IT Security Compliance Analyst

Job Description:

We are seeking an IT Security Compliance Analyst to foster security awareness and knowledge across the organization, focusing on safeguarding both physical and informational assets.

Required Experience (5 years):

• Experience working in a direct IT security environment.
• Experience aligning organizations' security awareness programs.
• Experience overseeing IT systems change management, prioritizing security awareness and risk mitigation.
• Experience providing direct coaching to employees and departments to reduce the risk of security incidents.
• Experience administering security systems, analyzing data for potential threats, and identifying compliance needs.

Preferred Education, Certification, and Experience:

• Bachelor's degree in business management, computer science or related field.
• CompTIA Security+ Certification
• Program/project management experience in a leadership role.

Responsibilities:

• Act as a cross-functional liaison across technology security teams, enhancing collaboration to meet security objectives.
• Collaborate with the ITS Technology Security team, Communications and Marketing, and other departments to align the security awareness program with organizational objectives.
• Oversee IT systems change management, prioritizing security awareness and risk mitigation.
• Provide direct coaching to employees and departments to reduce the risk of security incidents.
• Develop, monitor, and report on Key Performance Indicators (KPIs) for security awareness, ensuring program objectives are met.
• Manage enterprise-wide phishing simulations and conduct security awareness training programs.
• Administer security systems, analyze data for potential threats, and identify compliance needs, serving as a technical lead for security awareness tools.
• Coordinate with the Project Management Office (PMO) to integrate security awareness into new technology deployments and updates.
• Evaluate and audit security awareness tools, recommending improvements to enhance effectiveness.
• Act as the point of contact for security incidents, contributing expertise to incident response teams and fostering a culture of security education.
• Partner with leadership and training groups to develop and implement comprehensive cyber awareness training across the organization and prepare security awareness metrics for leadership review.