Information Security Policy, Compliance and Risk Analyst
3 weeks ago
JOB SUMMARY
Under the direction of the Chief Information Security Officer, the Information Security Policy, Compliance and Risk Analyst (Information Security Analyst 2 or 3) is responsible for the development and operation of UConn’s Information Security Governance, Risk, and Compliance Program. The analyst develops policy recommendations, standards, risk assessments, and technical solutions. This role will assess, develop, and maintain a set of defined control standards designed to improve UConn’s information security posture through periodic assessments against the established standards and industry best practices.
The Information Security Policy, Compliance, and Risk Analyst is responsible for investigating a diverse range of policy, compliance, and technical issues across multiple platforms, working with a wide range of clients whose technical skills range from minimal to in-depth. The analyst works among a team of skilled information security and information technology professionals to assess and address problems within a complex network and cloud environment.
The Information Security Policy, Compliance, and Risk Analyst may specialize in a number of areas related to the continuous improvement of policy, compliance, monitoring, detection, and mitigation capabilities as part of the Information Security Office’s mission. These include but are not limited to Policy, Compliance, Vulnerability Management, Application Security, Firewalls, VPN, and IDS/IPS, Security Architecture, and other related Information Security disciplines. The Analyst plans, organizes, and establishes priorities related to an assignment; works independently with minimal outside support; and handles sensitive information in a confidential manner.
DUTIES AND RESPONSIBILITIES
JOB RESPONSIBILITIES FOR INFORMATION SECURITY ANALYST 2
Build, deliver, and manage an effective risk management program based on commonly accepted risk management strategies and frameworks and participate in the development and maintenance of relevant IT policy. Lead compliance initiatives such as: establishing security standards; performing periodic benchmarking assessments against chosen security standards and industry best practices; testing of controls; and engaging in incident response activities as required. Coordinate and participate in risk assessment activities and analyze the output of such activities. Produce and communicate recommendations to remediate risk in line with business objectives, and perform security assessments against systems and applications. Act as a liaison with third parties who are performing security or risk assessments and drive remediation of issues identified by the assessments. Research, evaluate, and recommend information security related hardware and software and produce, maintain, and update documentation. Manage key security processes to ensure the University’s compliance with industry regulations (e.g. NIST 800-171, CMMC 2.0, DFARS 252.204-70xx, HIPAA, PCI-DSS) and maintain awareness of external regulations for new or changed requirements. Serve as a key operational member and compliance official for the university’s Secure Research Infrastructure program. Draft and maintain systems security plans. Serve as subject matter expert regarding the sufficiency of controls and conformance to documented SSP(s) to address regulatory or compliance framework requirements. Use security tools (Firewall/VPN, Vulnerability Management, IDS/IPS, SIEM) in identifying and investigating threats to the environment, assessing compliance, and identifying risk reduction initiatives. Administer security tools (Vulnerability Management, IDS/IPS, GRC, VRM) to prevent threats and reduce risk in the environment. Monitor Security Information and Event Management (SIEM) platform and other logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises. Triage and respond to service requests from customers and internal teams. Participate in incident response activities in the event of cyber security incidents. Identify system security gaps, perform risk assessments, and recommend solutions to ensure best practices and security measures are being met for university systems. Promote security awareness providing direction, advice, and insight in all areas of information security to faculty, staff, researchers, and students of the University community. Maintains awareness of potential and developing threats across applicable industries and disciplines. Other duties as assigned.ADDITIONAL JOB RESPONSIBILITIES FOR INFORMATION SECURITY ANALYST 3
Design, implement, and maintain new security solutions. Lead major projects/initiatives related to security. Integrate data for use between various applications. Identify enterprise level security gaps, perform risk assessments, and recommend solutions to ensure best practices and security measures are being met across and between enterprise level systems. Creates custom code, api/rest integrations, or other maintainable integrations to facilitate data gathering/sharing across applications and platforms. Ability to operate autonomously and with limited supervision.MINIMUM QUALIFICATIONS
Note: Applicants must meet all minimum requirements of a specific level to be considered for the position.
