Information Security Governance Analyst

Los Angeles, CA, United States

Department Summary

Situated on 419 acres, five miles from the Pacific Ocean, the University of California, Los Angeles (UCLA) is enriched by the cultural diversity of the dynamic greater Los Angeles area, as well as the geographic advantages of Southern California. One of the world’s preeminent public research universities, UCLA is an international leader in breadth and quality of academic, research, health care, wellness, cultural, continuing education and athletic programs, with more than 5,200 faculty members who teach approximately 47,500 students in the UCLA College and 12 professional schools. UCLA is consistently ranked among the top institutions nationally for research funding, having generated $1.7 billion in research grants and contracts in the last fiscal year alone.

The Information Technology Services (ITS) department at UCLA is a vital part of the university community, providing essential technology services and support to ensure the campus can effectively pursue its mission. It is UCLA’s spirited tradition of thought leadership and commitment to excellence that enables an ambitious and resourceful approach to transforming our networked, ever-changing campus environment.

Position Summary

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures. In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems. This includes executing a comprehensive UCLA IT security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality. The Information Security Governance, Risk Management, and Compliance team develops institutional security policies, standards, procedures, compliance guidelines, strategies, requirements, and documentation for all administrative and academic units, departments, and teams. The team also develops, deploys, and manages security education and training.

The Information Security Governance Analyst will be responsible for ensuring the security and integrity of the university's information technology systems and data via effective governance. The Information Security Governance Analyst will support initiatives to develop, implement, and maintain information security governance frameworks, policies, and procedures to protect the university's information assets and ensure compliance with industry standards and regulations. The Security Analyst will work closely with various stakeholders to assess security risks, develop security strategies, monitor security incidents and vulnerabilities, and oversee governance-related activities. This role will help proselytize governance, risk and compliance to support and drive a culture of proactively managing cyber risk for the UCLA Campus. The Information Security Governance Analyst will positively impact UCLA's operations and culture by protecting University stakeholders' to effectively implement and maintain UCLA's GRC framework, ensuring compliance with relevant regulations and standards, and providing insightful analysis of risk and control data. This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students. This role will execute UCLA's vision while modeling UCLA's culture and values.

Salary & Compensation

*UCLA provides a full pay range. Actual salary offers consider factors, including budget, prior experience, skills, knowledge, abilities, education, licensure and certifications, and other business considerations. Salary offers at the top of the range are not common. Visit UC Benefit package to discover benefits that start on day one, and UC Total Compensation Estimator to calculate the total compensation value with benefits.

Qualifications

3 years experience working in one or more of the following fields: computer science, cybersecurity, computer information systems and performing technical assessments in direct support of compliance. (Required)

Proven experience working in IT security governance or a related role, preferably in an educational or large organizational setting. (Required)

Experience working in a project-based environment using leading project management practices. (Required)

Experience participating in activities to advance an inclusive environment that values equity, diversity, inclusion and belonging. (Required)

Experience in complex higher education environments, serving academic and administrative functions of a large public university. (Preferred)

5+ years experience working in one or more of the following fields: computer science, cybersecurity, computer information systems, etc. (Preferred)

Strong knowledge of security governance frameworks and standards such as ISO 27001, NIST, or COBIT. Strong understanding of security governance principles, including policy development, security controls, risk management, and incident response. (Required)

Proficiency in conducting security risk assessments and developing risk mitigation strategies. (Required)

Strong written and verbal communication skills and is able to communicate technical information and ideas to a diverse community of colleagues and stakeholders. (Required)

Able to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers. (Required)

Proven organizational skills and is able to balance competing priorities and deliver concurrent projects to various stakeholder types. (Required)

Strong demonstrated problem-solving skills; scopes solutions based on knowledge of available resources and timelines. Able to ask questions, gather information, evaluate options, and make decisions with integrity. (Required)

Thinks creatively and introduces innovations such as the incorporation of new technologies or processes. Thrives in an ever-changing, fast-paced environment. (Required)

Knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures. (Required)

Education, Licenses, Certifications & Personal Affiliations

Bachelor's Degree Information technology, cybersecurity, computer science, engineering, public administration, business administration, communications, or related field, or equivalent experience/training. (Required)

Bachelor's Degree Information technology, cybersecurity, computer science, engineering, public administration, business administration, communications, or related field. (Preferred)

Certified Information Security Manager (CISM). (Preferred)

Certified Information Systems Auditor (CISA). (Preferred)

Certified Information System Security Professional (CISSP). (Preferred)

Special Conditions for Employment

Background Check: Continued employment is contingent upon the completion of a satisfactory background investigation.

Live Scan Background Check: A Live Scan background check must be completed prior to the start of employment.

0%

Schedule

8:00 A.M. to 5:00 P.M. PT, Monday through Friday and/or variable based upon operational needs.

Union/Policy Covered

99-Policy Covered

Complete Position Description

https://universityofcalifornia.marketpayjobs.com/ShowJob.aspx?EntityID=38&JDName=IT%20Security%20Analyst%203%20(41068520)

#J-18808-Ljbffr