Enterprise Information Security Risk Analyst, Information Technology, Dell Medical School

Job title: Enterprise Information Security Risk Analyst, Information Technology, Dell Medical School

Company: University of Texas at Austin

Job description: Job Posting Title: Enterprise Information Security Risk Analyst, Information Technology, Dell Medical School—-Hiring Department: Dell Medical School—-Position Open To: All Applicants—-Weekly Scheduled Hours: 40—-FLSA Status: Exempt—-Earliest Start Date: Immediately—-Position Duration: Expected to Continue—-Location: AUSTIN, TX—-Job Details: General Notes The position will have a hybrid work arrangement, which is based in Austin, Texas. Pre-approval on state eligibility during the offer process will be required for remote work. Remote work will require reliable internet access and a suitable workspace free from distractions.

Purpose Under the direction of the Manager of Enterprise IT Security and Operations within the Office of the CIO, the Enterprise Information Security Risk Analyst will work closely with the Enterprise Cybersecurity Architect to perform IT security analysis and assessments in accordance with established procedures and protocols. The position will ensure the demonstrable Confidentiality, Integrity, and Availability (CIA) of the University of Austin Dell Medical School’s information assets for authorized internal and external users by reviewing, validating, classifying, and responding to security events and cyber-attacks.

Responsibilities  Contribute to maintaining and improving the Dell Medical School Cyber Security Governance, Risk, and Compliance program and further mature the Dell Medical School’s Risk and Governance capabilities. Work closely with various cybersecurity teams to track the effectiveness of security controls, map threats to controls, and properly prioritize the implementation of controls to reduce risk within the Dell Medical School environment. Conduct cybersecurity audits, assessments and support ongoing audit requirements for all systems. Refine security metrics and dashboards; and manage the cyber security risk register processes and risk profile.Work with technology and business partners to ensure compliance with security standards and regulations, such as HIPAA, FERPA, PCI DSS, ISO 27001, NIST, etc. Work closely with development and technical staff, as well as with other stakeholders to coordinate, track, and support the remediation of security issues and risks. Oversee and manage the compliance of key controls, reporting on remediation activities, and coordinate continuous risk remediation efforts. Ensure timely reporting and escalation to security and executive leadership. Analyze data to identify potential risks, aggregates data from multiple sources to provide a comprehensive assessment, creates reports, summaries, presentations, and process documents, collaborates with other team members to effectively analyze and present data. Conduct review of existing security policies, procedures, standards, and exceptions. Assist in the development of policies for conducting cyber security risk assessments and compliance audits. Assist in mapping Dell Medical School’s cyber security program to multiple industry security frameworks, regulations, and best practices (HIPAA, NIST, FERPA, Texas Cyber Security Framework). Contribute to the continuous improvement of the cyber security program and provide feedback and recommendations on security best practices and enhancements. Conduct review of third-party vendor assessment of services/contracts (applications, hosting, systems, etc.) that involve the collection, processing, transmission, or storage of all data types defined by the University’s Data Classification standards; develop and implement an ongoing supporting documentation. Other related duties as assigned.

Required Qualifications   Bachelor’s degree plus 4 years of progressive experience working in information technology, security, or risk management. Comparable success and work experience may be considered in lieu of degree requirement. Knowledge of risk management frameworks (RMF). Must have functional understanding of federal, state and University regulations, standards, and compliance mandates, including but not limited to HIPAA, HITECH, PCI, FERPA, NIST 800-171, NIST 800-53, and other regulatory audits. CompTIA Security + or other industry related certifications. Must possess a high degree of integrity relative to computer security and the confidentiality of information. Demonstrated ability to analyze IT security threats, understand risk, articulate operational impact and work as part of a team dedicated to achieving and maintaining compliance to all applicable regulations. Working knowledge of following technologies: Various operating systems such as Windows, Linux, macOS, various security tools such as, SIEMs, Data Loss and Prevention (DLP), Vulnerability Assessment tools such as MS Defender ATP and/or CrowdStrike. Working knowledge of network protocols and firewall concepts. Demonstrated ability to perform IT security risk assessments, develop and resolve complex security related issues, recommend, develop and implement compensating controls to remediate or mitigate known risk and vulnerabilities to an acceptable level. Exceptional verbal and written communications and consultative customer service skills. Ability to establish collaborative working relationships at all contact levels across the University. Demonstrated passion for problem solving; proficient project and portfolio management experience with the ability to work autonomously in a fast-paced environment with multiple priorities and deadlines. General knowledge of IT governance and operations. Relevant education and experience may be substituted as appropriate.

