Information Security Risk Analyst
Posted on Oct 9, 2024 by University of California, Irvine
Irvine, CA
Health & Safety
Immediate Start
Annual Salary
Full-Time
Overview:
Founded in 1965, UC Irvine is a member of the prestigious Association of American Universities and is ranked among the nation’s top 10 public universities by U.S. News & World Report. The campus has produced five Nobel laureates and is known for its academic achievement, premier research, innovation and anteater mascot. Led by Chancellor Howard Gillman, UC Irvine has more than 36,000 students and offers 224 degree programs. It’s located in one of the world’s safest and most economically vibrant communities and is Orange County’s second-largest employer, contributing $7 billion annually to the local economy and $8 billion statewide.
To learn more about UC Irvine, visit .
The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University.
The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs.
Under the general supervision of the Supervisor, IT Security Risk and Compliance applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus policies and procedures to resolve a wide range of complex issues and manage IT security risk. Demonstrates competency in recommending methods and techniques to obtain results. Maintains a security awareness, outreach, training, and communication program. Develops user-facing content for security website. Manages GRC tool and related security risk management processes. Performs project management and coordination of various security initiatives and audit remediation using security domain knowledge. Performs and/or facilitates information security risk assessments of existing or new services and technologies and 3rd party supplier risk.
Responsibilities:
Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-53, 800-171, ISO 27001/27002). Required
Ability to follow department processes and procedures including knowledge of other areas of IT, department processes and procedures. Required
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Required
Experience using IT security systems and tools. Knowledge of risk management techniques. Experience using Governance, Risk & Compliance (GRC), vendor risk, risk register, and other security risk management tools and platforms. Required
Knowledge of other areas of IT, department processes and procedures. Required
Demonstrated skills applying security controls to computer software and hardware. Ability to create and interpret technical diagrams (e.g., network diagrams, data flow diagrams). Required
Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Required
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Required
Knowledge of computer hardware, software and security issues and approaches. Preferred
Demonstrated experience selecting and applying appropriate risk management technologies. Required
Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners. Required
Self-motivated with a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, and integrity. Required
Demonstrated skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. Required
Familiarity with UC information security policy (i.e., IS-3), program and procedures. Preferred
Qualifications:
Total Compensation
In addition to the salary range listed below, we offer a wealth of benefits to make working at UCI even more rewarding. These benefits may include medical insurance, sick and vacation time, retirement savings plans, and access to a number of discounts and perks. Please utilize the links listed here to learn more about our and .
The expected pay range for this recruitment is $85,400- $120,000 (Annual).
Required:
Bachelor's degree in related area and / or equivalent experience / training.
3-5 years of experience in information security, especially in an information risk analysis role, risk management and/or IT audit role.
3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS(phone number removed), COBIT, NIST 800, etc.).
Preferred:
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM).
Project Management Professional (PMP).
Project management experience.
Higher education experience.
Conditions of Employment:
The University of California, Irvine (UCI) seeks to provide a safe and healthy environment for the entire UCI community. As part of this commitment, all applicants who accept an offer of employment must comply with the following conditions of employment:
Background Check and Live Scan
Legal Right to work in the United States
Vaccination Policies
Smoking and Tobacco Policy
Drug Free Environment
The following additional conditions may apply, some of which are dependent upon business unit or job specific requirements.
California Child Abuse and Neglect Reporting Act
E-Verify
Pre-Placement Health Evaluation
Details of each policy may be reviewed by visiting the following page -
Closing Statement:
The University of California, Irvine is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California’s Affirmative Action Policy please visit: .
For the University of California’s Anti-Discrimination Policy, please visit:.
We are committed to attracting and retaining a diverse workforce along with honoring unique experiences, perspectives, and identities. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
UCI provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Human Resources at (phone number removed) or .
#OIT
Founded in 1965, UC Irvine is a member of the prestigious Association of American Universities and is ranked among the nation’s top 10 public universities by U.S. News & World Report. The campus has produced five Nobel laureates and is known for its academic achievement, premier research, innovation and anteater mascot. Led by Chancellor Howard Gillman, UC Irvine has more than 36,000 students and offers 224 degree programs. It’s located in one of the world’s safest and most economically vibrant communities and is Orange County’s second-largest employer, contributing $7 billion annually to the local economy and $8 billion statewide.
To learn more about UC Irvine, visit .
The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University.
The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs.
Under the general supervision of the Supervisor, IT Security Risk and Compliance applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus policies and procedures to resolve a wide range of complex issues and manage IT security risk. Demonstrates competency in recommending methods and techniques to obtain results. Maintains a security awareness, outreach, training, and communication program. Develops user-facing content for security website. Manages GRC tool and related security risk management processes. Performs project management and coordination of various security initiatives and audit remediation using security domain knowledge. Performs and/or facilitates information security risk assessments of existing or new services and technologies and 3rd party supplier risk.
