visits to the TBR System Office (Nashville, TN) at the employee’s expense, and potential travel to Tennessee TBR colleges may be necessary.

Job Duties

• 25% - Oversees security operations, security engineering, and compliance of information systems and services across the enterprise; develops, delivers and manages IT Security standards, best practices and architecture information that supports IT Security operations, engineering, and compliance across the enterprise; conducts studies within and outside the organization to ensure compliance with standards and conformity with industry security norms; consults with members of TBR community regarding security best practices and compliance; maintains awareness of how IT security services and systems affect the organization's security posture and exposure; weighs business needs against security concerns and articulates any issues to constituents and senior leadership; holds responsibility for the troubleshooting and resolution of reported information security issues; recognize and respond to information security incidents; analyze network traffic for anomalous activity and investigate as appropriate; identify and understand potential threats and vulnerabilities and recommend mitigations; perform digital forensics as part of incident response and in response to other community needs; author and edit incident reports; perform periodic security-focused risk assessments and audits of systems and tools; develop, implement, and refine solutions for security monitoring, detection, and response on TBR community systems; perform high-level analysis of complex and disparate computing systems, networks and data architectures to identify, rectify and prevent technical and information security vulnerabilities; scanning for vulnerabilities, evaluating scope and exposure, working with system and service owners to patch, isolate, or otherwise mitigate critical vulnerabilities; developing exposure metrics, detecting trends, and assisting the team in developing controls or defensive measures; use forensic, incident response, and process expertise to respond to and investigate system, service, or network attacks and breaches; applies IT security concepts to execute complex security controls to prevent hackers from infiltrating campus information or jeopardizing web-based programs for the campus; researches, analyzes and addresses attempted efforts to compromise security protocols and measures; evaluates and tests systems and applications for security vulnerabilities; maintains, uses and/or operates complex security systems; administers, tests or reviews complex security configurations to control access to systems; applies IT security concepts to use applicable encryption methods; gathers, analyzes, and summarizes information and reporting to management regarding the negative impact on the campus caused by theft, destruction, alteration or denial of access of information; applies it security concepts to select appropriate response to serious security incidents; - (Essential)
• 25% - Maintains the Information Systems Security Program (ISP) for the TBR Central Office and works with TBR institutions on related security issues with regard to the ISSP; promotes TBR information systems reliability and accessibility, while protecting and defending against unauthorized access to systems, networks, and data; lead the planning, design, development, integration, testing, documentation, training, implementation and maintenance of TBR IT security systems and products; provide leadership through strong working relationships and collaboration across the TBR community to develop strategic goals for information security compliance and risk mediation; coordinates the Incident Response function of the TBR IT Security Office; oversees ongoing activities related to the development, implementation, and improvement of the TBR information security program in compliance with applicable federal and state laws and regulations and the TBR's information security policies; focusing on: security risk assessments (TBR, schools, departments, and vendors); risk management (including risk prioritization and mitigation); education and awareness; advises TBR personnel on managing effective security practices; develops and maintains strong working relationships to collaborate and partner with key stakeholders (across the TBR community) and external solution providers to advocate for appropriate security practices; plan, design, enforce, and audit security policies and procedures which safeguard the integrity of and access to TBR community systems - (Essential)
• 15% - Develop and maintain an IT Security Architecture for TBR; lead and coordinate the development and maintenance of information systems security policies, procedures, standards, and guidelines, ensuring compliance with federal and state laws and regulations and Regents policies and standards; analyze new federal and state statutory requirements, TBR policies, and other security initiatives to determine changes necessary for adoption/compliance and makes appropriate recommendations; responsible for understanding the complete lifecycle of TBR's security technology; combines up-to-date knowledge of commercially-available and open source information security tools, solutions and services with firsthand knowledge of TBR's information security risks to play a leading role in recommending and assessing new security services; advises operating units at all levels on information security issues, recommended practices, and vulnerabilities; manages the program of providing security risk assessments to schools and departments across TBR; manages the program of assessing information security risks related to vendor-supplied services; oversees the program of network traffic analysis to identify potential security events and risks as a means to proactively address and mitigate identified weaknesses; oversees the investigation and resolution of information security privacy considerations related to research and intellectual property, and in projects related to risk mitigation; advises TBR personnel on managing effective security practices; responds appropriately with resources and information to requests submitted by internal and external auditing functions - (Essential)
• 15% - Maintain the campus Cyber Incident Response Plan (CIRP) and foster security- and audit-related regular communications with campus Security Incident Response Teams (SIRT); Ensure monitoring of security-related information sources for security alerts and assess security breaches/ events, oversee appropriate corrective actions, inform the campus community, and identify needed changes based on new security technologies or threats; serve as the liaison with external agencies and organizations, including law enforcement, as needed for incident response and planning; oversee the development and implementa-tion of training programs and communications to make systems, network, and data users aware of and understand security policies and procedures; assists in managing security incidents across the TBR community; acts as the primary control point during information security incidents; assists in communicating progress to the TBR community, as appropriate, in managing security incidents; interfaces with law enforcement agencies and other government agencies to address security lapses and respond to information security issues; works with the IT staff of TBR, community and technical colleges and departments to help them maintain a high level of technical competence and a professional approach to handling confidential matters while maintaining a customer-focused attitude; investigate security incidents; perform computer forensics studies and maintain incident tracking records. prepare status reports on security matters; develop security risk analyses; keep management informed of risks and critical issues that might affect clients or TBR community security objectives - (Essential)
• 15% - Maintain the campus Cyber Incident Response Plan (CIRP) and foster security- and audit-related regular communications with campus Security Incident Response Teams (SIRT); Ensure monitoring of security-related information sources for security alerts and assess security breaches/ events, oversee appropriate corrective actions, inform the campus community, and identify needed changes based on new security technologies or threats; serve as the liaison with external agencies and organizations, including law enforcement, as needed for incident response and planning; oversee the development and implementa-tion of training programs and communications to make systems, network, and data users aware of and understand security policies and procedures; assists in managing security incidents across the TBR community; acts as the primary control point during information security incidents; assists in communicating progress to the TBR community, as appropriate, in managing security incidents; interfaces with law enforcement agencies and other government agencies to address security lapses and respond to information security issues; works with the IT staff of TBR, community and technical colleges and departments to help them maintain a high level of technical competence and a professional approach to handling confidential matters while maintaining a customer-focused attitude; investigate security incidents; perform computer forensics studies and maintain incident tracking records. prepare status reports on security matters; develop security risk analyses; keep management informed of risks and critical issues that might affect clients or TBR community security objectives - (Essential)
• 10% - Develop security awareness training programs; penetration testing timelines; security standards metrics and other security-related tools for distribution and implementation across the TBR community; promotes professional development of IT Security Awareness; ensures adherence to IT security best practices and standards across the organization; consults with and studies customers to address risks, gaps in compliance, and business practices; assists in development of policies and procedures; informs the TBR community of the ongoing status of IT security activities; perform training and guidance concerning encryption of devices and other communications security equipment; describe the benefits of multifactor authentication and its use; perform custodial duties and educate users regarding security relative to classified communications; advise management regarding proper use and operation of equipment associated with security maintenance; ensure that classified material is handled and safeguarded in accordance with applicable regulations; develop and maintain classified communications procedures; perform periodic physical checks of security containers in assigned areas; develop and provide phishing exercises for training purposes; manage security improvement projects; maintain knowledge of changing information security threats and technologies; provide recommendations for adaptation of new technologies, procedures, or policies; coach and direct staff on ways they can impact the security on their campuses; - (Marginal)
• 10% - Contribute to the overall team environment by performing other tasks as assigned. - (Marginal)

