The Associate Director of Information Security provides leadership, technical direction, and day-to-day management for the University’s information security program. Reporting to a Director or above, this role is primarily responsible for the tactical execution of the University’s Information Security strategic plan, while also contributing to its ongoing development and evolution. The Associate Director ensures the protection of University information systems, data, and technology resources in support of administrative, academic, and research missions. Job Function. Information Security Leadership & Program Execution. Provide leadership, coordination, and technical direction for the University’s information security systems, services, and programs. Execute and operationalize the Information Security strategic plan, translating strategy into measurable, day-to-day security initiatives and outcomes. Contribute to the development, refinement, and maturation of the University’s information security strategy, standards, and roadmaps. Serve as a subject matter expert on information security risks, controls, and best practices within a higher education environment. Security Operations & Risk Management. Direct and support security operations, including:Incident response and cyberattack preparedness. Threat mitigation and vulnerability management. Risk assessments and compliance testing. Disaster recovery and cybersecurity training exercises. Implement and maintain security standards, audit processes, and monitoring capabilities to identify, assess, and remediate security risks. Analyze existing security operations and recommend improvements to enhance protection, efficiency, and scalability of security services. Team Leadership & Student-Led SOC Oversight. Lead, supervise, and mentor a team of security professionals, including security engineers, analysts, managers, and interns. Provide operational oversight and strategic guidance for a Student-Led Security Operations Center (SOC), in partnership with the SOC Manager. Support student workforce development by ensuring appropriate security processes, training pathways, and real-world learning opportunities within the SOC. Delegate work, manage priorities, and resolve escalations to ensure effective and timely delivery of security services. Policy, Compliance & Governance. Participate in the development, implementation, and maintenance of information security policies, standards, and procedures. Ensure alignment with applicable legal, regulatory, and contractual requirements, including FERPA, HIPAA, and other data protection obligations. Collaboration, Communication & Advisory Role. Act as a trusted advisor to University leadership, faculty, staff, and students on information security matters. Partner with campus stakeholders to support secure administrative, academic, and research technology initiatives. Develop and maintain clear documentation, standards, and guidance related to security controls, procedures, and high-risk data. Promote a culture of secure computing through education, awareness, and engagement activities. Marginal Functions. Serve on University committees, task forces, and working groups related to information security, risk management, and compliance. Serve as a Tier 2 respondent during declared campus and technology emergencies. Assist leadership with coordination for technology disaster recovery and business continuity plans. Maintain regular communication with IT leadership and the campus community during incidents. Perform job-related duties remotely or on campus as required during emergencies. Supervision Exercised. The incumbent provides supervision to the Information Security team. Required Qualifications. Master's and 4 years of relevant experience or Bachelor's degree and 6 years of relevant experience. Or an equivalent combination of education and experience pursuant to Fla. Stat. 112.219. Departmental Requirements. The Associate Director of Information Security must possess:Excellent verbal and written communication skills Demonstrate a strong commitment to delivering high-quality customer service. The successful candidate will be a highly motivated self-starter, capable of managing multiple deadlines and effective in a fast-paced environment. This role requires experience with internet technologies and information security issues, including: Risk assessments. Compliance testing. As well as demonstrated expertise in security policy development, security awareness, and education programs. Risk analysis, network penetration testing, and application vulnerability assessments. The position requires comprehensive knowledge of:Information security standards and frameworks (such as ISO 17799/27002)Applicable rules and regulations governing information security and data confidentiality (including FERPA, HIPAA, and similar requirements), and. Hands-on understanding of desktop, server, application, database, and network security in Linux and Microsoft Windows Server environments. Familiarity with change management processes as they relate to information security is required. Preferred qualifications include: Experience managing, leading, or expanding a Security Operations Center; Experience working within a higher education environment; and Experience managing and developing operational and capital budgets Statement(s) of Understanding.