Responsibilities:
Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-53, 800-171, ISO 27001/27002). Required
Ability to follow department processes and procedures including knowledge of other areas of IT, department processes and procedures. Required
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Required
Experience using IT security systems and tools. Knowledge of risk management techniques. Experience using Governance, Risk & Compliance (GRC), vendor risk, risk register, and other security risk management tools and platforms. Required
Knowledge of other areas of IT, department processes and procedures. Required
Demonstrated skills applying security controls to computer software and hardware. Ability to create and interpret technical diagrams (e.g., network diagrams, data flow diagrams). Required
Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Required
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Required
Knowledge of computer hardware, software and security issues and approaches. Preferred
Demonstrated experience selecting and applying appropriate risk management technologies. Required
Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners. Required
Self-motivated with a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, and integrity. Required
Demonstrated skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. Required
Familiarity with UC information security policy (i.e., IS-3), program and procedures. Preferred
Qualifications:
Total Compensation
In addition to the salary range listed below, we offer a wealth of benefits to make working at UCI even more rewarding. These benefits may include medical insurance, sick and vacation time, retirement savings plans, and access to a number of discounts and perks. Please utilize the links listed here to learn more about our and .
The expected pay range for this recruitment is $85,400- $120,000 (Annual).
Required:
Bachelor's degree in related area and / or equivalent experience / training.
3-5 years of experience in information security, especially in an information risk analysis role, risk management and/or IT audit role.
3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS(phone number removed), COBIT, NIST 800, etc.).
Preferred:
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM).
Project Management Professional (PMP).
Project management experience.
Higher education experience.
Conditions of Employment:
The University of California, Irvine (UCI) seeks to provide a safe and healthy environment for the entire UCI community. As part of this commitment, all applicants who accept an offer of employment must comply with the following conditions of employment:
Background Check and Live Scan
Legal Right to work in the United States
Vaccination Policies
Smoking and Tobacco Policy
Drug Free Environment
The following additional conditions may apply, some of which are dependent upon business unit or job specific requirements.
California Child Abuse and Neglect Reporting Act
E-Verify
Pre-Placement Health Evaluation
Details of each policy may be reviewed by visiting the following page -
Closing Statement:
The University of California, Irvine is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California’s Affirmative Action Policy please visit: .
For the University of California’s Anti-Discrimination Policy, please visit:.
We are committed to attracting and retaining a diverse workforce along with honoring unique experiences, perspectives, and identities. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
UCI provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Human Resources at (phone number removed) or .
#OIT
Reference: 203857123
https://jobs.careeraddict.com/post/96059580
Information Security Risk Analyst
Posted on Oct 9, 2024 by University of California, Irvine
Irvine, CA
Health & Safety
Immediate Start
Annual Salary
Full-Time
Overview:
Founded in 1965, UC Irvine is a member of the prestigious Association of American Universities and is ranked among the nation’s top 10 public universities by U.S. News & World Report. The campus has produced five Nobel laureates and is known for its academic achievement, premier research, innovation and anteater mascot. Led by Chancellor Howard Gillman, UC Irvine has more than 36,000 students and offers 224 degree programs. It’s located in one of the world’s safest and most economically vibrant communities and is Orange County’s second-largest employer, contributing $7 billion annually to the local economy and $8 billion statewide.
To learn more about UC Irvine, visit .
The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University.
The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs.
Under the general supervision of the Supervisor, IT Security Risk and Compliance applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus policies and procedures to resolve a wide range of complex issues and manage IT security risk. Demonstrates competency in recommending methods and techniques to obtain results. Maintains a security awareness, outreach, training, and communication program. Develops user-facing content for security website. Manages GRC tool and related security risk management processes. Performs project management and coordination of various security initiatives and audit remediation using security domain knowledge. Performs and/or facilitates information security risk assessments of existing or new services and technologies and 3rd party supplier risk.
Responsibilities:
Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-53, 800-171, ISO 27001/27002). Required
Ability to follow department processes and procedures including knowledge of other areas of IT, department processes and procedures. Required
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Required
Experience using IT security systems and tools. Knowledge of risk management techniques. Experience using Governance, Risk & Compliance (GRC), vendor risk, risk register, and other security risk management tools and platforms. Required
Knowledge of other areas of IT, department processes and procedures. Required
Demonstrated skills applying security controls to computer software and hardware. Ability to create and interpret technical diagrams (e.g., network diagrams, data flow diagrams). Required
Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Required
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Required
Knowledge of computer hardware, software and security issues and approaches. Preferred
Demonstrated experience selecting and applying appropriate risk management technologies. Required
Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners. Required
Self-motivated with a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, and integrity. Required
Demonstrated skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. Required
Familiarity with UC information security policy (i.e., IS-3), program and procedures. Preferred
Qualifications:
Total Compensation
In addition to the salary range listed below, we offer a wealth of benefits to make working at UCI even more rewarding. These benefits may include medical insurance, sick and vacation time, retirement savings plans, and access to a number of discounts and perks. Please utilize the links listed here to learn more about our and .
The expected pay range for this recruitment is $85,400- $120,000 (Annual).
