Technical Security Council – Job Description
UConn Technical Security Council Member Responsibilities
Under the direction of the University’s Chief Information Systems Security Officer (CISSO), council members participate in the governance of Information Security as a representative of their Department. Members will be responsible for improving the security posture of the University through a collaborative approach to the duties and responsibilities identified below.
Members will serve a 24-month term. Appointments will be made by the CISSO from selections provided by a Dean, Director or Department Head.
1. The Security Council will meet bi-weekly on the first and third Tuesday of each month from 1:30PM-3PM. Members will inform Lorraine Costanzo (486-1414, Lorraine.Costanzo@uconn.edu) of any expected absences to meetings.
2. An estimated 1-3 hours/week, beyond meeting times, will be required to complete the duties and responsibilities listed below.
COUNCIL MEMBER DUTIES AND RESPONSIBILITIES:
1. Help ensure University compliance with state and federal regulations on security and privacy of university data.
2. Educate the University community about trends in security and privacy that have the potential to affect how the University does business.
3. Recommend to the CISSO remedial actions to identified problems.
4. Participate in discussions designed to ensure that centrally-deployed security technologies have been thoroughly vetted and that objectives and outcomes are clearly understood.
5. Develop and review University security policies, procedures and guidelines.
6. Participate in pilot implementations of technical and/or procedural remediation.
7. Identify and implement strategies to protect institutional data from compromise or unauthorized access, modification, destruction or disclosure.
8. Participate as a member of the University Computer Incident Response Team (UCIRT).
INFORMATION SECURITY OFFICE DUTIES AND RESPONSIBILITIES:
1. Act as council chair.
2. Solicit agenda items and provide agenda for each meeting.
3. Provide security training for council members.
4. Arrange speaker/topics as necessary.
- Successful completion of at least 1 security course provided by the Information Security Office.
- At least 1 year experience in computer security or systems administration.
- Commitment to cooperative functioning of UCIRT.
- Considerable knowledge of departmental and institutional structures and goals.
- Willingness to be available for emergencies occurring outside of normal business hours.