Senior Information Security Compliance Analyst

The UCLA Information Security Office enables UCLA's goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures. In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems.

This includes executing a comprehensive UCLA IT security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality.

The Senior Information Security Compliance Analyst will lead the charge in safeguarding UCLA's information technology systems and data through effective governance practices. This Senior Analyst will be responsible for developing, implementing, and maintaining comprehensive IT security governance frameworks, policies, and procedures to protect valuable information assets and ensure compliance with industry standards and regulations. C

Collaborating closely with various stakeholders, the Senior Information Security Compliance Analyst will assess security risks, devise robust security strategies, monitor incidents and vulnerabilities, and oversee all governance-related activities.

This Analyst will play a vital role in cultivating a proactive cyber risk management culture to fortify the university's cybersecurity posture. The Senior Information Security Compliance Analyst will positively impact UCLA's operations and culture by protecting University stakeholders' information and data in service of the institution's academic mission. This team member will advance the University's mission by delivering exceptional security service comprehensively and consistently across faculty, staff, and students. This role will execute UCLA's vision while modeling UCLA's culture and values.

Qualifications

• 5 years experience working in one or more of the following fields: cybersecurity, information technology, computer science, computer information systems, or related field. (Required)
• Proven experience working in IT security governance or a related role, preferably in an educational or large organizational setting. (Required)
• Experience participating in activities to advance an inclusive environment that values equity, diversity, inclusion and belonging. (Required)
• Experience in complex higher education environments, serving academic and administrative functions of a large public university. (Preferred)
• 7+ years experience working in information technology, computer science, computer information systems, or related field. (Preferred)
• Strong knowledge of security governance frameworks and standards such as ISO 27001, NIST, or COBIT. Strong understanding of security governance principles, including policy development, security controls, risk management, and incident response. (Required)
• Proficiency in conducting security risk assessments and developing risk mitigation strategies. (Required)
• Expert knowledge of IT security and demonstrated skill in the design and development of diverse and complex security policies and procedures. (Required)
• Advanced written and verbal communication skills and is able to communicate complex technical ideas to a diverse community of colleagues and stakeholders. Can relay technical information to audiences of technical and non-technical stakeholders. (Required)
• Able to establish and advance positive working relationships and a strong rapport with a diverse community of colleagues including team members, stakeholders, and customers. (Required)
• Advanced organizational skills and is able to balance competing priorities and deliver concurrent projects to various stakeholder types. Experience working in a project-based environment using leading project management practices. (Required)
• Advanced problem-solving skills; ability to uncover root of difficult problems and scope solutions based on knowledge of available resources and timelines as well as awareness of vision and strategy. (Required)
• Thinks creatively and introduces innovations such as the incorporation of new technologies or processes. Thrives in an ever-changing, fast-paced environment. (Required)