Information Security Analyst

The University of Nevada, Las Vegas invites applications for Information Security Analyst (GRC), Office of Information Technology [R0143080] [FLEXIBLE WORK SCHEDULE].

ROLE of the POSITION

The Information Security Analyst (GRC) will work closely with the Director of Business Continuity and Resiliency in the development, support, maintenance, and testing of the university’s Business Continuity and Resiliency (BCR) program. Working in the Information Security Office within the Office of Information Technology (OIT), the Information Security Analyst (GRC) will be responsible for day-to-day information technology (IT) governance, risk management, and compliance (GRC) functions associated with a comprehensive resiliency program. The incumbent will be experienced in or knowledgeable about a broad range of security, risk and compliance subject areas. The incumbent will help define, create, and manage IT policies and standards in support of legal and regulatory compliance needs with an initial focus on compliance and risk management efforts across OIT service areas but will expand to include other university organizations. The position will be a team member in a fast-paced, growing environment focusing on assessment, protection, detection, response, and recovery. It requires the ability to switch between a range of tasks as needs arise and exercise sound problem-solving skills. The incumbent must be able to develop and present information, ideas, and instructions with minimal oversight and exhibit strong written and verbal communications skills.

This position will assist in providing support and coordination of activities that help the University meet its obligations to governing agencies. This would include training, management, monitoring, and data classification. The position is also responsible for the development and maintenance of regulatory policies and procedures for all areas of the university. These regulations include, but are not limited to, FERPA, PCI-DSS, GLBA, and HIPPA.

As a member of the Information Security Office, this position may be called upon to perform tasks in support of managing reported security incidents. Additionally, in the performance of their duties, the incumbent will report any situations of non-compliance with university security policies or adopted security standards and practices.

Working closely with business partners, they will be responsible for coordinating all continuity and resiliency functions including business impact and risk analysis, business continuity planning, site incident management plan development, maintenance and testing. This position will also support the business units during times of crisis an interface with additional shared services partners as need during business interruptions.

PROFILE of UNLV INFORMATION TECHNOLOGY

UNLV Information Technology provides leadership, support, training, and enterprise IT services that empower students, faculty, and staff. We have a passion for providing excellent customer service and we value individuality and encourage our employees to be their geekiest selves.   

We believe every person brings with them unique strengths, experiences, and perspectives and we value these differences. One of our best opportunities is to deliver a workplace that is diverse, inclusive, and focused on equality and to hire candidates who share these values.   

Women, under-represented groups, individuals with disabilities, and veterans are encouraged to apply

MINIMUM & PREFERRED QUALIFICATIONS

This position requires a Bachelor’s degree from an accredited college or university as recognized by the United States Department of Education and/or the Council on Higher Education Accreditation (CHEA) and 3 years of experience. Experience working in a higher education environment is preferred. Credentials must be obtained prior to the start date.

KNOWLEDGE

Required

• IT background with practical knowledge of various technologies, including operating systems, servers/storage, network and web infrastructure, database architectures, software development, endpoint management, advanced threat protection, data loss prevention, and intrusion detection and prevention systems.

• Experience with IT operational processes, including software release principles, asset management, configuration management, incident management, and change management.

• Familiarity with business continuity and disaster recovery frameworks, principles, and best practices.

• Familiarity with risk assessment and management frameworks, principles, and best practices.

• Familiarity with audit and compliance frameworks, principles, and best practices.

• Experience with policy management and necessary documentation standards.

• Experience working with matrixed teams responsible for influencing and communicating across many university levels.

• Understanding of how social, political, environmental, economic, and conflict dynamics can affect enterprise risk.

• Strong analytical, evaluative, and problem-solving abilities and exceptional customer service orientation.

Preferred

• Business Continuity certification from DRI, BCI, or comparable.

• Risk Management Certification

• GRC Certification

SKILLS

Required

Planning and Priority Management

• Experience that reflects the ability to: be flexible, provide realistic resource requirements, develop methods for prioritizing ever-changing needs, create measurable objectives, and be accountable.

• Ability to prioritize multiple requests for services from a broad constituent base, including Vice Presidents, Deans, and Directors of central administrative units (e.g., Academics, Finance, Human Resources, Student Affairs, etc.).

Interpersonal Skills and Communication

• Demonstrate the skill to communicate effectively orally and in writing with non-technical and technical audiences.

• Communicate effectively within the unit, the OIT organization, and the campus community.

• Promote and sustain awareness of the services offered and responsibilities of all units with OIT.

• Excellent organizational and interpersonal skills.

Preferred

• None

ABILITIES

Required

Discipline-Specific

• Analyze, understand, and effectively translate business risks into BC and GRC plans and procedures.

• Perform industry research to determine best practices for BC and GRC audits and testing.

• Effective problem-solving, negotiation, and decision-making skills to influence leadership and internal and external partners.

• Work in partnership with stakeholders to establish business process requirements, analyze potential new services, prioritize projects, and develop and implement resiliency plans.

• Assess performance and recommend new measures to improve performance.

• Analyze current applications, recommend products, architecture strategies, software platforms, and database standards, and develop strategies to support business resiliency programs.

• Manage vendor relationships, including contract compliance requirements.

• Oversee projects from inception through implementation to ensure timely, practical completion and compliance.

• Work with the OIT project management team to manage projects, providing information about the timeframe, cost, delivery, issue resolution, risk mitigation, and status communication.

• Handle multiple simultaneous tasks and priority changes efficiently and effectively.

• Work both independently and collaboratively with peers, across teams, and management

• Exceptional business and technical writing capabilities

Preferred

• None

COMMITMENT to DIVERSITY and CAMPUS VALUES

A successful candidate will support diversity, equity, and inclusiveness and contribute to a respectful, positive work environment. They will use our to guide their decisions and actions and demonstrate our Rebel spirit.

SALARY RANGE

Salary competitive with those at similarly situated institutions.

• Competitive total rewards package including:

  • Paid time off, sick leave, and holidays

  • Excellent health insurance including medical, dental and vision

  • Comprehensive retirement plans and voluntary benefits programs

• No state income tax (for Nevada Residents)

• Tuition discounts at Nevada System of Higher Education (NSHE) schools

• Tuition discounts for spouses, domestic partners, and dependents

PERKS

• Employee recognition and appreciation programs

• UNLV athletics ticket discounts

• Statewide employee purchase program discounts

• discounts on and off campus

• for all UNLV faculty and staff at no cost

• Opportunity for career advancements to leadership roles