Compliance Analyst (PT3) - Information Technology Services 14974
West Virginia University Information Technology Services (ITS) is seeking a Compliance Analyst to join our Information Security Services team. Reporting to the Assistant Director for Governance, Risk, and Compliance, you will leverage your knowledge of compliance requirements to design and implement effective, efficient information security controls across our enterprise environment. WVU generates a variety of data across its 3 campuses, some of which is subject to specific compliance requirements, including controlled unclassified data, covered financial data, student educational records, and protected health information. As a key member of the Information Security Services team, you will strive to ensure that protected University data is secured in compliance with the laws, regulations, and contractual obligations to which it is subject.
In order to be successful in this position, the ideal candidate will:
Interpret regulations and policies. Research and continuously stay abreast of the University's regulatory requirements. Interpret University policy in special circumstances, identify new policy requirements, and provide domain expertise as needed.
Lead University compliance initiatives. Develop, evaluate, and implement short-term and long-term goals and objectives for specific initiatives that ensure applications, servers, and the campus network are both compliant and align with the University's goals and objectives. Keep initiatives on track. Coordinate with and provide guidance to technical teams to design and deploy secure systems. Identify action items considering effectiveness, efficiency, and the relative risks and rewards of these potential actions. Recommend compliant security controls and design solutions for IT projects.
Establish compliant policies and processes. Create and/or update University policies, standards, and procedures to address regulatory requirements. Develop and maintain technical documentation including artifacts, flow charts, logs, and logic diagrams to address compliance initiatives and compliance auditing requirements. Develop, manage, and maintain a defined set of standard operating procedures supporting compliance initiatives.
Conduct compliance checks. Perform annual assessments, evaluate findings, prepare and implement remediation reports to remediate identified risks. Validate compliance profile through in-house and third-party party audits. Keep senior leadership informed of non-compliance issues.
Provide compliance awareness. Collaborate with other ITS teams to develop compliance awareness and education materials that provide training to a diverse audience (e.g., faculty, staff, researcher, students) using multiple channels (e.g., in-person, on-line, social media). Communicate guidelines and regulatory requirements across the enterprise.
Bachelor's degree with a focus in accounting, business, computer science, information security, risk management, or related discipline. Master's degree preferred.
Or an equivalent combination of education and/or experience.
Four (4) years of progressively responsible experience in information technology and/or higher education.
Four (4) years of working experience with at least one of the following compliance regulations: NIST, HIPAA, FERPA, or GLBA.
Four (4) years of e xperience developing technical documentation, communications, educational, and/or marketing materials.
Knowledge of compliance regulations and standards. Broad knowledge of information security issues, requirements and trends, including an awareness of information security laws (such as HIPAA, FERPA, and GLBA) and accepted industry practices (e.g., NIST, ISO) is required. Compliance experience a plus.
Knowledge of office software. In depth knowledge of general office software including word-processing, database, and spreadsheet applications and Microsoft Office products is required.
Enjoy interacting with a variety of people at all levels of an organization. You will serve as a liaison between technical staff, managers, and end users both within Information Technology Services and the business units with which we collaborate. You will need to gather information from non-technical individuals to ensure systems are developed to meet business rules and needs while remaining compliant. Engagement of assistant directors, directors, and executive directors will likely be required for decision making.
Are a problem solver. You will need to research, reason logically, analyze, detect, and resolve complex issues or fix incorrectly implemented processes. You will need to define procedural problems, collect and evaluate data, draw valid conclusions, and project consequences of all alternative recommendations.
Get results. You will need self-motivation to request, accept, and manage multiple tasks, prioritize work and deliver quality, user accepted, completed tasks on time. Although you will be taking the lead on the initiatives you are assigned, you will also need to take direction from peers or when part of another project or program implementation team. The ability to persevere to overcome obstacles is a must.
Communicate clearly and effectively. Challenging situations may arise, which require strong communication skills in English, both oral and written, to work effectively. You will be required to prepare technical documentation and justify your chosen approach. You will need to explain and/or train staff on technical features of an application or process and be able to express technical information to non-technical users.
At West Virginia University, we pride ourselves on a tireless endeavor for achievement. We are home to some of the most passionate, innovative minds in the country who push their limits for the sake of progress, constantly moving the world forward. Our students, faculty and staff make this institution one of the best out there, and we are proud to stand as one voice, one university, one WVU. Find out more about your opportunities as a Mountaineer at https://talentandculture.wvu.edu/
West Virginia University is proud to be an Equal Opportunity employer, and is the recipient of an NSF ADVANCE award for gender equity. The University values diversity among its faculty, staff, and students, and invites applications from all qualified applicants regardless of race, ethnicity, color, religion, gender identity, sexual orientation, age, nationality, genetics, disability, or Veteran status.
Job Posting: Jun 25, 2020
Posting Classification: Non-Classified
Exemption Status: Exempt
Benefits Eligible: Yes
Internal Number: 206043
About West Virginia University
West Virginia University, founded in 1867, has a long and rich history as a public, land-grant institution. WVU encourages scholarship and offers high-quality academic programs while serving the state of West Virginia and the nation. WVU statewide includes campuses in Beckley, Charleston, Keyser, Martinsburg and Morgantown – which has been ranked as a #1 Small City in America. WVU is an R1 Doctoral Research University (Highest Research Activity), one of only 115 nationwide. WVU offers 212 degrees throughout the 14 colleges and schools. Areas of specialty include STEM education, healthcare in Appalachia, shale gas utilization, radio astronomy and forensics. WVU researchers have helped confirm the existence of gravitational waves and uncovered diesel vehicle emissions discrepancies. Statewide, there are over 31,000 graduate and undergraduate students along with 190,000 alumni worldwide. WVU is reinventing West Virginia’s future by strengthening education, healthcare and broad-based prosperity.