Must be a US Citizen and be eligible to apply for a security clearance. Associate's degree and four (4) years of related experience, OR Bachelor’s degree and two (2) years of related experience, OR Six (6) years of related experience AND One (1) to three (3) years of experience working in an information security role or supporting an information security program. Demonstrable practical experience overseeing or participating in projects designed to improve institutional adherence to security policies or regulatory compliance. Experience administering an information security tool/platform and interpreting or leveraging the capabilities of that platform. Experience administering a data loss prevention system, governance, risk and compliance system, vulnerability management system, vendor risk management platform, or similar enterprise level platform. Knowledge of current security regulatory requirements including (but not limited to) HIPAA, CMMC 2.0, NIST 800-171, and PCI-DSS security requirements. Experience and competency in threat management and protection protocols. Excellent communication skills and attention to detail and the demonstrated ability to successfully interface with administrators, and technical and non-technical community members at all levels. Demonstrable understanding of common security controls (e.g. Firewalls, IPS/IDS, Network Architecture, Vulnerability Scanners, SIEM/SIM). Demonstrable ability to weigh business needs against security concerns. Demonstrable ability to operate under pressure and manage multiple priorities/deadlines.ADDITIONAL MINIMUM QUALIFICATION FOR INFORMATION SECURITY ANALYST 3
Associate's degree and six (6) years of related experience, OR Bachelor’s degree and four (4) years of related experience, OR Eight (8) years of related experience AND Three (3) to five (5 )years of experience working in an information security role or supporting an information security program. Senior level practical and technical information security experience. Demonstrable experience leading compliance and certification efforts for CMMC, NIST 800-171/2, DFARS 252.204-70xx, HIPAA, or other complex regulatory frameworks which have resulted in successful certification or acceptance of a regulating authority or agency.PREFERRED QUALIFICATIONS
Relevant information security certification(s) in one or more applicable information security domains. Experience in higher education. Enterprise scale project management experience.ADDITIONAL PREFERRED QUALIFICATIONS FOR INFORMATION SECURITY ANALYST 3
Master’s degree in information security, computer science, information management, or a related discipline. CISSP/CISA/CISM certification or equivalent.-
Sr IT Compliance Analyst
1 week ago
Mansfield, Texas, United States Mouser Electronics Full timeSr IT Compliance Analyst Location MANSFIELD TEXAS Hours Needed M-F, 8:00AM - 5:00PM Requisition Number 17451 Apply Now ) Title: IT Compliance AnalystLocation: Mansfield, TX The IT Compliance Analyst is responsible for maintaining all Mouser Information Security and Privacy-related compliance requirements and identifying related risks. This position will...
-
Sr IT Compliance Analyst
2 months ago
Mansfield, United States Mouser Electronics Full timeTitle: IT Compliance Analyst Location: Mansfield, TX The IT Compliance Analyst is responsible for maintaining all Mouser Information Security and Privacy-related compliance requirements and identifying related risks.This position will ensure corrective actions are implemented for anything found non-compliant under Mouser's Information Security Compliance...
-
Research Security Analyst
1 week ago
Mansfield, United States MORS Full timeDetails Posted: 18-Jun-24 Location: Storrs Campus Salary: Open Internal Number: JOB SUMMARY UConn's Office of the Vice President for Research (OVPR) seeks a Research Security Analyst (University Staff Professional 1) to enhance research security for UConn Storrs, UConn Health, and regional campuses. The Research Security Analyst in the...
-
Research Security Analyst
1 week ago
Mansfield, Ohio, United States MORS Full timeDetails Posted: 18-Jun-24 Location: Storrs Campus Salary: Open Internal Number: JOB SUMMARY UConn's Office of the Vice President for Research (OVPR) seeks a Research Security Analyst (University Staff Professional 1) to enhance research security for UConn Storrs, UConn Health, and regional campuses. The Research Security Analyst in the Office...
-
Senior Quality Compliance Analyst
2 weeks ago
Mansfield, United States Starr Insurance Companies Full timeStarr Insurance Companies is a leading insurance and investment organization, providing commercial property and casualty insurance, including travel and accident coverage, to almost every imaginable business and industry in virtually every part of the world. Cornelius Vander Starr established his first insurance company in Shanghai, China in 1919. Today, we...
-
Level Iii Security Officer
2 weeks ago
Mansfield, United States Border Security and Investigations Full timeNOW HIRING for immediate placement, armed officers in Mansfield area! All applicants must have a valid armed security license and be able to provide their own gun with duty gear. All applicants for this position should have exceptional customer service skills. Job Description & Requirements: For this armed position, we require that you are already licensed...
-
Level Iii Security Officer
1 week ago
Mansfield, Ohio, United States Border Security and Investigations Full timeNOW HIRING for immediate placement, armed officers in Mansfield area All applicants must have a valid armed security license and be able to provide their own gun with duty gear. All applicants for this position should have exceptional customer service skills.Job Description & Requirements:For this armed position, we require that you are already licensed and...
-
Compliance Specialist
1 week ago
Mansfield, United States Cencora Full time**What you will be doing**: **Position hours**:Monday - Friday 8am-4:30pm, EST - Please note, this position is fully onsite at our Mansfield, MA facility. There is no option for hybrid or remote working arrangements. _ **_PRIMARY DUTIES AND RESPONSIBILITIES:_** 1. Monitors the overall compliance program at the operating level and works closely with the...
-
Fire Alarm
3 weeks ago
Mansfield, United States Summit Fire & Security Full timeJob DescriptionJob DescriptionAre you interested in working for the nation’s leading fire protection company and beginning a rewarding and satisfying career that helps save the lives of thousands each year? Do you want to be a part of a growing and expanding team of industry experts? If so, exploring career opportunities with Summit Fire & Security may be...
