drjobs Senior IT Security Analyst GRCAwareness and Training

Senior IT Security Analyst GRCAwareness and Training

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Salt Lake, UT - USA

Monthly Salary drjobs

$ 127700 - 191500

Vacancy

1 Vacancy

Job Description

If youre passionate about building a better future for individuals communities and our countryand youre committed to working hard to play your part in building that futureconsider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online competencybased degree programs WGU is also committed to being a great place to work for a diverse workforce of studentfocused professionals. The university has pioneered a new way to learn in the 21st century one that has received praise from academic industry government and media leaders. Whatever your role working for WGU gives you a part to play in helping students graduate creating a better tomorrow for themselves and their families.

The salary range for this position takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

At WGU it is not typical for an individual to be hired at or near the top of the range for their position and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is:

Pay Range: $127700.00 $191500.00

Job Description

*This opportunity is onsite in Salt Lake City UT 4 days a week in office with 1 remote day*

As a member of WGUs Governance Risk and Compliance (GRC) team the Senior IT Security Analyst uses their knowledge of current security methods and standards to lead a comprehensive governance compliance and security awareness and training program. The Senior IT Security Analyst is a lead support role for the IT Security team. They will provide mentorship administrative service and support for governance compliance privacy security awareness and training risk management policy and standard creation and review vendor security risk vulnerability management and internal audit. They will also engage in the support of other security focused tools and services and other duties as assigned. In addition they may be asked to assist with risk assessments policy exceptions and other GRC related tasks.

Essential Functions and Responsibilities:

  • Functions as a senior IT Security Analyst in one or more of the following: auditing risk analysis and management governance and compliance security awareness training vendor risk analysis and vulnerability management.

  • Supports the creation of tools processes and communications that support information security initiatives. Participates and often leads in the development of security policies standards and procedures.

  • Develops and applies policies standards and procedures.

  • Works closely with legal and other departments to understand external regulatory requirements and supports legal in compliance initiatives.

  • Works with business units to adhere to internal policy requirements and external regulatory requirements.

  • Develops and maintains a security awareness and training program for both students and staff.

  • Manages and matures a Human Risk Management program.

  • Develops and analyzes monthly phishing emails utilizing industry standard tools.

  • Participates in tactical projects as they arise to clarify and respond to identified security risks across different domains.

  • Executes established security practices with consistency and discipline.

  • Identifies and creates process improvements.

  • Participates in risk assessment activities.

  • Understands the implications of privacy laws and regulations (e.g. GDPR and CCPA).

  • Consults with various areas of the business as an information security subject matter expert.

  • Performs activities needed to demonstrate regulatory compliance.

  • Participates in ongoing status meetings to update Information Security members of initiatives and ongoing projects.

  • Provides policy and technical advice to internal stakeholders to ensure new initiatives conform to current corporate security requirements.

  • Contributes to security operations and technology projects that have tactical and operational impact to all business segments of WGU.

  • Collaborates with IT leadership and other business leaders to provide integrated security planning and recommendations for innovative technologies that will enhance the current security posture of the organization system protection.

  • Performs other related duties as assigned.

Knowledge Skill and Abilities:

  • Maintains knowledge of NIST ISO and PCIDSS standards as well as FERPA GLBA GDPR HIPAA FTC regulations. Contributes to developing assessment plans building on the methodologies promoted by these standards and regulations to quantify risk.

  • Ability to articulate risk to management.

  • Execute established security practices with consistency and discipline.

  • Results oriented selfmotivated and selfdirected.

  • Works well with others maintaining a positive work environment by communicating in a manner to promote positive relations with customers coworkers and management.

  • Effective communication skills with the ability to communicate with purpose clarity and accuracy.

  • Excellent analytical problem solving and decisionmaking skills required. Identifies and resolves problems in a timely manner with a solution driven approach to problems.

  • Demonstrated pragmatic adaptable and resultdriven approach to information security risk management.

  • Methodical datadriven approach to security and risk analysis; ability to think imaginatively to implement security improvements.

Competencies:

Organizational or Student Impact:

  • Follows technical/ business processes; helps support change when necessary.

  • Executes complex specialized technical projects/assignments.

  • Responsible for major or many components in expertise.

  • Limit errors to prevent impact to client operations costs or schedules.

Problem Solving & Decision Making:

  • Individual meets department and personal goals with little direction/ supervision.

  • Leads key technical projects programs and may facilitate leadership and development of technical teams.

  • Drives project methods techniques and procedures.

Communication & Influence:

  • Communicates with parties within and outside of the university (e.g. customers vendors etc..

  • Works to influence parties within and outside of the job function at an operational level regarding policies procedures and practices.

Leadership & Talent Management:

  • Responsible for providing guidance coaching and training to other employees and to students.

  • Responsible for managing significant/complex technical projects at this level involving delegation of work and review of work products.

Job Qualifications:

Minimum Qualifications:

  • Bachelors Degree in related field or equivalent.

  • 8 years of Information Security experience.

  • Experience with security industry standards and best practices. Proven experience with interpretation and implementation of those standards in a corporate environment.

Preferred Qualifications:

  • Relevant security certifications (CISSP GIAC ISACA CEH etc. Certifications.

  • Experience recommending additional security requirements and safeguards.

Physical Requirements:

  • Prolonged periods sitting at a desk and working on a computer.

  • Must be able to lift up to 15 pounds at times.

Disclaimer: This Job Description has been designed to indicate the general nature essential duties and responsibilities of work performed by employees within this classification. It does not contain a comprehensive inventory of all duties responsibilities and qualifications that are required of the employee to do this job. Duties responsibilities and activities may change at any time with or without notice. This Job Description does not constitute a contract of employment and the University may exercise its employmentatwill rights at any time.

#LIAW2

Position & Application Details

FullTime Regular Positions (classified as regular and working 40 standard weekly hours): This is a fulltime regular position (classified for 40 standard weekly hours) that is eligible for bonuses; medical dental vision telehealth and mental healthcare; health savings account and flexible spending account; basic and voluntary life insurance; disability coverage; accident critical illness and hospital indemnity supplemental coverages; legal and identity theft coverage; retirement savings plan; wellbeing program; discounted WGU tuition; and flexible paid time off for rest and relaxation with no need for accrual flexible paid sick time with no need for accrual 11 paid holidays and other paid leaves including up to 12 weeks of parental leave.

How to Apply: If interested an application will need to be submitted online. Internal WGU employees will need to apply through the internal job board in Workday.

Additional Information

Disclaimer: The job posting highlights the most critical responsibilities and requirements of the job. Its not allinclusive.

Accommodations: Applicants with disabilities who require assistance or accommodation during the application or interview process should contact our Talent Acquisition team at

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to any protected characteristic as required by law.


Required Experience:

Senior IC

Employment Type

Full-Time

Company Industry

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.