IT Security Analyst V (IT Research Security Analyst)
University of Louisville
Louisville, KY
Job posting number: #7289746 (Ref:R105628)
Posted: October 23, 2024
Job Description
Department:
Location:
Belknap CampusTime Type:
Full timeWorker Type:
RegularJob Req ID:
R105628Minimum Requirements:
Bachelor's degree in Computer Science or a related field and eight (8) years of relevant experience or an equivalent combination of education and experience. (9E Salaried)Position Description:
The research computing-focused Information Security Analyst, in collaboration with the CISO, ISO, University Legal, and the EVPRI’s office, will play a pivotal role in ensuring the security and compliance of the University’s research computing environments. This position will be responsible for planning and implementing a comprehensive research information security program at the University of Louisville by developing, documenting, and maintaining security measures that meet internal and external regulatory requirements and protect sensitive research data. The ideal candidate will have a strong background in information security, a thorough understanding of regulatory frameworks, and experience in a research computing environment.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Ensure that research computing environments comply with all relevant regulatory requirements, including but not limited to HIPAA, FERPA, FISMA, CUI, CMMC, DFARS, ITAR.
Develop and maintain documentation related to compliance policies, procedures, standards, baselines, and guidelines. Ensure that all policies and procedures align with both internal and external security standards and regulatory requirements. Understand and communicate information security legislation, contractual obligations, regulations and university policies, standards and procedures. Offer insight, participate in and lead projects, task forces or work with constituents to assess or develop relevant policies, standards and procedures.
Regularly review and update policies and procedures to adapt to new regulations and emerging threats.
Plan and conduct regular audits and compliance assessments to identify compliance gaps and develop plans for corrective actions.
In collaboration with ITS Research Computing and the EVPRI’s office, determine information security requirements for research computing projects and assess the feasibility of implementing them.
Develop and maintain security policies, procedures, and system security plans for research computing systems in collaboration with the ITS Research Computing, Infrastructure and Security teams.
Conduct risk and technical assessments to identify potential security threats and vulnerabilities within research computing environments.
Monitor and analyze security incidents and develop response plans to address them effectively.
Develop and deliver training programs to educate researchers and staff about information security best practices and regulatory requirements.
Promote a culture of security awareness within the research community.
Stay current with the latest security trends, technologies, and regulatory changes. Develop comprehensive plans to ensure ITS has the capability to implement future requirements.
Serve as project manager/lead on research computing security projects.
PREFERRED QUALIFICATIONS
Bachelor’s Degree in Cyber or Information Security, Information Systems, Management, Business or related discipline.
Related work experience with an emphasis in information security, compliance, governance or related area.
Excellent oral, written, and interpersonal communications skills, with the ability to collaborate effectively with diverse stakeholders.
Knowledge of security frameworks and federal, state or industry security regulations.
Experience with risk management, security plan development, and incident response.
Experience with risk management, security plan development, and incident response.
Proficiency in using security tools and technologies.
Experience in conducting security audits and assessments.
Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
Professional certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
Experience with an information security framework, e.g., NIST’s CSF applied to a research computing environment, is highly desirable.
HIPAA, GLBA, FERPA, FISMA, CUI, CMMC, DFARS, PCI-DSS, and/or ITAR compliance experience.
Experience with cloud security.
Target Compensation Maximum:
$110,400.00Target Compensation Minimum:
$73,600.00Compensation will be commensurate to candidate experience.
Equal Employment Opportunity
The University of Louisville is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard torace, sex, age, color, national origin, ethnicity, creed, religion, disability, genetic information, sexual orientation, gender, gender identity and expression, marital status, pregnancy, or veteran status. If you are unable to use our online application process due to an impairment or disability, please contact the Employment team atemployment@louisville.eduor 502.852.6258.
Assistance and Accommodations
Computers are available for application submission at the Human Resources Department located at 215 Central Avenue, Ste 205 - Louisville, Kentucky 40208.
If you require assistance or accommodation with our online application process, please contact us by email atemployment@louisville.eduor by phone 502-852-6258.
Equal Employment Opportunity The University of Louisville is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, sex, age, color, national origin, ethnicity, creed, religion, disability, genetic information, sexual orientation, gender, gender identity and expression, marital status, pregnancy, or veteran status. If you are unable to use our online application process due to an impairment or disability, please contact the Employment team at [email protected] or 502.852.6258. Assistance and Accommodations Computers are available for application submission at the Human Resources Department located at 215 Central Avenue, Ste 205 - Louisville, Kentucky 40208. If you require assistance or accommodation with our online application process, please contact us by email at [email protected] or by phone 502-852-6258. About the University of Louisville In 2023, the University of Louisville celebrates its quasquibicentennial, the 225th anniversary of the 1798 beginnings of higher education in Louisville. One of the nation’s first city-owned, public universities, UofL today is a vital ecosystem that creates thriving futures for students, our community and society. As one of only 79 universities in the United States to earn recognition by the Carnegie Foundation as both a Research 1 and a Community Engaged university, we impact lives in areas of student success and research and innovation, while our dynamic connection with our local and global communities provides unparalleled opportunities for students and citizens both. The university serves as an engine that powers Metro Louisville and the commonwealth and as a classroom for UofL’s more than 23,000 students, who benefit from partnerships with top employers and a wide range of community service opportunities. To learn more, visit louisville.edu. The University of Louisville is a public university in Louisville, Kentucky. It is a member of the Kentucky state university system.