Please note that this position is not eligible for H-1B or Green Card sponsorship. This position does not offer a STEM OPT training program.
While this position utilizes a hybrid work modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border OR otherwise open to relocation.
Position Overview:The University of Minnesota's University Information Security seeks an Information Security Risk Analyst who will improve the information security of the University through information security risk assessments, security standards development, and exception management.
The Information Security Risk Analyst will assess the information security posture of collegiate and administrative units by conducting information security risk assessments, including analyzing security controls and processes, interviewing subject matter experts, and helping to shape a risk-based approach to security across the entire University system.
Job Responsibilities: Security Analysis - 80% - Conduct information security assessments utilizing ISO 27001 / 27002, NIST 800-171 or other appropriate information security control structures; develop risk remediation plans, and facilitate risk remediation efforts.
- Facilitate the information security risk management program by identifying areas most in need of risk assessment, coordinating risk assessments with other information security risk analysts, and consulting with information security architects.
- Monitor and advise on information security needs for systems and processes at the University of Minnesota to ensure the information security controls for the campuses are consistent and appropriate.
- Consult with administrative and collegiate units to address policy and process-related information security risks identified through the information security risk and exception management programs.
- Collaborate with stakeholders by translating complex technical vulnerabilities and control deficiencies into clear, business-risk language for non-technical academic and administrative leaders.
- Assist with development and maintenance of information security policies, standards, guidelines and procedures, based on industry best practices and compliance requirements.
- Maintain a strong working knowledge of regulatory frameworks impacting higher education, including GLBA, PCI and FERPA while building knowledge of applicable security standards (SANS, OWASP, NIST).
Procedural Support - 20% - Facilitate the exception management process by tracking exceptions to information security policies and standards, evaluating associated risks by working with the other information security staff, and coordinating communication with the risk owner.
- Assist with information security reviews of vendors and suppliers.
- We Offer:
- University paid contribution (10% of your salary) to your retirement account - vested immediately.
- 22 paid vacation days per year, in addition to sick leave and 11 paid holidays.
- Reduced tuition opportunities covering 75% - 100% of eligible tuition.
- Excellent and affordable health care benefits.
- Wellness program with opportunity to earn lower health care rates.
- Free disability insurance.
- Annual merit increase program.
QualificationsRequired Qualifications:- Bachelor's degree in a related field and 2 years of relevant work experience or a Master's degree.
- 1 year experience in information security risk assessment, audit, quality assurance,or similar.
- Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Preferred Qualifications:- Relevant work experience in a technical role, such as enterprise system management, or working within an IT-role in higher education
- Knowledge of information security standards (e.g., ISO 27001/27002, NIST 800-171.), rules and regulations related to information security and data confidentiality (e.g., FERPA, GLBA, PCI DSS, HIPAA)
- CISSP, CISA, or other security certifications are desirable.
- Strong capability to analyze complex, ambiguous situations and synthesize conflicting information into clear, data-driven risk recommendations.
- Demonstrated ability to look beyond surface-level technical symptoms to identify underlying root causes of systemic risk.
Pay and BenefitsPay Range: $85,000 - $95,000 ; depending on education/qualifications/experience
Time Appointment: 100% Appointment
Position Type: Faculty and P&A Staff
Please visit the Office of Human Resources website for more information regarding benefit eligibility.
The University offers a comprehensive benefits package that includes:
- Competitive wages, paid holidays, and generous time off
- Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program
- Low-cost medical, dental, and pharmacy plans
- Healthcare and dependent care flexible spending accounts
- University HSA contributions
- Disability and employer-paid life insurance
- Employee wellbeing program
- Excellent retirement plans with employer contribution
- Public Service Loan Forgiveness (PSLF) opportunity
- Financial counseling services
- Employee Assistance Program with eight sessions of counseling at no cost
- Employee Transit Pass with free or reduced rates in the Twin Cities metro area
While our salary ranges provide a framework, it is important to note that most of the time, the initial pay may not reach the maximum of the range. This approach ensures that compensation reflects the value and unique contributions of each candidate while maintaining equity within our organization. As part of our commitment to fair and equitable compensation, please be aware that the salary offered to incoming candidates will be based on their individual credentials and experience.
How To ApplyApplications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will have the opportunity to complete an online application for the position and attach a cover letter and resume or CV.
Required Application Materials:This position will remain open until filled.
To request an accommodation during the application process, please e-mail
[email protected] or call (612) 624-8647.