Information Security Analyst - Compliance
The University of Vermont
Burlington, VT, USA
Published 2 weeks ago
Compliance Management Systems / Technology
Information Security Analyst - Compliance
Diversity Statement
The University is especially interested in candidates who can contribute to the diversity and excellence of the institution. Applicants are required to include in their cover letter information about how they will further this goal.
Posting Summary
The Information Security Analyst - Compliance will assess, document, and implement security compliance in support of the Information Security Office's mission. This position is a high-impact technical, educational, and implementation role focused on securing the physical and virtual aspects of UVM's information environment. Will work closely with the Information Security Officer, the Information Security Engineer, and personnel responsible for enterprise technology infrastructure operations. Participate as a subject-matter expert/consultant to constituent- and governance groups. Will be a member of UVM's Cybersecurity Incident Response Team ( CSIRT )
Duties will include: conduct assessments of the organization's security controls, identify gaps and weaknesses, and document and track the results; collaborate with various departments to ensure that all systems, processes, and data handling practices meet compliance standards; exercise discretion and judgment while maintaining the security of University information, protecting individuals' privacy, and educating constituents and due to the sensitivity of the information and access required to dispatch their duties; ensure the maintenance of strict confidentiality.
Minimum Qualifications (or equivalent combination of education and experience)
$65,000 - $75,000
Other Information
This position reports to the Information Security Officer. The Information Security Office ( ISO ) is part of the University's Enterprise Technology Services ( ETS ) group and is one of five divisions within ETS . ETS encompasses Systems Architecture and Administration ( SAA ), Enterprise Application Systems and Database Administration ( EAS / DBA ), Network Services, Client Services and the Information Security Office.
Special Conditions
A probationary period may be required, Background Check required for this position
Diversity Statement
The University is especially interested in candidates who can contribute to the diversity and excellence of the institution. Applicants are required to include in their cover letter information about how they will further this goal.
Posting Summary
The Information Security Analyst - Compliance will assess, document, and implement security compliance in support of the Information Security Office's mission. This position is a high-impact technical, educational, and implementation role focused on securing the physical and virtual aspects of UVM's information environment. Will work closely with the Information Security Officer, the Information Security Engineer, and personnel responsible for enterprise technology infrastructure operations. Participate as a subject-matter expert/consultant to constituent- and governance groups. Will be a member of UVM's Cybersecurity Incident Response Team ( CSIRT )
Duties will include: conduct assessments of the organization's security controls, identify gaps and weaknesses, and document and track the results; collaborate with various departments to ensure that all systems, processes, and data handling practices meet compliance standards; exercise discretion and judgment while maintaining the security of University information, protecting individuals' privacy, and educating constituents and due to the sensitivity of the information and access required to dispatch their duties; ensure the maintenance of strict confidentiality.
Minimum Qualifications (or equivalent combination of education and experience)
- Bachelor's degree in a related field and two years as an information security professional with responsibilities around cybersecurity compliance risk assessment; incident response; and/or security operations.
- Knowledge of Federal and State compliance regulations
- Understanding of technical concepts underpinning internet-connected enterprise service
- Customer service, communication, and interpersonal skills
- Effective written communications, especially the ability to produce both procedural documentation and activity/incident Strong organizational skills
- Proficiency with common productivity applications and command line interfaces in Windows, macOS, or Linux.
- Experience in writing technical, compliance and regulatory documentation
- Public speaking skills including technical/information security training experience
$65,000 - $75,000
Other Information
This position reports to the Information Security Officer. The Information Security Office ( ISO ) is part of the University's Enterprise Technology Services ( ETS ) group and is one of five divisions within ETS . ETS encompasses Systems Architecture and Administration ( SAA ), Enterprise Application Systems and Database Administration ( EAS / DBA ), Network Services, Client Services and the Information Security Office.
Special Conditions
A probationary period may be required, Background Check required for this position