Under the guidance of the Associate Director of Risk and Compliance, the IT Risk and Compliance Analyst will carry out IT security assessment activities including IT risk assessments and security reviews for university departments, as well as evaluations of third-party technology solutions, to ensure alignment with university policies, standards, and external compliance regulations wherever applicable. Assessment activities may include a wide variety of tasks depending on the scope of the review and the IT capabilities within university departments (e.g. developing asset inventory, assessing endpoint and application security controls and configurations, examining procedures, etc.)

The analyst will be expected to make contributions to the creation and maintenance of documentation/procedures in support of the IT Risk and Compliance program, and should identify opportunities for leveraging automation to support data consistency and process efficiencies within the program and as it relates to other university IT services. The analyst may provide training and outreach to the university community as needed and may also be called upon to coordinate updates for the IT Continuity of Operations plan and to assist units within the Division of Information Technology as they conduct disaster recovery planning or on other security-related initiatives as requested.

Please note: Sponsorship is not available for this position.