Unit Information Security Lead (UISL) Job Description - Short

Overview

A Unit Information Security Lead (UISL) is a  Workforce Member(s)* appointed by the Unit Head and assigned responsibility for ensuring tactical execution of information security activities. These activities are performed in consultation with the Unit Head. 

UISLs don’t need to be technical (though they can be). They are responsible for making sure that the security activities under their area of responsibility occur, not necessarily for doing the technical work. For IT Client Services-supported Units, the UISL will work with the ITCS zone contact for areas requiring technical support. This means that some UISLs will primarily have a coordination role, while UISLs with more technical skills may be directly involved in implementation.

Below is a summary of key tasks and time commitments associated with this role. A more complete description and list of responsibilities is available here: UISL “Job Description”.

Skills & Knowledge for This Role

  • A good understanding of your Unit’s policies, procedures, and IT tools, i.e., working knowledge of the services used - or the ability to gather this info.
  • A direct relationship to your Unit Head.
  • Good communication, collaboration, and coordination/project management skills.
  • General understanding of campus information security policies. 
  • Some IT background, or the ability to have a close partnership with ITCS or IT partners to work on more technical items.

Initial Tasks (approx. 20 hours)

  • Review Unit information security metrics in Socreg, the campus asset registration portal (campus VPN required to connect from off campus)
  • Review Unit assets, registrations, and Security Contacts in Socreg (link above)
  • Complete a high-level IS-3 Unit self-assessment and review results with the Unit Head

Ongoing Tasks (5-10% FTE)

  • Annual review of initial tasks, above
  • Ensure Unit compliance with MSSND, MSSEI, and UC Minimum Security Standards
  • Ongoing liaison role with Unit Head and ISO

  • Development and annual review of a Unit security plan

  • Review and update Unit-managed access rights at least annually

  • Work with Procurement to ensure proper data security contract language for Suppliers

  • Work with HR to ensure consistent HR security processes and procedures are in place

  • Report potential security incidents and ensure security notices from ISO are addressed
  • Maintain active membership in UCB-Security mailing list and ISWorkgroup

Time Estimate Notes

  • Time estimates do not include security-related work already being done by the unit.
  • Initial Tasks may take longer for large, complex units; IT Service Providers; and units with significant P4 or A4 assets or external compliance obligations. 
  • Ongoing Tasks: Workload will likely be in spurts, not constant throughout the year.

UISL Resources

 *The number of UISLs in a Unit is established by the Unit Head. A single person could oversee the responsibilities for an entire Unit or different UISLs could be assigned to different functional areas. This will largely be determined by the size and structure of the Unit and the Unit Head’s reporting preferences. Smaller Units may also be able to share one UISL.

On This Page