Under the direction of the Information Technology Security Officer (ITSO) and the Director of Database Administration maintains, monitors, audits, and implements the security for enterprise database systems including but not limited to Banner. Cross trains on duties of the ITSO to provide support to the ITSO and others when the ITSO is unavailable. Provides support to the DBAs in security and access issues and policies. Provides backup to the functional areas banner security personnel and chairs the Banner security group.
|Grade||Department||Position type:||Position Number|
|44||3DA – Department not found||Full-time||A97693|
- Coordinates with DBAs and Information Technology Security Officer in implementing and maintaining best practices for database security.
- Monitors Information Technology systems and other paper document processing systems to ensure compliance with policies and procedures.
- Audits Banner Security for all users including functional security people and including regular reviews of the various reports and logs available and investigates complaints of noncompliance.
- Creates and maintains a Database of Access for security access grants.
- Ensures yearly expiration and renewal of accounts with proper documentation, passwords, etc.
- Trains Banner and other database users, owners, and security personnel in best practices in data security practices and requirements.
- Ensures that strong passwords are used for secure database systems.
- Provides a backup to functional area security people.
- Learns, implements and maintains current Banner security features including value based security and fine grain access in Banner.
- Audits access to all Private Identifiable Information (PII) fields/info and other sensitive data to ensure that information is not compromised, accessed inappropriately, or made available in anyway that compromises best practices for data protection.
- Maintain a best practice security matrix for access granted to programmers, DBAs, functional techs, etc.
- Ensure that classes and roles are properly defined, maintained, and are current for users.
- Provides a backup to the Information Technology Security Officer on all systems and duties such as firewalls, IDS, IPS, incident handling, PCI, etc.
- Creates and provides security awareness training to end users and informs students and employees of UVU security policies and practices.
- Maintains current PCI, HIPPA, and other security training & certifications applicable to security functions at the institution.
- Investigates foreseeable internal/external information security risks and reports on noted irregularities/risks.
- Requires in-state and out-of-state travel.
- Requires on-going training and certification to keep up to date in security practices.
- Requires some weekend and non-traditional working hours including accessibility outside of office hours for systems support.
Graduation from an accredited institution with a master’s degree in Information Technology, Computer Science, Accounting or business-related field, plus two years of experience; OR any combination of education and experience totaling eight years. Security training and certifications are preferred such as Certified Info Systems Security Professional(CISSP), Certified Information System Auditor(CISA), SANS Certifications, and/or Cisco Certified Network Associate (CCNA).
- Ability to collaborate with others and work in a team environment as a team player.
- Knowledge and experience with information technology security issues and best practices.
- Knowledge and experience with network protocols and other related technologies.
- Knowledge and understanding of existing federal and state guidelines related to data privacy and integrity with a demonstrated ability to maintain integrity of system data and processes through the application of these guidelines and ethical practices.
- Knowledge of databases, data structures and database systems (Oracle experience preferred).
- Ability to create databases and program in databases using SQL (PL-SQL experience preferred).
- Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community.
- Skill in examining and re-engineering operations and procedures, formulating policy, and developing and implementing new strategies and procedures.
- Knowledge of cost control principles and practices.
- Ability to establish, direct, and enforce administrative and financial control systems, policies, and procedures in a related operating environment.
- Knowledge of applicable legislation, standards, policies and procedures within specialty area.