University of Wisconsin–Madison

Jobs at UW

University of Wisconsin–Madison

Filter

CYBERSECURITY RISK ANALYST

Apply now Job no: 96671-AS
Work type: Staff-Full Time
Department:DOIT/SEC/CYBERSECURITY
Location: Madison
Categories: Computer Science, Information Systems/Technology, Public Safety, Law Enforcement/Compliance, Quality, Risk Management and Compliance

Position Vacancy ID:

96671-AS

Employment Class:

Academic Staff-Renewable

Working Title:

Cybersecurity Risk Analyst

Official Title:

IS SPECIALIST(S45DN)

Hiring Department(s):

A060370-INFORMATION TECHNOLOGY/SEC/CYBERSECURITY

FTE:

100%

Anticipated Begin Date:

JANUARY 02, 2019

Term:

This is a renewable appointment.

Advertised Salary:

Minimum $73,000 ANNUAL (12 months)
Depending on Qualifications

Degree and area of specialization:

Bachelor's Degree in Information Technology Security or related discipline and two years' experience; OR five or more years of applicable professional services and/or information security experience and expertise.

Minimum number of years and type of relevant work experience:

Required Qualifications:
* Minimum of three years' experience conducting risk assessments against recognized standards (NIST, COBIT or ISO).
* Must hold, or be able to obtain within six months, a management oriented security certification (e.g., CISSP, CISM or GSEC). Demonstrated knowledge or professional certification in Information Security or IT Audit is a strong addition.
* Detailed understanding of network design, security protocols and systems administration with excellent analytical and problem solving skills.
* Experience using standard industry applications to create or update current documents to meet compliance reporting requirements.
* Must display working knowledge of NIST, HIPAA, or PCI Data Security, standards along with virtual environment and cloud computing services.
* Experience executing project management skills including design review, threat modeling and risk profiling while working across a large, distributed organization that is representative of a diverse IT and business communities.
* Expertise using vulnerability management tools to analyze discovered vulnerabilities against current configurations to determine the organizational risk.

Preferred Qualifications:
* Experience working independently to conduct technical investigations with diverse constituents, providing detailed written reports and presentations.
* Highly advanced skills in PC/Macintosh/Unix workstation, Internet software skills, groupware, office productivity software, project management software, and architecture tools (e.g. Visio, etc.).
* Experience conducting assessments in a healthcare or research organization.
* Experience in assessing vendors as part of procurement and implementation stages.
* Demonstrated experience applying standards and practices for risk management and compliance; and familiarity with and validation skills using Open Web Application Security Project (OWASP) principles.

License or Certificate:

 

Position Summary:

This position provides risk analysis and compliance program support for the Governance, Risk and Compliance (GRC) domain of the UW-Madison Office of Cybersecurity. Responsibilities include evaluating security risks and compliance strategies; offering direction, guidance and consultation; and making recommendations for the improvement in information security of IT systems primarily for University of Wisconsin-Madison and for the University of Wisconsin System upon request. The incumbent coordinates implementing university-wide, proactive and distributed information security management programs to ensure the continuous availability, confidentiality, and integrity of information assets owned and used by the university community, consistent with university management's informed risk tolerance.

A successful individual will have exceptional information security expertise as well as project management, business analysis, solution implementation skills and the ability to work under broad policy guidance. This individual must exercise sound judgment in working collaboratively and communicate effectively within a challenging environment in a visible role.

This position reports to the Office of Cybersecurity and serves as the campus technical expert and authority on information security risk analysis and compliance matters. As a trusted advisor and partner with campus researchers, Primary Investigators, program managers and system owners, the incumbent works with the entire university community in a consultative manner. The incumbent should understand organizational missions, values and goals, analyze information risks which threaten those objectives, recommend and guide large cross-functional and campus-wide teams towards appropriate security control solutions, and assist in implementing and auditing those solutions to materially reduce operational and compliance based exposures.

Additional Information:

Additional Preferred Qualifications:
* Experience with typical application components such as web servers, application servers, database software (Oracle and SQL), middleware and underlying infrastructure devices (WAN and LAN devices, operating systems for server platforms, workstations, and a broad range of applications, host and network security devices.
* Solid understating of manual, automated application penetration skills, vulnerability scanning and analysis as well as skill in careful, limited live testing in live production environments.


Please note that successful applicants must be authorized to work in the United States without need of employer sponsorship, on or before the effective date of appointment.

Contact:

Bradley Molzahn
bradley.molzahn@wisc.edu
608-262-0596
Relay Access (WTRS): 7-1-1 (out-of-state: TTY: 800.947.3529, STS: 800.833.7637) and above Phone number (See RELAY_SERVICE for further information. )

Instructions to Applicants:

Please click on the "Apply Online" button to start the application process. To apply for this position you will need to upload a cover letter and resume. Your cover letter should specifically address the required qualifications listed above.

Additional Link: Full Position Details
  NOTE: A Period of Evaluation will be Required
  The University of Wisconsin is an Equal Opportunity and Affirmative Action Employer.

The Annual Security and Fire Safety Report contains current campus safety and disciplinary policies, crime statistics for the previous 3 calendar years, and on-campus student housing fire safety policies and fire statistics for the previous 3 calendar years. UW-Madison will provide a paper copy upon request; please contact the University of Wisconsin Police Department.

Applications Open: Central Standard Time
Applications Close: Central Standard Time

Back to search results Apply now Refer a friend

Share this: | More

Work type

Locations

Categories