Among the key duties of this position are the following:
Provides risk remediation recommendations to mitigate identified control gaps and drives awareness of available supporting resources and technologies.
Works closely with stakeholders across campus to ensure that risks are well documented and communicated.
Maintains a formal risk register that drives security governance and ensures security finding is aligned with business objectives.
Acts as an SME for end-to-end management of findings for information security assessments for vendors, applications.
Assists in creating policies and procedures to help reduce risk.
Minimum Education and Experience
Bachelor’s degree is required, preferably in Computer Science, Information Systems, Management Information.
Minimum of five (5) years of experience performing Information Security assessments with knowledge of HIPAA, GLBA and PCI DSS regulations and frameworks such as NIST CSF.