Business Processes, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, Change Management, Communication Skills, Computer Security, Conferences, Documentation, Family Educational Rights and Privacy Act (FERPA), ISO (International Organization for Standardization), Incident Response, Industry Standards, Information Technology & Information Systems, Internet Security, Legal Research, Maintain Compliance, On Call, PCI-DSS, Presentation/Verbal Skills, Regulations, Regulatory Compliance, Regulatory Requirements, Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Protocols, U.S. National Institute of Standards and Technology (NIST), Willing to Travel, Writing Skills
About This Role
The Cyber Security Risk & Compliance Analyst is responsible for assessing and managing cybersecurity risks across the university's IT environment while ensuring adherence to regulatory requirements, industry standards, and institutional security policies. This position plays a key role in identifying vulnerabilities, conducting risk assessments, monitoring compliance controls, and providing actionable recommendations to strengthen the university's overall security and compliance posture.
About Us
The role is with the Security Incident Operations Center (SIOC) team and works to optimize detection capabilities, improve response, and maintain proactive threat response protocols. The security operations engineer ensures that the university's IT assets remain resilient against evolving security threats while delivering high-quality service to stakeholders across the institution.
Worksite Description
This position is On-site.
What You'll Need to Succeed
Minimum Qualifications:
- Requires a high school diploma (or equivalent) and six years of relevant experience. Requirements may be met through a combination of work experience and education.
Preferred Qualifications:
- 3-5 years of experience in compliance, audit, or risk management
- Strong knowledge of regulatory frameworks and standards
- Experience with GRC platforms
- Understanding of risk assessment methodologies
- Excellent written and verbal communication skills
- Experience with audit processes and evidence collection
- Knowledge of cybersecurity frameworks (NIST, ISO 27001)
- Compliance or risk management certifications (CISA, CRISC, CISM)
- Experience with specific industry regulations (FERPA, GLBA, PCI DSS, etc)
- Knowledge of business process mapping and documentation
- Experience with policy management systems
- Understanding of legal and regulatory research
Additional Role Information:
- Occasional after-hours work for incident response or change management work in designated maintenance windows
- Participation in on-call rotation (applicable positions)
- Occasional travel required for training, conferences, or other events
Sponsorship eligibility:
Candidates must be legally authorized to work in the U.S. on an ongoing basis without sponsorship
How to Apply
Please submit the following documents:
- Resume
- Cover Letter
- Three Professional References
Application Window
Applications close on: 5/29/26
Anticipated Hiring Pay Range
$61,591-$70,000