CISO Position at SDSC (UC San Diego)

[Dallas Thornton <dallas () SDSC EDU>]

Please pardon the SPAM, but I would like to pass along a link in case anyone might know of a good candidate interested 
in year-round sunshine.

http://jobs.ucsd.edu/bulletin/job.aspx?cat=information&sortby=post&jobnum_in=50227

Best regards,

Dallas


Dallas Thornton | Division Director, Cyberinfrastructure Services |  San Diego Supercomputer Center
University of California, San Diego | 9500 Gilman Drive, MC 0505,  La Jolla, CA, 92093
*: dallas () sdsc edu<mailto:dallas () sdsc edu> | *: (858) 534-8364 | 7: (858) 225-3661



Chief Information Security Officer
Open until: Mon 3/8/2010
San Diego Supercomputer Center (100% Career)

DESCRIPTION:
The San Diego Supercomputer Center (SDSC) at UCSD is actively seeking a Chief Information Security Officer to join our 
growing information technology team in support of high-profile projects. Qualified candidate will lead a small team of 
security experts that oversee the security of SDSC's infrastructure and that of projects hosted at the center.

For major projects, this will include oversight of the certification and accreditation (C&A) process and aid in the 
development and preparation of risk assessment reports, system security plans, risk mitigation plans, contingency 
plans, disaster recovery plans, security tests and evaluations (ST&Es), Plans of Action and Milestones (POA&Ms), FISMA 
self-assessments, system security assessments, system security planning, and security policies and procedures. 
Incumbent will provide in-depth security documentation support and conduct regular audits to ensure that systems are 
being operated securely and in adherence to documented plans. Additionally, he/she will perform various configuration 
management activities with regard to systems within his/her purview. The information security professional must clearly 
interface and communicate with highly-technical and management personnel at SDSC and government partners, including 
leading incident response activities.

The Information Security Officer will be a technical expert in security administration and should have experience 
working with Solaris, Linux, and Windows server and cluster environments and utilizing firewall, IDS, IPS, and VPN 
technologies from various vendors. He/she will be a leader in security architecture for private and sensitive data, 
possess strong communication skills, and exhibited demonstrated experience leading projects that require strong 
security architecture, testing, and implementation.

QUALIFICATIONS:
* Must have a thorough knowledge and understanding of government regulations, policies, practices, and procedures, 
including:
- Federal Information Security Management Act (FISMA)
- OMB A-130, Management of Federal Information Resources
- Health Insurance Portability and Accountability Act (HIPAA)
- OMB M-06-16 (Encryption requirements for sensitive data)
- NIST 800-53 (Recommended Security Controls for Federal Information Systems)
* Must be capable of producing high quality policy, system security plan, and C&A documentation requiring minimal edits.
* The ability to work with clients at various organizational levels in an often changing and challenging work 
environment.
* Previous federal experience with an emphasis on systems development, ST&E, and Certification and Accreditation.
* Must have experience working with Unix (Solaris and/or Linux) and Windows environments and utilizing firewall IDS, 
IPS, and VPN technologies from various vendors.
* Must have a Bachelors Degree and 5+ years experience with federal security administration practices; Masters or PhD 
preferred.
* CISSP or CISM certification highly preferred.