Minimum Qualifications

• A bachelor's degree in information technology or a similar area with minimum of 2 years relevant work experience, or an associate degree in a related field along with three years of relevant work experience.
o Candidates who do not possess a degree, but have at least four years of direct, relevant experience will also be considered for this position.
• Applicants must possess at least one relevant security certification such as CompTIA security+, ISC2 certified in cybersecurity (others may be considered)
• Must have an appreciation for and an understanding of a two-year college mission.
• Relevant work experience should come from at least two of the following domains: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.
• Experience with service catalogs and service level agreements
• Experience working in both technical support and end-user support environments
• Demonstrated technical writing & documentation ability necessary

Preferred Qualifications

• Experience in cloud security configurations
• Excellent time management skills
• Excellent critical thinking and problem-solving skills
• Eager to expand skills and expertise
• Demonstrated ability to analyze problems from multiple points of view, lead consensus building within groups with differing views, translate consensus into planned action
• Candidate should have demonstrated experience in higher education

Knowledge, Skills, and Abilities

• A self-starter who can work with a minimum amount of supervision
• Demonstrated organizational skills
• Demonstrated ability to understand customer needs and commitment to provide quality service
• Demonstrated willingness to work flexible hours and troubleshoot when necessary
• Excellent interpersonal and oral/written communication skills
• A willingness and passion to learn new hardware/software security-related systems that are consistent with duties

Physical Demands / Working Conditions