Information Security Governance Analyst - Los Angeles, United States - UCLA

UCLA

Verified Company

Los Angeles, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources.

The Information Security Office enables efficient incident response planning and notification procedures.

In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems.

This includes executing a comprehensive UCLA IT security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality.

The Information Security Governance, Risk Management, and Compliance team develops institutional security policies, standards, procedures, compliance guidelines, strategies, requirements, and documentation for all administrative and academic units, departments, and teams.

The team also develops, deploys, and manages security education and training.

The
Information Security Governance Analyst will be responsible for ensuring the security and integrity of the university's information technology systems and data via effective governance.

The Information Security Governance Analyst will support initiatives to develop, implement, and maintain information security governance frameworks, policies, and procedures to protect the university's information assets and ensure compliance with industry standards and regulations.

The Security Analyst will work closely with various stakeholders to assess security risks, develop security strategies, monitor security incidents and vulnerabilities, and oversee governance-related activities.

This role will help proselytize governance, risk and compliance to support and drive a culture of proactively managing cyber risk for the UCLA Campus.

The Information Security Governance Analyst will positively impact UCLA's operations and culture by protecting University stakeholders' to effectively implement and maintain UCLA's GRC framework, ensuring compliance with relevant regulations and standards, and providing insightful analysis of risk and control data.

This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students.

This role will execute UCLA's vision while modeling UCLA's culture and values.
Salary & Compensation

UCLA provides a full pay range. Actual salary offers consider factors, including budget, prior experience, skills, knowledge, abilities, education, licensure and certifications, and other business considerations. Salary offers at the top of the range are not common. Visit UC Benefit package to discover benefits that start on day one, and UC Total Compensation Estimator to calculate the total compensation value with benefits.

Qualifications

3 years experience working in one or more of the following fields: computer science, cybersecurity, computer information systems and performing technical assessments in direct support of compliance. (required)
Proven experience working in IT security governance or a related role, preferably in an educational or large organizational setting. (required)
Experience working in a projectbased environment using leading project management practices. (required)
Experience participating in activities to advance an inclusive environment that values equity, diversity, inclusion and belonging. (required)
Experience in complex higher education environments, serving academic and administrative functions of a large public university. (preferred)
5+ years experience working in one or more of the following fields: computer science, cybersecurity, computer information systems, etc. (preferred)
Strong knowledge of security governance frameworks and standards such as ISO 27001, NIST, or COBIT. Strong understanding of security governance principles, including policy development, security controls, risk management, and incident response. (required)
Proficiency in conducting security risk assessments and developing risk mitigation strategies. (required)
Strong written and verbal communication skills and is able to communicate technical information and ideas to a diverse community of colleagues and stakeholders. (required)
Able to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers. (required)
Proven organizational skills and is able to balance competing priorities and deliver concurrent projects to various stakeholder types. (required)
Strong demonstrated problemsolving skills; scopes solutions based on knowledge of available resources and timelines. Able to ask questions, gather information, evaluate options, and make decisions with integrity. (required)
Thinks creatively and introduces innovations such as the incorporation of new technologies or processes. Thrives in an