Rutgers University

Recruitment/Posting Title Information Security Risk Analyst

Job Category Staff & Executive - Information Technology

Department OIT-Info Protection & Security-Z26723

Overview 

Rutgers, The State University of New Jersey, stands among the nation’s highest-ranked, most diverse public research universities. The oldest, largest, and top-ranked public university in the New York/New Jersey metropolitan area, you’ll find us at our main locations in three New Jersey cities, and our footprint can be seen around the region. As one of the nation’s most diverse universities, Rutgers draws strength from the rich variety of perspectives and life experiences of our community. We’re an academic, health, and research powerhouse and a university of opportunity.

The Office of Information Technology (OIT) is Rutgers’ enterprise IT office. OIT provides university wide services and support and collaborates with department and unit IT professionals on projects and initiatives for the Rutgers community. OIT’s services and systems include the Rutgers network; email and calendaring systems; IDs/passwords and identity management; data centers; computer labs; help desk support; wireless connectivity; a software portal; information security, risk, and compliance services; research computing; and many others. OIT’s staff members work closely with the broader university community to advance Rutgers’ missions of teaching, research, and service. For more information, please visit https://it.rutgers.edu.

Posting SummaryRutgers, The State University of New Jersey, is seeking a Information Security Analyst for the Office of Information Technology (OIT). This position is Responsible for facilitating

and evaluating internal and 3rd party information security risk assessments.

Among the key duties of this position are the following:

• Provides risk remediation recommendations to mitigate identified control gaps and drives awareness of available supporting resources and technologies.
• Works closely with stakeholders across campus to ensure that risks are well documented and communicated.
• Maintains a formal risk register that drives security governance and ensures security finding is aligned with business objectives.
• Acts as an SME for end-to-end management of findings for information security assessments for vendors, applications.
• Assists in creating policies and procedures to help reduce risk.
• Performs other tasks as assigned.

Position Status Full Time

Hours Per Week 

Daily Work Shift 

Work Arrangement 

FLSA Exempt

Grade 34S

Position Salary 

Annual Minimum Salary 102797.000

Annual Mid Range Salary 124237.000

Annual Maximum Salary 148149.000

Standard Hours 37.50

Union Description 

Payroll Designation PeopleSoft

Benefits 

Rutgers offers a comprehensive benefit program to eligible employees. For details, please go to http://uhr.rutgers.edu/benefits/benefits-overview.

Rutgers also offers a benefit program to eligible full-time postdoctoral fellow students. For details, please go to https://finance.rutgers.edu/healthcare-risk/insurance/postdoctoral-health-insurance.

Seniority Unit

Terms of Appointment Staff - 12 month

Position Pension Eligibility ABP

• Minimum Education and Experience
• Bachelor’s degree is required, preferably in Computer Science, Information Systems, Management Information.
• Minimum of five (5) years of experience performing Information Security assessments with knowledge of HIPAA, GLBA and PCI DSS regulations and frameworks such as NIST CSF.

Certifications/Licenses

• Required Knowledge, Skills, and Abilities
• Possess excellent interpersonal, communication and influencing skills.
• Ability to collaborate effectively across a variety of disciplines and levels inside/outside the organization.
• Ability to effectively analyze, document and communicate information security concepts to different user bases, including students, faculty, staff and systems personnel.
• Demonstrates skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items.
• Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
• Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners.
• Preferred Qualifications
• Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-171, ISO 27001/27002).
• Experience with Governance, Risk & Compliance and/or Vendor Risk Management platforms.
• Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.
• CISSP, CRISC certification.

Equipment Utilized

Physical Demands and Work Environment

• Special ConditionsMultiple Vacancies.

Posting Number 23ST2561

Posting Open Date 09/19/2023

Special Instructions to Applicants

Regional Campus Rutgers University-New Brunswick

Home Location Campus Rutgers University - New Brunswick

City New Brunswick

State NJ

Location Details

Read Full Description