Risk and Compliance Analyst

UCI HealthIrvine, CA
248d$85,400 - $121,100Hybrid
Match Resume

About The Position

The UC Irvine Office of Information Technology (OIT) is responsible for supporting the IT needs of faculty, students, and staff. Our mission is to provide information technology leadership, services, and innovative solutions to promote the research, education, and community service goals of the University. The IT Security Risk & Compliance team is responsible for leading the development, implementation and evaluation of campus-wide information security risk management processes and policy. This team also leads campus-wide information security education, training, and awareness programs. Under the general supervision of the Supervisor, IT Security Risk and Compliance, the Risk and Compliance analyst applies skills as a seasoned, experienced IT security professional with a full understanding of industry practices, governmental regulations and campus, or Office of the President policies and procedures to resolve a wide range of complex issues. Demonstrates competency in recommending methods and techniques to obtain results. Conducts supplier security risk reviews for UCI. Provides guidance and training to stakeholders on supplier risk management policies and procedures.

Requirements

  • Bachelor's degree in related area and/or equivalent experience/training.
  • 3-5 years of experience in information security, especially in supplier security risk reviews.
  • A minimum of 3 years of experience reviewing supplier security documentation such as SOC 2 Type II reports, high level system architecture diagrams, information security policies, etc.
  • Basic skill at reading and interpreting supplier security documentation.
  • Ability to follow department processes and procedures.
  • Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.
  • Experience using IT security systems and tools.
  • Knowledge of data encryption techniques.
  • Experience analyzing supplier policies and procedures.
  • Demonstrated skills applying security controls to computer software and hardware.
  • Experience in reviewing security incidents and related reports of suppliers and provides recommendations to departments.
  • Demonstrated knowledge of administering complex security controls and configurations to computer hardware, software and networks.
  • Knowledge of computer hardware, software and network security issues and approaches.
  • Demonstrated experience selecting and applying appropriate data encryption technologies.
  • Demonstrated knowledge of supplier risk management methodologies (TPRM).
  • Demonstrated experience with using information security frameworks and standards (e.g., NIST 800-53, ISO27001/27002, HIPAA, GDPR).

Nice To Haves

  • Demonstrated experience using HECVAT.
  • Knowledge of PCI-DSS and UC IS-3.
  • Experience with using GRC and tracking tools such as OneTrust, ServiceNow, and Trello.

Responsibilities

  • Conduct supplier security risk reviews for UCI.
  • Provide guidance and training to stakeholders on supplier risk management policies and procedures.
  • Apply skills as an experienced IT security professional to resolve complex issues.
  • Recommend methods and techniques to obtain results.

Benefits

  • Medical insurance
  • Sick and vacation time
  • Retirement savings plans
  • Access to a number of discounts and perks

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Hospitals

Education Level

Bachelor's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service