DIRECTOR CYBER INTELLIGENCE & DATA OPERATIONS

Req #: 232905

Department: UW INFORMATION TECHNOLOGY

Appointing Department Web Address: ~~~

Posting Date: 04/03/2024

Closing Info

Open Until Filled

Salary: $10,437 - $18,481 per month

Shift: First Shift

Notes

As a UW employee, you will enjoy generous benefits and work/life programs. For a complete description of our benefits for this position, please visit our website, click here. (~~~)

As a UW employee, you have a unique opportunity to change lives on our campuses, in our state, and around the world. UW employees offer their boundless energy, creative problem-solving skills, and dedication to build stronger minds and a healthier world. By being deeply invested in our work, showing compassion in our interactions, and embodying the spirit of a team player, each member contributes to a thriving community. UW is committed to attracting and retaining a diverse staff; your experiences, perspectives, and unique identities will be honored at the University of Washington. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.

UW Information Technology (UW-IT) is the central information technology organization for the University of Washington, responsible for strategic planning, oversight, and direction of the UW's IT infrastructure, resources, and services. UW-IT provides critical technology support to all three campuses, UW Medicine, and research operations around the world, partnering with the UW community to enable innovation, learning, discovery, and service."

The Director of Cyber Intelligence & Data Operations leads the university's cyber threat intelligence (CTI) program focusing on collecting, processing, analyzing, and disseminating actionable cyber security and privacy intelligence to stakeholders and security products for informed and automated decision making to respond to threats and mitigate risks to university people, systems, and data.

Reporting directly to the UW Chief Information Security Officer, the director is responsible for designing and maintaining the CTI program, manage threat intelligence production, coordinate threat intelligence dissemination, and oversees CTI-related operations, vendors, and platforms.

The director serves as a subject-matter expert and trusted source to executive leadership on CTI and is responsible for establishing and maintaining engagement with government agencies, industry associations, and other security experts to drive innovation and best in class threat management programs.

The Director of Cyber Intelligence & Data Operations must have strong leadership, management, and organizational skills as well as technical knowledge and the ability to work collaboratively in a dynamic, demanding, and multifaceted environment.

The position requires a keen intellect and a fundamental affinity for dealing with complex issues where many criteria matter but to varying degrees to different constituencies.

The Director must possess detailed knowledge of information security standards and best practices, security compliance, and remain up-to-date on the legal matters of information security.

The Director must have a solid understanding of the issues and processes involved with long-term technology development within an academic and scholarly enterprise. Familiarity with and sensitivity to the information technology needs of educational, research, scientific, and cultural institutions is an asset.

The Director must be a facilitator and convener with excellent interpersonal skills.

The Director must be experienced in setting and managing priorities; mentoring, challenging, and developing staff; coordinating efforts among individual team members; and conflict resolution.

Possessing excellent written and oral communication skills, the Director must be technically conversant and yet able to translate that technology for people with non-technical expertise, and must be a good listener.

The Director must strive for excellence and be very self-motivated. Flexibility, ingenuity, dedication, enthusiasm, and energy are key attributes.

The Director must be able to organize, provide training and regular reports, and effectively influence other professional staff and faculty.

The constituency of the Office of Information Security (OIS), and therefore that of this position, is the entire University. The Office of Information Security is dedicated to innovative, trusted, and reliable services that promote the confidentiality, integrity, and availability of institutional information, infrastructure technology, and information systems. It is a central office that oversees the strategic view of information security at the UW, and works proactively to asses and manage information security risks in partnership with executive management and UW departments. The services and tools of the OIS are designed to support the UW's mission, raise awareness, and demonstrate a due care approach that optimizes administrative, technical, and operational safeguards.

REQUIREMENTS:

• Bachelor's degree in Computer Science or related field or related experience

• Six years' experience in information security in an educational, research, scientific, or cultural institution.

• Experience with security incident response, analysis, remediation, and prevention.

• Experience leading a security function with previous leadership experiences building, guiding, and growing threat intelligence programs, vulnerability management programs, incident response & hunting programs, and security operations/fusion centers, or equivalent

• Strong understanding of information security threats and vulnerabilities.

• Experience with threat intelligence, data collection, and structured analytical techniques.

• Ability to synthesize large quantities of complex information under pressureand distill it to the most critical issues and draw accurate conclusions, taking into account a high degree of uncertainty

• Demonstrated excellent communication skills (i.e., written, verbal, listening) with the ability to work with and advise all levels of the organization, as well as internal and external partners.

• Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.

• Ability to work within large collaborative organizations, building consensus and fostering ongoing relationships.

• Ability to work independently with minimal supervision.

• Supervisory experience with demonstrated ability to build a high performing team.

• Ability to implement a vision from a conceptual idea through implementation.

• Proficiency in time management, communications, decision making, presentation and organization skills.

• Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules.

• Experience establishing and maintaining effective working relationships with employees and/or clients.

• Ability to conceptualize new ideas and complex technical matters quickly.

• Ability to monitor and interpret information for decision-making and presentation.

• Ability to remain flexible in a demanding work environment and adapt to rapidly changing priorities.

• Strong interpersonal skills to influence, motivate, persuade, mentor and train various groups or individuals. DESIRED

• Knowledge of the cyber threat landscape (nation state / geopolitical, cybercrime, hacktivism, insider risks, etc.) - able to articulate and incorporate into program understanding of major threat categories, motivations, and intent of adversaries against corporate assets.

• Understanding of malware families/evolution, indicators (pyramid of pain), TTPs (tools, tactics/techniques, procedures) used by cyber adversaries and how to apply effectively to help inform key stakeholders of attack chains & exploits while also building threat assessments for organizational cyber adversaries and their probability/intent to attack.

• Higher education or government agency information security experience.

• Experience handling and protecting information at a variety of sensitivity levels.

• Experience relaying sensitive information to appropriate parties

• Ability to obtain and maintain a DoD Secret (or higher) security clearance.

• Experience managing complex programs or projects. CONDITIONS OF EMPLOYMENT Must be available to manage security incidents during off-hours.Must be willing to assist with planned and unplanned events related to the Office of the CISO's mission.This is an essential position and is required to report to work remotely when UW suspends operations. Application Process: The application process may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process.These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select "Apply to this position". Once you begin an assessment, it must be completed at that time; if you do not complete the assessment, you will be prompted to do so the next time you access your "My Jobs" page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.

University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, religion, color, national origin, sexual orientation, gender identity, sex, age, protected veteran or disabled status, or genetic information.