Enterprise IT Security Analyst 2 (Finance)

Department: UIT Security

Salary: $70,800- $80,550

Description:

Under general direction of a manager, performs security risk analysis and assessments associated with information resources, risk management policy development and product assessments. Assists day-to-day responsibility for security issues involving university information assets.

1. Assists with security investigations and develops and implements appropriate procedures, policies and processes to prevent reoccurrence.

2. Performs security risk analysis, intrusion detection and vulnerability assessments associated with information resources, risk management, policy development and product assessments.

3. Researches, evaluates, recommends and administers information security software and computer systems to monitor, assist and improve the information security management and compliance of university network and computer systems.

4. Responsible for collecting data for IT security metrics and assisting with state required information security reporting.

5. Participates on projects and initiatives to provide technical guidance in all areas as it relates to information security risk management and information security project management.

6. Performs other job-related duties as assigned.

MQ: Requires a thorough understanding of both theoretical and practical aspects of an analytical, technical or professional discipline; or the basic knowledge of more than one professional discipline. Knowledge of the discipline is normally obtained through a formal, directly job-related 4 year degree from a college or university or an equivalent in-depth specialized training program that is directly related to the type of work being performed.

Requires a minimum of three (3) years of directly job-related experience.

Additional Posting Information:

Compliance - assisting with compliance with information security state laws (e.g., TAC 202, TX-RAMP), and information security requirements of federal laws and regulations (e.g., HIPAA, GLBA, CJIS, NIST CSF) including ensuring university policies are in alignment with requirements and maintaining supporting documentation for requirements.

Third-party Risk Management Program - developing standard operating procedures for the program, collecting necessary information from third parties for review and analysis to complete assessments, coordinating the review of information security requirements and specifications in compliance with relevant cybersecurity regulations, standards and best practices and maintaining an inventory of third-party risk assessments and ranking.

Information security or compliance related certification is preferred.

This position is eligible for Alternative Work Arrangements (AWA).

All positions at the University of Houston-System are security sensitive and will require a criminal history check.

The policy of the University of Houston-System and its universities is to ensure equal opportunity in all its educational programs and activities, and all terms and conditions of employment without regard to age, race, color, disability, religion, national origin, ethnicity, military status, genetic information, sex (including gender and pregnancy), sexual orientation, gender identity or status, or gender expression, except where such a distinction is required by law.