This role will oversee the continuous improvement, and maintenance of a comprehensive IT risk management program within the university. This position is essential to evaluating and helping to proactively identify risk, interpreting policies, best practices, contract review, purchase order review, and overall compliance amongst all IT areas. A successful candidate will be a service-oriented individual with high personal standards and a hands-on work style. This position requires an individual who is comfortable working at a varying pace, multiple tasks, and deadlines simultaneously, adjusting priorities often as well as work schedule when needed. The successful candidate must be positive and approachable, work effectively with diverse personalities, be able to collaborate, innovate and serve. Preference will be given to candidates with HIPAA/HITECH and PCI-DSS experience; someone who can advise and consult to the institution, as well as IT on how to implement processes and technologies that are aligned with these regulations. Experience with governance, risk, and compliance (GRC) tools (e.g., Archer, Open Pages).
Duties include: 1.Works directly with the clients, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. Provide IT vendor contract reviews to protect the university’s data and ensure compliance with applicable regulations.
2.Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications. Develops remediation strategies to mitigate risks associated with the protection of infrastructure and information assets.
3.Reviews risk assessments, analyzes the effectiveness of information security control activities, and reports on them with actionable recommendations. Provide guidance on university initiatives as it relates to risk and compliance.
4.Manages the oversight of technical risks assessments, such as vulnerability scanning and penetration testing. Captures, maintains, and monitors information security risk in one repository.
5.Participate in security awareness initiatives though a series of in-person and on-line training efforts throughout the year.
Bachelor’s Degree or equivalent combination of education and experience
3-5 years relevant work experience
Planning Unit: Information Technology
Department: Information and Technology Office
Applicants may contact this person if they have questions about this position: Alicia Porter - email@example.com
Employment Type: full-time regular
Salary range starts at $80,504 and is commensurate with candidate’s experience and qualifications. Employees also enjoy a generous benefits package including health benefits, paid time off, and education benefits for employees and qualified dependents.
Internal Number: 36618
About Ohio University
Ohio University is home to one of the nation’s friendliest and most picturesque campuses. But more importantly, it’s where you can become part of a two-century tradition of excellence and embark upon a rewarding career that will make a real difference. From teaching and research to admissions, facilities maintenance, and residence life, our faculty and staff propel Ohio University’s mission of helping students become their best selves. OHIO offers competitive compensation and outstanding benefits. For a complete list of employment opportunities, please visit www.ohiouniversityjobs.com.Ohio University is an equal access/equal opportunity affirmative action institution. For more information about Ohio University’s policies prohibiting discrimination and harassment, visit www.ohio.edu/equity.