Must be authorized to work in the United States on a full-time basis for any employer.
Serve as a member of the ISO Risk Management team.
Participate in business processes analyses under the direction of senior staff to identify appropriate information security practices and standards to reduce risk. Assess security procedures, including identity management, to determine compliance with federal, state, System and University regulations. Participate in quantitative and qualitative information risk and vulnerability assessments to identify deficiencies in security. Draft remediation plans. Participate in security incident responses, investigations, and reporting as a team member. Participate in the development of University-wide information security policies and practices. Inform departments as to the proper procedures to use to be in compliance with policies and practices. Assist units with security administration, implementation, and training, including compliance requirements.
Other related functions as assigned.
Bachelor's degree. Three years of experience in assessing information risk and vulnerability and developing information security practices to minimize risk and/or auditing information security. Knowledge of information security practices, procedures, and regulations. Systems administration, network engineering, or application development experience. Equivalent combination of relevant education and experience may be substituted as appropriate.
Certified Information Systems Security Personnel (CISSP) and or Global Information Assurance Certification (GIAC) with Security Essentials Certification (GSEC) certification.
May work around standard office conditions Repetitive use of a keyboard at a workstation Use of manual dexterity