JOB DESCRIPTION: ** This is a central OIT position ** The Senior IT GRC (Governance, Risk, and Compliance) Analyst oversees technical design, implementation, maintenance, and responsibilities for multiple information security disciplines such as security policy, awareness and education, risk management, and regulatory compliance. Coordinates enterprise-wide risk assessment, risk remediation, continuous monitoring, and IT compliance documentation and reporting efforts. Coordinates the development and implementation of enterprise-wide information security policies, standards, and guidance in alignment with relevant compliance regimes, institutional strategies, and industry best practices. Manages the creation and dissemination of regular enterprise-wide information security awareness and training efforts through multiple communication channels. Determines and documents information security requirements and controls necessary for the protection of information resources. Implements and administers plans, processes, and procedures necessary to ensure compliance with regulatory frameworks. Provides guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations. Manages detailed network, operating system, database, and application compliance assessments and security configuration audits. Manages and participates in information security projects and initiatives. Supports, maintains, monitors, troubleshoots and enhances security infrastructure tools, methodologies, software, and hardware. Analyzes data from Information Security functions and provides reports and recommended response actions to Information Security management. Represents Information Security to other organizations on information security related matters, as assigned. Publishes regular status reports and submits to management. Performs other related duties as required.
Level: An experienced cybersecurity professional, typically obtained through advanced education and work experience. Works independently with minimal supervision. Leads other team members through specific tasks and provides guidance. Stands in for department leadership when they are unavailable. Responsibilities typically include: Establishing operational plans for job area; Developing and implementing new products, processes, standards or operational plans that will have impact on the achievement of functional results. Problems faced are difficult to complex. Requires communication with cybersecurity and IT leadership and occasional communication with senior leadership across the enterprise.
MINIMUM QUALIFICATIONS: A bachelor's degree and six years of related IT experience including demonstrated expertise in multiple information security domains, project management skills, OR an equivalent combination of education, training and experience. Excellent project management and team participation skills. Good written and verbal communication skills. |
Emory University is dedicated to providing equal opportunities to all individuals regardless of race, color, religion, ethnic or national origin, gender, age, disability, sexual orientation, gender identity, gender expression, veteran's status, or any other factor that is a prohibited consideration under applicable law. |