Campus Pride Jobs

As a community, the University of Rochester is defined by a deep commitment to Meliora - Ever Better. Embedded in that ideal are the values we share: equity, leadership, integrity, openness, respect, and accountability. Together, we will set the highest standards for how we treat each other to ensure our community is welcoming to all and is a place where all can thrive.

Job Location (Full Address):

Select a Shipping Address, Rochester, New York, United States of America, 14627

Opening:

Worker Subtype:

Regular

Time Type:

Full time

Scheduled Weekly Hours:

40

Department:

100086 University IT / IS

Grade:

UR URGB 109

Compensation Range:

$50,000.00 - $80,000.00

The referenced pay range represents the minimum and maximum compensation for this job. Individual annual salaries/hourly rates will be set within the job's compensation range, and will be determined by considering factors including, but not limited to, market data, education, experience, qualifications, expertise of the individual, and internal equity considerations.

Responsibilities:

Conducts detailed analyses of defined program specifications, develops new programs or modifies existing programs allowing for changes in systems or configurations.Schedule 8 AM-5 PM Responsibilities General Summary of Role: The Risk and Compliance Analyst responsibilities focus around the identification, research, and documentation of Information Security risks, regulatory compliance issues at the organization. The analyst performs assessments, reviews, inquiries, interviews, and more as assigned with the goal to gather information related to risk. The risk and compliance team is also responsible for documenting policy exceptions and acceptance of risk for Information Security related issues that arise. The Risk and Compliance Analyst demonstrates integrity in proposals to the organization, actions, and policy and procedure advice. Specific Duties and Responsibilities - With oversight, conduct audits as assigned, reporting results on the organization's level of compliance. Reporting style will vary by project and will include descriptive progress reports and visual indicators of project progress. - Participate in relationship building with users in the community to share knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Participate in meetings and conference calls. Respond to simple help desk service requests. - Build relationships with appropriate parties both internal and external to the University. - Analyze data from a variety of security appliances and applications. Develop a well-rounded understanding of the various risk analysis tools available to IT Security professionals. - Identify and analyze simple compliance issues with stakeholders and departmental liaisons. - Review any issues identified during assessments and associated recommendations with team members. Participate in drafting reports and remediation plans. - Demonstrate knowledge and support of applicable laws, statutes, Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures when interacting with the community. - Conduct research as assigned of IT Security technologies as approved by manager. - Keep up to date with the current regulations and rules applicable to the University missions. Share updates to key regulations with department resources. - Draft simple communications for IT Security team members and departmental IT liaisons to share with others that relate to cybersecurity and privacy. - After approval, communicate across stakeholders/departments to ensure alignment of goals. - Assist in the drafting of departmental procedure documents. - Assist in drafting process workflows to meet compliance standards and facilitate understanding of process operation. After review, follow through to share with community members. - Assist in drafting employee training material or sessions to convey workflow and/or procedure changes. - Participate in meetings as requested. When necessary acting as scribe and taking notes. - Stay abreast of current and emerging cyber technologies through conferences, training and On the Job Training review of websites & other data sources. Other duties as assigned. Minimum Qualifications: Required: - Bachelor's degree in related discipline such as Computer Science, Business, Mathematics, Statistics, Science or Engineering - 2-3 years of related experience; - Or an equivalent combination of education and experience. - Demonstrate analytical and research skills with the ability to comprehend data sets; demonstrate critical-thinking and problem-solving skills required. - Strong interpersonal, written, and oral communication skills with attention to detail required. - Ability to execute tasks in a fast-paced environment; perform under pressure and demonstrate adaptability and flexibility required - Adept with data analysis tools and applications - Advanced knowledge of Microsoft Office Suite - Experience in using ITSM Tool or ticketing system - Experience in application configuration - Experience in IT and Information Security Risk - Experience in Risk Management Methodology and Frameworks - Experience with GRC Platforms - Knowledge of computer networking concepts and protocols, and network security methodologies, cybersecurity and privacy principles, the organization's core business/mission processes. - CISSP, CISM, CISA, GSEC, CCSP a plus The University of Rochester is committed to fostering, cultivating, and preserving a culture of equity, diversity, and inclusion to advance the University's mission to Learn, Discover, Heal, Create - and Make the World Ever Better. In support of our values and those of our society, the University is committed to not discriminating on the basis of age, color, disability, ethnicity, gender identity or expression, genetic information, marital status, military/veteran status, national origin, race, religion/creed, sex, sexual orientation, citizenship status, or any other status protected by law. This commitment extends to the administration of our policies, admissions, employment, access, and recruitment of candidates from underrepresented populations, veterans, and persons with disabilities consistent with these values and government contractor Affirmative Action obligations.

Notice: If you are a Current Employee, please log into myURHR to search for and apply to jobs using the Jobs Hub. Your application, if submitted using this portal, cannot be moved forward.

Learn. Discover. Heal. Create.

Located in western New York, Rochester is our namesake and our home. One of the world’s leading research universities, Rochester has a long tradition of breaking boundaries—always pushing and questioning, learning and unlearning. We transform ideas into enterprises that create value and make the world ever better.

If you’re looking for a career in higher education or health care, the University of Rochester may offer the perfect opportunity for your background and goals

At the University of Rochester, we commit to diversity, equity, and inclusion and united by a strong commitment to be ever better—Meliora. It is an ideal that informs our shared mission to ensure all members of our community feel safe, respected, included, and valued.