Required:
Bachelor's degree in related area and / or equivalent experience / training.
3-5 years of experience in information security, especially in an information risk analysis role, risk management and/or IT audit role.
3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS(phone number removed), COBIT, NIST 800, etc.).
Preferred:
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM).
Project Management Professional (PMP).
Project management experience.
Higher education experience.
Conditions of Employment:
The University of California, Irvine (UCI) seeks to provide a safe and healthy environment for the entire UCI community. As part of this commitment, all applicants who accept an offer of employment must comply with the following conditions of employment:
Background Check and Live Scan
Legal Right to work in the United States
Vaccination Policies
Smoking and Tobacco Policy
Drug Free Environment
The following additional conditions may apply, some of which are dependent upon business unit or job specific requirements.
California Child Abuse and Neglect Reporting Act
E-Verify
Pre-Placement Health Evaluation
Details of each policy may be reviewed by visiting the following page -
Closing Statement:
The University of California, Irvine is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California’s Affirmative Action Policy please visit: .
For the University of California’s Anti-Discrimination Policy, please visit:.
We are committed to attracting and retaining a diverse workforce along with honoring unique experiences, perspectives, and identities. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
UCI provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Human Resources at (phone number removed) or .
#OIT
Founded in 1965, UC Irvine is a member of the prestigious Association of American Universities and is ranked among the nation’s top 10 public universities by U.S. News & World Report. The campus has produced five Nobel laureates and is known for its academic achievement, premier research, innovation and anteater mascot. Led by Chancellor Howard Gillman, UC Irvine has more than 36,000 students and offers 224 degree programs. It’s located in one of the world’s safest and most economically vibrant communities and is Orange County’s second-largest employer, contributing $7 billion annually to the local economy and $8 billion statewide.
To learn more about UC Irvine, visit .
The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University.
The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs.
Under the general supervision of the Supervisor, IT Security Risk and Compliance applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus policies and procedures to resolve a wide range of complex issues and manage IT security risk. Demonstrates competency in recommending methods and techniques to obtain results. Maintains a security awareness, outreach, training, and communication program. Develops user-facing content for security website. Manages GRC tool and related security risk management processes. Performs project management and coordination of various security initiatives and audit remediation using security domain knowledge. Performs and/or facilitates information security risk assessments of existing or new services and technologies and 3rd party supplier risk.
Responsibilities:
Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-53, 800-171, ISO 27001/27002). Required
Ability to follow department processes and procedures including knowledge of other areas of IT, department processes and procedures. Required
Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Required
Experience using IT security systems and tools. Knowledge of risk management techniques. Experience using Governance, Risk & Compliance (GRC), vendor risk, risk register, and other security risk management tools and platforms. Required
Knowledge of other areas of IT, department processes and procedures. Required
Demonstrated skills applying security controls to computer software and hardware. Ability to create and interpret technical diagrams (e.g., network diagrams, data flow diagrams). Required
Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Required
Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Required
Knowledge of computer hardware, software and security issues and approaches. Preferred
Demonstrated experience selecting and applying appropriate risk management technologies. Required
Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners. Required
Self-motivated with a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, and integrity. Required
Demonstrated skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. Required
Familiarity with UC information security policy (i.e., IS-3), program and procedures. Preferred
Qualifications:
Total Compensation
In addition to the salary range listed below, we offer a wealth of benefits to make working at UCI even more rewarding. These benefits may include medical insurance, sick and vacation time, retirement savings plans, and access to a number of discounts and perks. Please utilize the links listed here to learn more about our and .
The expected pay range for this recruitment is $85,400- $120,000 (Annual).
Required:
Bachelor's degree in related area and / or equivalent experience / training.
3-5 years of experience in information security, especially in an information risk analysis role, risk management and/or IT audit role.
3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS(phone number removed), COBIT, NIST 800, etc.).
Preferred:
Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM).
Project Management Professional (PMP).
Project management experience.
Higher education experience.
Conditions of Employment:
The University of California, Irvine (UCI) seeks to provide a safe and healthy environment for the entire UCI community. As part of this commitment, all applicants who accept an offer of employment must comply with the following conditions of employment:
Background Check and Live Scan
Legal Right to work in the United States
Vaccination Policies
Smoking and Tobacco Policy
Drug Free Environment
The following additional conditions may apply, some of which are dependent upon business unit or job specific requirements.
California Child Abuse and Neglect Reporting Act
E-Verify
Pre-Placement Health Evaluation
Details of each policy may be reviewed by visiting the following page -
Closing Statement:
The University of California, Irvine is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California’s Affirmative Action Policy please visit: .
For the University of California’s Anti-Discrimination Policy, please visit:.
We are committed to attracting and retaining a diverse workforce along with honoring unique experiences, perspectives, and identities. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable, and welcoming.
UCI provides reasonable accommodations for applicants with disabilities upon request. For more information, please contact Human Resources at (phone number removed) or .
#OIT
Reference: 203857123
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog