UTSA

Org Marketing Statement

The University of Texas at San Antonio is a Tier One research university and a Hispanic Serving Institution specializing in cybersecurity, health, fundamental futures, and social-economic transformation. With more than 35,000 students, it is the largest university in the San Antonio region. UTSA advances knowledge through research and discovery, teaching and learning, community engagement and public service, and with an intentional focus on career readiness the university produces more graduates for the workforce than any other institution in the region. It is a catalyst for socioeconomic development and the commercialization of intellectual property — for Texas, the nation and the world. UTSA has been recognized as a Top Employer in Texas by Forbes Magazine. Learn more online, on UTSA Today or on X (formerly Twitter), Instagram, Facebook, YouTube or LinkedIn.

In 2024, the UT System Board of Regents authorized UT System to begin integrating UTSA and UT Health San Antonio into one unified institution, establishing a world-class university that integrates academic, research, and clinical excellence to build a profoundly impactful university of the future. Driven by a vision for growth and impact, this merger will expand capacity to offer robust undergraduate and graduate programs, attract top-tier faculty and staff, develop innovative initiatives, and elevate transdisciplinary research to address the evolving needs of the region.

Posting End Date: Applications will be accepted through 11:59 PM CDT on 5/23/2025. At the discretion of the hiring department, this position posting may close once a sufficient number of qualified applications have been received.

Salary Range: Up to $118,000/Annualized, commensurate with education, experience and qualifications.

Hours: 40 hours per week, exempt.

Required Application Materials:

• Resume is required.
• Cover letter is preferred.
• Contact information for 3 reference points of contact.

Essential Functions

Job Summary

Responsible for the operational leadership and continuous enhancement of Cybersecurity Operations at UTSA, including the supervision of personnel and management of all supporting technologies, processes, and services. This role oversees the end-to-end execution of cyber defense activities—from monitoring and detection to incident containment, investigation, and recovery—to safeguard the university’s digital assets, research, data, and reputation. The position ensures integration of national security frameworks such as NIST 800-53 v5, NIST 800-171, and the MITRE ATT&CK framework, and champions agile security operations through DevOps and threat intelligence capabilities. In close coordination with the CISO, Legal, and Compliance, the Director serves in a position of special trust and institutional impact, supporting 24x7 operational readiness and continuous risk reduction across the enterprise.

This leadership position within UTSA’s University Technology Solutions (UTS) is responsible for executing the university’s cybersecurity operations strategy and advancing institutional resilience in an evolving threat landscape. The Director provides vision and executive oversight for a mission-driven cybersecurity operations program that includes Threat Intelligence, Incident Response, Digital Forensics, and Cybersecurity DevOps. This role ensures that information security standards are effectively implemented in alignment with organizational, state, and federal requirements. With a strong emphasis on automation, orchestration, and advanced analytics, the Director drives proactive threat mitigation, rapid incident response, and forensic readiness. The position also fosters a hands-on cybersecurity internship program that bridges academic instruction with operational practice, supporting UTSA’s mission in experiential learning and workforce development.

Core Responsibilities

1. Provide strategic leadership and oversight for the 24x7 Cybersecurity Operations program, including Threat Intelligence, Incident Response, Digital Forensics, and Cybersecurity DevOps.
2. Develop, maintain, and evolve an integrated cybersecurity operations roadmap that aligns with institutional risk, mission priorities, and UTSA’s broader strategic objectives.
3. Lead detection engineering and playbook development using frameworks such as MITRE ATT&CK to drive proactive threat detection, adversary simulation readiness, and real-time response.
4. Integrate and operationalize AI/ML-based analytics into threat detection, anomaly detection, and automated response strategies.
5. Oversee the development, tuning, and lifecycle management of detection content, alert rules, and orchestration workflows across the SIEM (Splunk), Ansible, and SOAR platforms.
6. Manage the enterprise vulnerability management program including scanning, prioritization, patching coordination, and risk reporting to reduce the university’s cyber-attack surface.
7. Ensure firewall, NAC, DLP, and related policy configurations are maintained to protect institutional assets and meet compliance standards.
8. Monitor threat intelligence feeds and external sources to assess risk from emerging threats, campaigns, or vulnerabilities relevant to the UTSA environment.
9. Lead and oversee containment, response, recovery, and forensic analysis efforts for security incidents in coordination with Legal, Compliance, and executive leadership.
10. Establish and maintain formal relationships with law enforcement, threat-sharing consortia, and industry/regulatory partners to improve cyber threat awareness and collaboration.
11. Design and deliver monthly and quarterly executive dashboards that provide actionable insights, trend analysis, and progress reporting on Cybersecurity Operations KPIs and KRIs.
12. Collaborate with enterprise and research IT to embed security architecture best practices into systems design, cloud deployments, and identity/access governance models.
13. Support research computing and academic programs by advocating cybersecurity in regulated research environments and participating in cyber-related research initiatives.
14. Partner with the Office of Information Security to develop targeted security education and phishing awareness programs informed by behavioral analytics and campaign results.
15. Develop and lead tabletop exercises, scenario-based simulations, and after-action reviews to validate cyber resilience and incident preparedness across the institution.
16. Oversee Cybersecurity Operations staffing, scheduling, and performance management including mentoring and structured development for staff, interns, and student workers.
17. Lead the UTSA Cybersecurity Internship Program in collaboration with academic faculty, aligning experiential learning with operational needs and industry practices.
18. Review and approve asset procurement, licensing, and contract renewals for cybersecurity operations technologies and services.
19. Contribute to governance, compliance, and audit readiness activities, including evidence gathering for NIST 800-53, 800-171, CMMC, and institutional policies.
20. Communicate cyber risk and operations performance to institutional stakeholders including executive leadership, boards, and academic governance bodies.
21. Participate in professional development, external speaking opportunities, and research initiatives to advance the profile of UTSA Cybersecurity Operations.
22. Performs other duties as assigned.

Required Qualifications

• Bachelor’s degree from an accredited institution in computer science, cybersecurity, information systems, engineering or related field.
• CISSP or equivalent cybersecurity leadership certification (e.g., CISM, CISA, GIAC) within 180 days of hire.
• Seven (7) years of progressive experience in cybersecurity, with at least five (5) years in a supervisory, managerial, or director-level role to include experience leading multi-disciplinary cybersecurity teams and managing 24x7 security operations, incident response, and threat detection programs.
• This position requires the ability to maintain the security and integrity of UTSA and its infrastructure.

Preferred Qualifications

• Master’s degree in Cybersecurity, Information Assurance, Computer Science, or a related discipline.
• Graduate-level coursework or formal training in risk management, governance, AI/ML in cybersecurity, or secure system design.
• Familiarity with research cybersecurity requirements (e.g., HIPAA, ITAR, CMMC, NSF 800-171).
• Background in higher education, public sector, or research-intensive institutions.
• Experience with SPLUNK, SOAR platforms, scripting, automation pipelines, and cloud-native security services.
• Experience developing or supporting academic instruction, mentorship, or structured internship programs.
• Experience managing or integrating threat intelligence programs, digital forensics capabilities, or SOC engineering functions.
• Experience presenting cybersecurity metrics, risk assessments, or executive briefings to boards, university leadership, or governing bodies.
• Engagement in cybersecurity policy development, audit coordination, or regulatory response activities.
• Experience managing cybersecurity within a university or research computing environment.

Additional Information

• UTSA is a tobacco free campus.
• This is a security sensitive position. Employment is contingent upon a successful background check.
• Applicants selected must be able to show proof of eligibility to work in the United States by time of hire.
• Valid driver’s license and Motor Vehicle Record (MVR) as applicable.

Working Conditions

Working Environment:

• Office environment.
• Ability to travel to and from meetings, training sessions or other business-related events.
• Workdays, areas, and work hours may vary based on the needs of the department.

Physical Demands:

• Sedentary work; sitting most of the time.
• Medium: Up to 50lbs - Ability to exert up to 50 pounds of force to lift, carry, push, pull or otherwise move objects, occasionally.

This position will be primarily located on campus. Travel and parking expenses are the employee’s responsibility.

Equal Employment Opportunity

As an equal employment opportunity and affirmative action employer, it is the policy of The University of Texas at San Antonio to promote and ensure equal employment opportunity for all individuals regardless of race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability or genetic information, and veteran status. The University is committed to the Affirmative Action Program in compliance with all government requirements to ensure nondiscrimination. Women, minorities, people with disabilities and veterans are encouraged to apply. UTSA campuses are accessible to persons with disabilities.