Preferred Qualifications Healthcare experience. Experience in network scanning or cloud security. Knowledge of Incident Response (IR). Professional experience working with the following technologies: Jamf, MECM, remote support tools such as Bomgar, Team Viewer. CRISC (Certified in Risk and Information Systems Control) or CISA (Certified Information Security Auditor).

Salary Range $75,000 + depending on qualifications

Working Conditions  May work around standard office conditions. Repetitive use of a keyboard at a workstation.  Materials Resume/CV3 work references with their contact information; at least one reference should be from a supervisor Letter of interest Important for applicants who are NOT current university employees or contingent workers: You will be prompted to submit your resume the first time you apply, then you will be provided an option to upload a new Resume for subsequent applications. Any additional Required Materials (letter of interest, references, etc.) will be uploaded in the Application Questions section; you will be able to multi-select additional files. Before submitting your online job application, ensure that ALL Required Materials have been uploaded. Once your job application has been submitted, you cannot make changes.Important for Current university employees and contingent workers: As a current university employee or contingent worker, you MUST apply within Workday by searching for Find UT Jobs. If you are a current University employee, log-in to Workday, navigate to your Worker Profile, click the Career link in the left hand navigation menu and then update the sections in your Professional Profile before you apply. This information will be pulled in to your application. The application is one page and you will be prompted to upload your resume. In addition, you must respond to the application questions presented to upload any additional Required Materials (letter of interest, references, etc.) that were noted above.—-Employment Eligibility: Regular staff who have been employed in their current position for the last six continuous months are eligible for openings being recruited for through University-Wide or Open Recruiting, to include both promotional opportunities and lateral transfers. Staff who are promotion/transfer eligible may apply for positions without supervisor approval.—-Retirement Plan Eligibility: The retirement plan for this position is Teacher Retirement System of Texas (TRS), subject to the position being at least 20 hours per week and at least 135 days in length.

Background Checks:  A criminal history background check will be required for finalist(s) under consideration for this position.

Equal Opportunity Employer    The University of Texas at Austin, as an , complies with all applicable federal and state laws regarding nondiscrimination and affirmative action. The University is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, or veteran status in employment, educational programs and activities, and admissions.

Pay Transparency:  The University of Texas at Austin will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.—-Employment Eligibility Verification:If hired, you will be required to complete the federal Employment Eligibility Verification I-9 form. You will be required to present acceptable and original to prove your identity and authorization to work in the United States. Documents need to be presented no later than the third day of employment. Failure to do so will result in loss of employment at the university.—-E-Verify:The University of Texas at Austin use E-Verify to check the work authorization of all new hires effective May 2015. The university’s company ID number for purposes of E-Verify is 854197. For more information about E-Verify, please see the following:
[PDF] [PDF] [PDF] [PDF]

Compliance :    Employees may be required to report violations of law under Title IX and the Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act (Clery Act). If this position is identified a Campus Security Authority (Clery Act), you will be notified and provided resources for reporting. Responsible employees under Title IX are defined and outlined in .The Clery Act requires all prospective employees be notified of the availability of the Annual Security and Fire Safety report. You may or obtain a copy at University Compliance Services, 1616 Guadalupe Street, UTA 2.206, Austin, Texas 78701.

Expected salary: $75000 per year

Location: Austin, TX

Job date: Sat, 02 Mar 2024 05:53:17 GMT

Apply for the job now!

Leave a Comment

Scroll to Top