University of Minnesota

Information Security Risk Analyst 2

University of Minnesota$85K — $95K *
Education, Government & Non-Profit
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a related field and 2 years of relevant work experience or a Master's degree.
  • 1 year experience in information security risk assessment, audit, quality assurance, or similar.
  • Excellent communication (oral, written, presentation), interpersonal, and consultative skills.
  • Preferred: Relevant work experience in technical roles and knowledge of information security standards.
  • Preferred: Security certifications like CISSP or CISA.

Responsibilities

  • Conduct comprehensive information security risk assessments using established frameworks.
  • Facilitate the risk management program by coordinating assessments among analysts.
  • Monitor information security controls for consistency across university systems.
  • Consult with units to mitigate identified information security risks.
  • Translate technical vulnerabilities into business-risk language for non-technical leaders.
  • Assist in the development and maintenance of information security policies and procedures.
  • Manage the exception process by tracking and evaluating policy exceptions.

Benefits

  • University paid contribution (10% of your salary) to your retirement account, vested immediately.
  • 22 paid vacation days plus sick leave and 11 paid holidays.
  • Tuition reduction opportunities covering 75% - 100% of eligible tuition.
  • Affordable health care benefits with a wellness program.
  • Free disability insurance and an annual merit increase program.
Full Job Description
Please note that this position is not eligible for H-1B or Green Card sponsorship. This position does not offer a STEM OPT training program.

While this position utilizes a hybrid work modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border OR otherwise open to relocation.

Position Overview:
The University of Minnesota's University Information Security seeks an Information Security Risk Analyst who will improve the information security of the University through information security risk assessments, security standards development, and exception management.

The Information Security Risk Analyst will assess the information security posture of collegiate and administrative units by conducting information security risk assessments, including analyzing security controls and processes, interviewing subject matter experts, and helping to shape a risk-based approach to security across the entire University system.

Job Responsibilities:

Security Analysis - 80%
  • Conduct information security assessments utilizing ISO 27001 / 27002, NIST 800-171 or other appropriate information security control structures; develop risk remediation plans, and facilitate risk remediation efforts.
  • Facilitate the information security risk management program by identifying areas most in need of risk assessment, coordinating risk assessments with other information security risk analysts, and consulting with information security architects.
  • Monitor and advise on information security needs for systems and processes at the University of Minnesota to ensure the information security controls for the campuses are consistent and appropriate.
  • Consult with administrative and collegiate units to address policy and process-related information security risks identified through the information security risk and exception management programs.
  • Collaborate with stakeholders by translating complex technical vulnerabilities and control deficiencies into clear, business-risk language for non-technical academic and administrative leaders.
  • Assist with development and maintenance of information security policies, standards, guidelines and procedures, based on industry best practices and compliance requirements.
  • Maintain a strong working knowledge of regulatory frameworks impacting higher education, including GLBA, PCI and FERPA while building knowledge of applicable security standards (SANS, OWASP, NIST).

Procedural Support - 20%
  • Facilitate the exception management process by tracking exceptions to information security policies and standards, evaluating associated risks by working with the other information security staff, and coordinating communication with the risk owner.
  • Assist with information security reviews of vendors and suppliers.
  • We Offer:
    • University paid contribution (10% of your salary) to your retirement account - vested immediately.
    • 22 paid vacation days per year, in addition to sick leave and 11 paid holidays.
    • Reduced tuition opportunities covering 75% - 100% of eligible tuition.
    • Excellent and affordable health care benefits.
    • Wellness program with opportunity to earn lower health care rates.
    • Free disability insurance.
    • Annual merit increase program.


Qualifications

Required Qualifications:
  • Bachelor's degree in a related field and 2 years of relevant work experience or a Master's degree.
  • 1 year experience in information security risk assessment, audit, quality assurance,or similar.
  • Excellent communication (oral, written, presentation), interpersonal and consultative skills.

Preferred Qualifications:
  • Relevant work experience in a technical role, such as enterprise system management, or working within an IT-role in higher education
  • Knowledge of information security standards (e.g., ISO 27001/27002, NIST 800-171.), rules and regulations related to information security and data confidentiality (e.g., FERPA, GLBA, PCI DSS, HIPAA)
  • CISSP, CISA, or other security certifications are desirable.
  • Strong capability to analyze complex, ambiguous situations and synthesize conflicting information into clear, data-driven risk recommendations.
  • Demonstrated ability to look beyond surface-level technical symptoms to identify underlying root causes of systemic risk.


Pay and Benefits

Pay Range: $85,000 - $95,000 ; depending on education/qualifications/experience

Time Appointment: 100% Appointment

Position Type: Faculty and P&A Staff

Please visit the Office of Human Resources website for more information regarding benefit eligibility.

The University offers a comprehensive benefits package that includes:
  • Competitive wages, paid holidays, and generous time off
  • Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program
  • Low-cost medical, dental, and pharmacy plans
  • Healthcare and dependent care flexible spending accounts
  • University HSA contributions
  • Disability and employer-paid life insurance
  • Employee wellbeing program
  • Excellent retirement plans with employer contribution
  • Public Service Loan Forgiveness (PSLF) opportunity
  • Financial counseling services
  • Employee Assistance Program with eight sessions of counseling at no cost
  • Employee Transit Pass with free or reduced rates in the Twin Cities metro area

While our salary ranges provide a framework, it is important to note that most of the time, the initial pay may not reach the maximum of the range. This approach ensures that compensation reflects the value and unique contributions of each candidate while maintaining equity within our organization. As part of our commitment to fair and equitable compensation, please be aware that the salary offered to incoming candidates will be based on their individual credentials and experience.

How To Apply

Applications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will have the opportunity to complete an online application for the position and attach a cover letter and resume or CV.

Required Application Materials:
  • Resume
  • Cover Letter

This position will remain open until filled.

To request an accommodation during the application process, please e-mail [email protected] or call (612) 624-8647.

About University of Minnesota

The University of Minnesota is a public research university located in Minneapolis and Saint Paul, Minnesota. It is the flagship institution of the University of Minnesota System, and is one of the largest universities in the United States. The university offers undergraduate, graduate, and professional degree programs in a wide range of fields, including agriculture, engineering, business, law, medicine, and the arts and sciences. The University of Minnesota is committed to providing high-quality education and research opportunities to its students, and has a strong reputation for academic excellence and innovation.
Learn more about University of Minnesota
Size
30,000 employees
Industry

Similar Jobs

More Jobs at University of Minnesota

More Education, Government & Non-Profit Jobs

Find similar Information Security Risk Analyst 2 jobs: