Information Security Analyst GRC
The University of Texas at Arlington Portal
Full-time
On-site
Arlington, Texas, United States
Job Summary
The Information Security Analyst for Governance, Risk, Compliance ( GRC ) is responsible for supporting day-to-day information security governance risk and compliance activities and assigned projects. Major functions include information security risk management, security policy development and enforcement, 3rd party vendor management and incident response assistance. Assist with the development and delivery of risk assessments. Assist with the development, monitoring, and enforcement of policy and standards. Provide support for information security projects.
Essential Duties And Responsibilities
Support the mission of the UTA Information Security Office as a part of the Governance, Risk, and Compliance team. Assess University compliance with regulatory requirements including, but not limited to, FERPA , PCI - DSS , HIPAA , and NIST 800-171. Develop and maintain information security policies, standards, and procedures relating to organization-wide information security domains. Assist with risk assessments, tracking risk mitigations and verification of security controls. Assist in the generation of metrics and reports used to convey the status of the information security program to University leadership, UT System, and Texas Department of Information Resources. Provide support for information security related customer questions and help requests. Work closely with OIT , Internal Audit, and other University units to understand, assess, and develop plans for mitigating information security risk Β· Support the development, implementation, and delivery of security awareness training programs. Assist with the management of the Incident Response Plan. Assist with security training exercises, incidents and investigations as needed. Other duties as assigned
Minimum Qualifications
Bachelorβs degree. Two (2) years relevant IT or GRC experience.
Preferred Qualifications
Certifications related to the duties and responsibilities specified, including but not limited to: Security +, SSCP , CISSP , CISM , CRISC , and/or CISA . Experience in Information Security Risk Management and the implementation of GRC strategies. Scripting and coding experience. Experience in higher education and/or Experience in Texas State government.
Work Schedule
Monday-Friday; 8:00am-5:00pm.
The Information Security Analyst for Governance, Risk, Compliance ( GRC ) is responsible for supporting day-to-day information security governance risk and compliance activities and assigned projects. Major functions include information security risk management, security policy development and enforcement, 3rd party vendor management and incident response assistance. Assist with the development and delivery of risk assessments. Assist with the development, monitoring, and enforcement of policy and standards. Provide support for information security projects.
Essential Duties And Responsibilities
Support the mission of the UTA Information Security Office as a part of the Governance, Risk, and Compliance team. Assess University compliance with regulatory requirements including, but not limited to, FERPA , PCI - DSS , HIPAA , and NIST 800-171. Develop and maintain information security policies, standards, and procedures relating to organization-wide information security domains. Assist with risk assessments, tracking risk mitigations and verification of security controls. Assist in the generation of metrics and reports used to convey the status of the information security program to University leadership, UT System, and Texas Department of Information Resources. Provide support for information security related customer questions and help requests. Work closely with OIT , Internal Audit, and other University units to understand, assess, and develop plans for mitigating information security risk Β· Support the development, implementation, and delivery of security awareness training programs. Assist with the management of the Incident Response Plan. Assist with security training exercises, incidents and investigations as needed. Other duties as assigned
Minimum Qualifications
Bachelorβs degree. Two (2) years relevant IT or GRC experience.
Preferred Qualifications
Certifications related to the duties and responsibilities specified, including but not limited to: Security +, SSCP , CISSP , CISM , CRISC , and/or CISA . Experience in Information Security Risk Management and the implementation of GRC strategies. Scripting and coding experience. Experience in higher education and/or Experience in Texas State government.
Work Schedule
Monday-Friday; 8:00am-5:00pm.