-
Information Security Officer
1 week ago
Port Mansfield, Texas, United States Phoenix Technologies Full timeThe Richter-Helm BioLogics GmbH & Co. KG, a subsidiary of Gedeon Richter AG and HELM AG, is a dynamic biotechnology company with approximately 320 employees at its facilities in Hamburg, Bovenau, and Hannover. The company develops and produces biopharmaceutical active ingredients under GMP conditions. We are currently seeking a Information Security Officer...
-
Human Resources Compliance Administrator
3 weeks ago
Mansfield, United States The Gorman Rupp Company Full timeWe are The Pump People! Are you interested in an opportunity to join a leader in the pump industry?The Gorman-Rupp Company, headquartered in Mansfield, Ohio, has been designing, manufacturing, and selling pumps and pumping systems for use in water, wastewater, construction, industrial, original equipment, agriculture, fire protection, heating, ventilation...
-
Human Resources Compliance Administrator
1 month ago
Mansfield, United States The Gorman Rupp Company Full timeWe are The Pump People! Are you interested in an opportunity to join a leader in the pump industry?The Gorman-Rupp Company, headquartered in Mansfield, Ohio, has been designing, manufacturing, and selling pumps and pumping systems for use in water, wastewater, construction, industrial, original equipment, agriculture, fire protection, heating, ventilation...
-
Human Resources Compliance Administrator
1 month ago
Mansfield, United States The Gorman Rupp Company Full timeWe are The Pump People! Are you interested in an opportunity to join a leader in the pump industry?The Gorman-Rupp Company, headquartered in Mansfield, Ohio, has been designing, manufacturing, and selling pumps and pumping systems for use in water, wastewater, construction, industrial, original equipment, agriculture, fire protection, heating, ventilation...
-
Human Resources Compliance Administrator
3 weeks ago
Mansfield, United States The Gorman Rupp Company Full timeWe are The Pump People! Are you interested in an opportunity to join a leader in the pump industry?The Gorman-Rupp Company, headquartered in Mansfield, Ohio, has been designing, manufacturing, and selling pumps and pumping systems for use in water, wastewater, construction, industrial, original equipment, agriculture, fire protection, heating, ventilation...
-
Manager, Credit
4 weeks ago
Mansfield, United States TriMark USA Full timeWhy you’ll love it here! + 401k + Community Service Day + Spotlight Awards + National Sales Excellence Awards + CFSP Prep Certification Program ***: - The Credit & Collections Manager reports to the Regional Director of Credit & Collections - Located in Mansfield, MA - Full-Time - Hybrid The Credit & Collections Manager holds a position of...
-
Nurse Practitioner NP, Part-Time, HRA
3 weeks ago
Mansfield, United States Hueman Risk Adjustment Full timeJob DescriptionJob DescriptionHueman is actively hiring Nurse Practitioners to complete in-home Health Risk Assessments (HRAs) for Medicare and Medicaid members in and around Mansfield, OH. This unique opportunity adapts to your lifestyle, giving you the freedom to achieve your professional goals on your terms, all while enjoying a schedule designed with...
-
Nurse Practitioner NP, Part-Time, HRA
1 month ago
Mansfield, United States Hueman Risk Adjustment Full timeJob DescriptionJob DescriptionHueman is actively hiring Nurse Practitioners to complete in-home Health Risk Assessments (HRAs) for Medicare and Medicaid members in and around Mansfield, OH. This unique opportunity adapts to your lifestyle, giving you the freedom to achieve your professional goals on your terms, all while enjoying a schedule designed with...
-
Operational Analyst
1 month ago
Mansfield, United States Harsco Environmental Full timeJob DescriptionJob DescriptionCompany DescriptionHarsco Corporation is a diversified, global engineered products and services company serving the worldwide environmental, steel, railway and energy sectors. We have an unrivalled breadth of experience across the globe and an impressive reputation stretching back more than a century. Based in Camphill, PA, with...
-
Operational Analyst
4 weeks ago
Mansfield, United States Harsco Environmental Full timeJob DescriptionJob DescriptionCompany DescriptionHarsco Corporation is a diversified, global engineered products and services company serving the worldwide environmental, steel, railway and energy sectors. We have an unrivalled breadth of experience across the globe and an impressive reputation stretching back more than a century. Based in Camphill, PA, with...
-
Operational Analyst
3 weeks ago
Mansfield, United States Harsco Environmental Full timeJob DescriptionJob DescriptionCompany DescriptionHarsco Corporation is a diversified, global engineered products and services company serving the worldwide environmental, steel, railway and energy sectors. We have an unrivalled breadth of experience across the globe and an impressive reputation stretching back more than a century. Based in Camphill, PA, with...
