IT Security Risk and Compliance Analyst
IT Security Risk and Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 78000 - 95000
1 Vacancy
Job Description
Job Description
Under the guidance of the Associate Director of Risk and Compliance the IT Risk and Compliance Analyst will carry out IT security assessment activities including IT risk assessments and security reviews for university departments as well as evaluations of third-party technology solutions to ensure alignment with university policies standards and external compliance regulations wherever applicable. Assessment activities may include a wide variety of tasks depending on the scope of the review and the IT capabilities within university departments (e.g. developing asset inventory assessing endpoint and application security controls and configurations examining procedures etc.)
The analyst will be expected to make contributions to the creation and maintenance of documentation/procedures in support of the IT Risk and Compliance program and should identify opportunities for leveraging automation to support data consistency and process efficiencies within the program and as it relates to other university IT services. The analyst may provide training and outreach to the university community as needed and may also be called upon to coordinate updates for the IT Continuity of Operations plan and to assist units within the Division of Information Technology as they conduct disaster recovery planning or on other security-related initiatives as requested.
Please note: Sponsorship is not available for this position.
Required Qualifications
Masters degree in business information technology accounting or a related field; or equivalent combination of education training and experience
Demonstrated experience performing IT security reviews risk assessments or audits
Strong understanding of key information security concepts and fundamentals
Experience in creating awareness of security practices across multiple technical teams
Knowledge of security frameworks and standards including NIST PCI-DSS ISO 27001 CIS Critical Security Controls NIST Cybersecurity Framework (NIST CSF) etc.
Ability to effectively communicate across a broad range of campus audiences
Exceptional organizational and time-management skills
Preferred Qualifications
Professional certification such as CISA CISM CRISC or CISSP
Experience performing security assessment of SaaS services
Knowledgeable of relevant compliance regulations (e.g. FERPA GLBA)
Experience with GRC and Information security tools/technologies to collect and maintain security and risk information
Experience with automation using common scripting tools (e.g. Python PowerShell Bash etc.)
Experience with data analysis and manipulation
Experience managing IT security risk or compliance in a higher education setting
Overtime Status
Exempt: Not eligible for overtime
Appointment Type
Regular
Salary Information
$78000 $95000
Hours per week
40
Review Date
7/7/2025
Additional Information
The successful candidate will be required to have a criminal conviction check.
About Virginia Tech
Dedicated to its motto Ut Prosim (That I May Serve) Virginia Tech pushes the boundaries of knowledge by taking a hands-on transdisciplinary approach to preparing scholars to be leaders and problem-solvers. A comprehensive land-grant institution that enhances the quality of life in Virginia and throughout the world Virginia Tech is an inclusive community dedicated to knowledge discovery and creativity. The university offers more than 280 majors to a diverse enrollment of more than 36000 undergraduate graduate and professional students in eight undergraduate colleges a school of medicine a veterinary medicine college Graduate School and Honors College. The university has a significant presence across Virginia including the Innovation Campus in Northern Virginia; the Health Sciences and Technology Campus in Roanoke; sites in Newport News and Richmond; and numerous Extension offices and research centers. A leading global research institution Virginia Tech conducts more than $500 million in research annually.
Virginia Tech endorses and encourages participation in professional development opportunities and university shared governance. These valuable contributions to university shared governance provide important representation and perspective along with opportunities for unique and impactful professional development.
Virginia Tech does not discriminate against employees students or applicants on the basis of age color disability sex (including pregnancy) gender gender identity gender expression genetic information ethnicity or national origin political affiliation race religion sexual orientation or military status or otherwise discriminate against employees or applicants who inquire about discuss or disclose their compensation or the compensation of other employees or applicants or on any other basis protected by law.
If you are an individual with a disability and desire an accommodation please contact IT Human Resourcesat during regular business hours at least 10 business days prior to the event.
Required Experience:
IC
Employment Type
Full Time
