University of Utah
Information Security and Compliance Analyst Sr
University of Utah, Salt Lake City, Utah, United States, 84112
Information Security and Compliance Analyst Sr
Is this the next step in your career Find out if you are the right candidate by reading through the complete overview below.
Job Summary
Lead the information security team for the Center for High Performance Computing at the University of Utah, focusing on compliance and documentation. Analyze existing processes to reveal shortcomings and develop plans to address them.
Ensure that CHPC operates in compliance with U of U policy and applicable laws and regulations. Supported research includes projects using data governed by one or more of the following frameworks: HIPAA, NIST 800-171, CMMC, ITAR, and FISMA Moderate.
The applicant will develop and maintain plans and documentation, including system security plans (SSPs) and plans of actions and milestones (POAMs); work with CHPC teams to analyze and mitigate risk and improve security posture; advise department policies and procedures; and engage with other campus security and compliance teams. CHPC resources include HPC clusters, virtual machines, large-scale storage, and other systems.
** It is anticipated that this position will involve access to federally funded research that is subject to federal sponsorship regulatory restrictions (e.g. certain export control, data security, acquisition regulations, or federal contract clauses) that mandate U.S. citizen participation only.
Responsibilities· Develop and maintain plans and documentation for compliance with various regulatory frameworks, including system security plans and plans of actions and milestones.· Ensure required reviews and audits take place as scheduled and are documented in a timely fashion.· Work closely with CHPC teams ensure deployments are compliant with documented plans and legal, regulatory, or contractual requirements.· Analyze and mitigate risk, improve security posture, and advise departmental policies and procedures.· Work with the University of Utah Institutional Security Office (ISO) and other campus organizations to leverage tools, techniques, and resources as appropriate.· Attend departmental and institutional meetings and security conferences and participate, contribute and/or present as appropriate, network with peer institutes, and form collaborative relationships.
This job description is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.Work Environment and Level of Frequency typically requiredNearly Continuously: Office environment.Physical Requirements and Level of Frequency that may be requiredNearly Continuously: Sitting, hearing, listening, talking.Often: Repetitive hand motion (such as typing), walking.Seldom: Bending, reaching overhead.
Minimum QualificationsRequires a bachelor's degree in area of specialty, or equivalency (one year of education can be substituted for two years of related work experience); and 2-4 years of experience in the field or in a related area.
Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position description.
Department Specific Requirements
· Demonstrated group lead experience· Experience in developing and maintaining compliance plans and documentation (e.g. SSPs and POAMs) for a primarily Unix/Linux environment· Ability to develop recommendations to meet compliance needs· Excellent organization, communication, and documentation skills· Ability to work proactively under minimal supervision in a flexible work environment· A commitment to provide excellent customer service· Ability to work in a team environment· Ability to maintain a culture of openness, trust, and transparency while ensuring a safe, secure, and protected environment for our customers
Preferences· Experience with cybersecurity auditing strongly preferred· Experience with IT security tools, including anti-virus/anti-malware, EDR (Endpoint Detection and Response), Data Loss Prevention (DLP), or Next Gen Firewall systems· System administration background, especially Linux/Unix· Experience working with contracts or grants, especially in an academic environment
Special InstructionsPlease make sure to complete reference section.
Requisition Number: PRN40330BFull Time or Part Time? Full TimeWork Schedule Summary: Monday – FridayDepartment: 00640 - Ctr for High Perform ComputingLocation: CampusPay Rate Range: 70000 to 109,649Close Date: 1/31/2025Open Until Filled:
To apply, visit https://utah.peopleadmin.com/postings/173976
jeid-dd8e8f10b3a5924f8161e8fdf11b81d7
Is this the next step in your career Find out if you are the right candidate by reading through the complete overview below.
Job Summary
Lead the information security team for the Center for High Performance Computing at the University of Utah, focusing on compliance and documentation. Analyze existing processes to reveal shortcomings and develop plans to address them.
Ensure that CHPC operates in compliance with U of U policy and applicable laws and regulations. Supported research includes projects using data governed by one or more of the following frameworks: HIPAA, NIST 800-171, CMMC, ITAR, and FISMA Moderate.
The applicant will develop and maintain plans and documentation, including system security plans (SSPs) and plans of actions and milestones (POAMs); work with CHPC teams to analyze and mitigate risk and improve security posture; advise department policies and procedures; and engage with other campus security and compliance teams. CHPC resources include HPC clusters, virtual machines, large-scale storage, and other systems.
** It is anticipated that this position will involve access to federally funded research that is subject to federal sponsorship regulatory restrictions (e.g. certain export control, data security, acquisition regulations, or federal contract clauses) that mandate U.S. citizen participation only.
Responsibilities· Develop and maintain plans and documentation for compliance with various regulatory frameworks, including system security plans and plans of actions and milestones.· Ensure required reviews and audits take place as scheduled and are documented in a timely fashion.· Work closely with CHPC teams ensure deployments are compliant with documented plans and legal, regulatory, or contractual requirements.· Analyze and mitigate risk, improve security posture, and advise departmental policies and procedures.· Work with the University of Utah Institutional Security Office (ISO) and other campus organizations to leverage tools, techniques, and resources as appropriate.· Attend departmental and institutional meetings and security conferences and participate, contribute and/or present as appropriate, network with peer institutes, and form collaborative relationships.
This job description is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.Work Environment and Level of Frequency typically requiredNearly Continuously: Office environment.Physical Requirements and Level of Frequency that may be requiredNearly Continuously: Sitting, hearing, listening, talking.Often: Repetitive hand motion (such as typing), walking.Seldom: Bending, reaching overhead.
Minimum QualificationsRequires a bachelor's degree in area of specialty, or equivalency (one year of education can be substituted for two years of related work experience); and 2-4 years of experience in the field or in a related area.
Applicants must demonstrate the potential ability to perform the essential functions of the job as outlined in the position description.
Department Specific Requirements
· Demonstrated group lead experience· Experience in developing and maintaining compliance plans and documentation (e.g. SSPs and POAMs) for a primarily Unix/Linux environment· Ability to develop recommendations to meet compliance needs· Excellent organization, communication, and documentation skills· Ability to work proactively under minimal supervision in a flexible work environment· A commitment to provide excellent customer service· Ability to work in a team environment· Ability to maintain a culture of openness, trust, and transparency while ensuring a safe, secure, and protected environment for our customers
Preferences· Experience with cybersecurity auditing strongly preferred· Experience with IT security tools, including anti-virus/anti-malware, EDR (Endpoint Detection and Response), Data Loss Prevention (DLP), or Next Gen Firewall systems· System administration background, especially Linux/Unix· Experience working with contracts or grants, especially in an academic environment
Special InstructionsPlease make sure to complete reference section.
Requisition Number: PRN40330BFull Time or Part Time? Full TimeWork Schedule Summary: Monday – FridayDepartment: 00640 - Ctr for High Perform ComputingLocation: CampusPay Rate Range: 70000 to 109,649Close Date: 1/31/2025Open Until Filled:
To apply, visit https://utah.peopleadmin.com/postings/173976
jeid-dd8e8f10b3a5924f8161e8fdf11b81d7