1) Under the general direction of the IT Risk & Compliance Manager, this position is responsible for providing consultation and assessments of risks and vulnerabilities; developing and tracking progress of risk remediation plans; implementing security standards, policies, and controls; and representing the Risk Management program in campus forums.
2) Collect and review information regarding the organization's business and IT environments to identify potential or actual impacts of IT risk to the organization's business objectives and operations.
3) Analyze risk scenarios based on organizational criteria (e.g., organizational structure, policies, standards, technology, architecture, controls) to determine the likelihood and impact of an identified risk.
4) Develop remediation plans for uncovered risks.
5) Maintain systems, develop tools, and configure products used for tracking or managing the information security program's portfolio.
6) Assess projects and provide security requirements and controls as appropriate, then track and ensure that security controls are implemented as planned.
7) Assess environments to ensure adherence to pre-defined configuration and management guidelines or policies.
8) Consult with stakeholders to help craft security processes, guidelines, and achieve security or compliance goals for projects, implementations, or RFPs.
9) Suggest amendments to vendor contracts, project plans, or frameworks governing these projects where applicable.
10) Research security issues and contribute to IT Security communications and awareness materials.
11) Document internal processes, write security standards and guidelines.
Unit-Preferred Competencies 1) Excellent verbal and written communication skills, especially in conveying technical concepts to a non-technical audience. 2)Â Handle multiple tasks and substantial deadline pressure. 3)Â Handle emergency situations and infrastructure maintenance outside of normal business hours. 4)Â Respond to changing priorities, and operate effectively in a dynamic environment.Â 5)Â Weigh business needs against security concerns.Â
1) Standard office environment.
Mental/ Physical Requirements
1) Sit for short or extended time periods.
2) Extensively use computer.
3) Make repetitive wrist, hand, or finger movements.
1) Bachelor's degree in related field (e.g. Computer Science, Information Security, etc.).
1) Minimum five years of experience in information technology or related field.
2)Â Experience with a vulnerability management product such as Qualys, Tenable Nessus, or Rapid7 InsightVM. 3)Â Experience with legal, security or compliance concepts such as FERPA, HIPAA, PCI-DSS, NIST CSF, NIST 800-53r4, or similar.
2) Cover Letter
NOTE: When applying, all required documents MUST be uploaded under the Resume/CV section of the application.
The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, genetic information, or other protected classes under the law. For additional information please see the University's Notice of Nondiscrimination.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call 773-702-5800 or submit a request via the Applicant Inquiry Form.
The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information. The Report can be accessed online at: securityreport.uchicago.edu. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL 60637.
Internal Number: JR07441
About University of Chicago
One of the world's premier academic and research institutions, the University of Chicago has driven new ways of thinking since our 1890 founding. Today, UChicago is an intellectual destination that draws inspired scholars to our Hyde Park and international campuses, keeping UChicago at the nexus of ideas that challenge and change the world.