Data Security Analyst
Employment Type: Full-Time
Seeking an Information Security Compliance Analyst (ISCA) for the Office of Information Technology. This position reports to the Information Security Officer. The Information Security Compliance Analyst promotes and provides support to the Information Security Program and outreach initiatives. ISCA assists and serves as a resource in identifying, documenting, and improving the security of application, server and network configuration and controls across a range of diverse systems and processes utilizing frameworks and regulations as a reference; for example: HIPAA, NIST Cybersecurity Framework and HITRUST.
Among the key duties of this position are the following:
* Assists in IT projects by recommending compliant IT security controls and design solutions.
* Assists in creating policies and procedures to help reduce risk , meet regulatory requirements and best business practices.
* Performs IT assessments and prepares findings and remediation reports.
* Assists in updating and maintain policies, standards and procedures documents.
* Collaborates with technical teams to interpret external regulatory requirements and design internal controls.
* Analyzes and benchmarks IT security practices of similar institutions and monitors the legal and regulatory environment that require changes to IT policies and practices. Position Status: Full TimeMinimum Education and Experience
* A bachelor's degree is required, preferably in Computer Science, Information Systems, Management Information Systems or a related field.
* A minimum of Five (5) years of experience in information security and knowledge of frameworks such as the ISO27001-2. Required Knowledge, Skills, and Abilities
* Possess excellent interpersonal, communication and influencing skills
* Ability to collaborate effectively across a variety of disciplines and levels inside/outside the organization
* Ability to effectively analyze, document, and communicate information security concepts to different user bases, including students, faculty, staff and systems personnel Preferred Qualifications
* CISSP, CISM, HITRUST certification desired
* Minimum of Five (5) years' experience performing Information Security assessments with pertinent regulatory requirements.
* Demonstrated knowledge and understanding multiple frameworks and regulations such as the NIST Cybersecurity Framework , HITRUST, HIPAA and FISMA.
* Demonstrated working knowledge of diverse information technology architectures and designs.
* Extensive knowledge of security standards, procedures and policies pertaining to data access and information systems.
* Excellent working knowledge of general audit principles, security administration processes and frameworks, metrics collection and reporting.
* Knowledge of network and web technology, encryption, virtual private networks, internet extranet security, cloud computing (firewalls, remote access) and security management.
- provided by Dice
Loading some great jobs for you...