Below you will find the details for the position including any
supplementary documentation and questions you should review before
applying for the opening. To apply for the position, please click
the Apply for this Job link/button.
If you would like to bookmark this position for later
review, click on the Bookmark link. If you would like to print
a copy of this position for your records, click on the Print
If Limited Term (End Date of Assignment, Project, or Grant)
Position Type Staff
The IT Compliance Manager is a key IT security role responsible
for defining, enforcing, and maintaining IT security standards,
processes, and procedures to ensure the protection and recovery of
company data. This role will partner closely with ITS Information
Security, Support, and Systems, along with University colleges,
departments, and functional areas, to develop, maintain, document
and execute compliance policies, processes, controls and support
related compliance tools.
Duties and Responsibilities
1. Perform security risk assessments and recommend security
requirements for new and existing information technologies,
systems, applications, and services.
2. Collaborate with University departments on the definition of
information security policy, standards, and guidelines appropriate
to business, technology, research and legal requirements as well as
best industry practices.
3. Protect the integrity, availability, and confidentiality of
University information, providing reports to the leadership teams
regarding the effectiveness of the security controls
4. Lead the resolution of security incidents in their area of
responsibility, including taking ownership of reviews of
significant breaches of security.
5. Develop disaster recovery and business continuity standards
and processes as well as requirements for backup and recovery
6. Develop and maintain deep understanding of compliance
frameworks and their application to the university.
7. Apply knowledge of IT compliance along with a deep
understanding of the academic and business needs of the University
to provide compliance-related recommendations and support to
students, faculty, and staff.
8. Develop, analyze, and present scheduled and ad hoc reports,
and make recommendations based on the data from various
9. Develop and maintain IT compliance documentation.
10. Perform other duties and responsibilities as required,
assigned, or requested.
Required Knowledge, Skills and Abilities
• Baccalaureate degree in a technical field or equivalent
relevant and progressive work experience.
• Minimum of 5 years’ experience in information security and
compliance or the equivalent combination of education, training,
security certification, and directly related technical
• Strong multi-platform knowledge covering network and
host-based firewalls, intrusion detection/prevention systems,
vulnerability scanning and penetration testing tools, anti-malware
and spam protection, secure data transmission technologies (e.g.,
SSL VPN , IPSEC , SSH ), and network monitoring/protection
• Extensive knowledge of security risks, controls, and risk
mitigation options applicable to computer networks, server and
desktop operating systems, communication protocols, and software
• Experience within the IT Security & Compliance domain:
incident response, policy writing, vulnerability testing,
regulatory compliance ( PCI , HIPAA , GDPR , FERPA ), and data
• Strong oral and written communication skills, especially the
ability to effectively impart complex or technical subjects to
• Strong organizational, analytical and problem-solving skills
with a heightened concern for confidentiality and attention to
• Ability to attend meetings, workshops and conferences on and
off campus during and outside of normal business hours.
• Responsible for responding to technical emergencies both
during and outside of normal business hours.
Preferred Knowledge, Skills and Abilities
• Three or more years of experience configuring and operating
network and host-based firewalls, intrusion detection/prevention
systems, vulnerability scanning and penetration testing tools,
anti-malware and spam protection, secure data transmission
technologies (e.g., SSL VPN , IPSEC , SSH ), and network
• Multiple, complementary information security certifications
(e.g., CISSP , CISA , GIAC )
• Membership in selective and restricted professional security
communities, such as REN - ISAC , InfraGard, or ISACA .
• Experience using structured, established project management
Department IT Services
Posting Date 08/25/2020
Special Instructions to Applicants
Required Documents Required Documents Resume
Cover Letter/Letter of Application
Posting Specific Questions Required fields are indicated with an
* Do you have a bachelor's degree? Yes
* Do you have at least 5 years of experience in information
security and compliance or the equivalent combination of education,
training, security certification, and directly related technical
To ensure the security of your data, you will be logged out due
to inactivity in 3 minutes at
Any data not saved will be lost.
Click 'OK' to keep your session active.