This position in the Office of Information Security will focus on Governance, Risk, and Compliance (GRC). The GRC security analyst II will manage risk assessments and provide guidance for academic, clinical, research, IT, and administrative areas. The analyst II will identify, document, and communicate the appropriate security controls and plans to achieve compliance with federal, state, and/or regulatory requirements. The analyst II will also develop automated processes, update standards, and guidelines. Regularly will meet with Office of Information Security Assistant Director.
Primary Duties & Responsibilities
Document and maintain security plans, processes, and procedures necessary to both normal day to day operation and disaster recovery situations.
Analyze and research to requests for security risk assessments for department and university projects.Â Identify, document, and communicate the appropriate security controls and plans to achieve compliance with federal, state, and/or regulatory requirements.
Identify potential security risks, active or malicious sites, and report to Information Security Manager.Â Open, process, and track tickets with various IT departments.Â
Responsible for documenting, monitoring, and tracking security operations which includes but is not limited to: tracking and monitoring of malicious software, vulnerability scanning, policy exceptions, risks, and log collection.
Install and configure hardware and software that provides appropriate network and system security functionality.Â
Manage departmental projects as assigned.
Collect information for review by General Counsel or Research Integrity as instructed.Â
Develop processes, reports, dashboards, metrics, standards, draft guidelines for review, and perform information security training.
Perform other duties as assigned.
Standard office working with standing, walking and lifting less than 50 pounds required.
A moderate amount of work performed at customer site with some after-hours support when incidents occur.
Travel between campuses as needed.
Bachelorâ™s degree in related field.
ISACA CISA, ISACA CRISC, SANS GIAC, ISC2 SSCP or other security related certification.
Experience as a systems administrator, desktop support or network operations.
Ability to document, track and communicate security risks to management and business owners.Â
Experience with TCP/IP.
Experience with networking technologies e.g. Firewalls, VPN concentrators, routers and switches.
Working knowledge of systems technologies e.g. e-mail gateways, web services, database servers and file hosting.
Working knowledge of network and/or system management tools.
Experience with process and/or procedure documentation.
Experience with incident handling processes.
Training in Intrusion Detection and/or vulnerability scanning solutions.
Differentiate between problems and symptoms and develop solutions to address overall problem.
Strong analytical and problem-solving skills.
Ability to manage projects to completion.
Strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people.
Demonstrated ability to explain complex problems or situations to varied groups.
Ability to research situations and determine appropriate solutions.
Ability to resolve complex problems based on existing documentation/training/resources.Â
Must possess strong written and oral communication skills and perform in both business and technology settings.
Strong customer focus and ability to manage client expectations.
Ability to manage multiple projects and requests.
Associates degree or equivalent and three years of relevant IT work experience.
$70,300.00 - $120,000.00 / AnnuallyThe salary range reflects base salaries paid for positions in a given job grade across the University. Individual rates within the range will be determined by factors including one's qualifications and performance, equity with others in the department, market rates for positions within the same grade and department budget.
All external candidates receiving an offer for employment will be required to submit to pre-employment screening for this position. The screenings will include criminal background check and, as applicable for the position, other background checks, drug screen, an employment and education or licensure/certification verification, physical examination, certain vaccinations and/or governmental registry checks. All offers are contingent upon successful completion of required screening.
Washington University in St. Louis is committed to providing a comprehensive and competitive benefits package to our employees. Benefits eligibility is subject to employment status, full-time equivalent (FTE) workload, and weekly standard hours. Please visit our website at https://hr.wustl.edu/benefits/ to view a summary of benefits.
Washington University in St. Louis is committed to the principles and practices of equal employment opportunity and especially encourages applications by those from underrepresented groups. It is the Universityâ™s policy to provide equal opportunity and access to persons in all job titles without regard to race, ethnicity, color, national origin, age, religion, sex, sexual orientation, gender identity or expression, disability, protected veteran status, or genetic information.
Washington University is dedicated to building a diverse community of individuals who are committed to contributing to an inclusive environment â“ fostering respect for all and welcoming individuals from diverse backgrounds, experiences and perspectives. Individuals with a commitment to these values are encouraged to apply.
When you are ready to apply, creating an account only takes a minute. Your account creates a candidate home page which we will use to communicate with you and allows you to apply for jobs and view your application statuses. The first page of the application offers two âœQuick Applyâ options. Quick Apply allows you to either use a previous application or create a new application using a resume to populate the work experience and education sections of your job application. If using a resume to populate your application, check to ensure the application fields populated accurately. You may skip the âœQuick Applyâ page by clicking âœNextâ at the bottom of the page. Documents may be uploaded in the My Experience section of the application. You also have the option to apply with a Linkedin feature, which allows you to apply by using your Linkedin profile to populate some of the job application fields.
Washington University in St. Louis, a medium-sized, independent university, is dedicated to challenging its faculty and students alike to seek new knowledge and greater understanding of an ever-changing, multicultural world. The University offers more than 90 programs and almost 1,500 courses leading to bachelor's, master's and doctoral degrees in a broad spectrum of traditional and interdisciplinary fields, with additional opportunities for minor concentrations and individualized programs. The faculty is composed of scholars, scientists, artists and members of the learned professions. They serve society by teaching; by adding to the store of human art, creativity, understanding, and wisdom; and by providing direct services, such as health care.