Rutgers, The State University of New Jersey, is seeking an Information Security Risk Analyst (ISRA) for the OIT- IT Health Services. This position reports to the Information Security Officer. The Information Security Risk Analyst is expected to promote and provide support to University's Information Security Program and outreach initiatives. The ISRA assists and serves as a resource in conducting and documenting information security assessments using various frameworks and regulations as a reference; for example: HIPAA, NIST Cybersecurity Framework and HITRUST.
Among the key duties of this position are the following:
Conducts Information Security assessments and prepares results and remediation reports.
Assists in monitoring and documenting all pertinent regulatory requirements.
Assists in the development of security policies and procedures.
Analyzes and benchmark IT Security practices of similar institutions and provide guidance on proper execution of IT security controls.
Minimum Education and Experience:
A Bachelor's degree is required, preferably in Computer Science, Information Systems, Management Information Systems or a related field; or an equivalent combination of education and/or experience.
A minimum of five (5) years' experience in Information Security programs and knowledge of HIPAA, FISMA regulations and frameworks such as NIST Cybersecurity Framework, HITRUST and ISO27001-2.
Required Knowledge, Skills, and Abilities:
Excellent interpersonal, communication and influencing skills
Ability to collaborate effectively across a variety of disciplines and levels inside/outside the organization
Ability to effectively analyze, document and communicate information security concepts to different user bases, including students, faculty, staff and systems personnel.
CISSP, CISM, HITRUST certification desired.
Minimum of five (5) years of experience performing Information Security assessments with pertinent regulatory requirements.
Demonstrated knowledge and understanding multiple frameworks such as the NIST Cybersecurity Framework, ISO 27002 and HITRUST.
Demonstrated working knowledge of diverse information technology architectures and designs.
Extensive knowledge of security standards, procedures and policies pertaining to data access and information systems.
Excellent working knowledge of general audit principles, security administration processes and frameworks, metrics collection and reporting.
Knowledge of network and web technology, encryption, virtual private networks, internet extranet security, cloud computing (firewalls, remote access) and security management.
Posting Number: 19ST1282
Location: Rutgers University-Newark
Internal Number: 83780
About Rutgers University
Rutgers, The State University of New Jersey, is a leading national public research university and the state's preeminent, comprehensive public institution of higher education. Rutgers is dedicated to teaching that meets the highest standards of excellence; to conducting research that breaks new ground; and to turning knowledge into solutions for local, national, and global communities. As it was at our founding in 1766, the heart of our mission is preparing students to become productive members of society and good citizens of the world. Rutgers teaches across the full educational spectrum: preschool to precollege; undergraduate to graduate and postdoctoral; and continuing education for professional and personal advancement. Rutgers is New Jersey's land-grant institution and one of the nation's foremost research universities, and as such, we educate, make discoveries, serve as an engine of economic growth, and generate ideas for improving people's lives.