-
IT and Project Management
- Search All Categories
- Account Management Jobs
- Adjunct Faculty Jobs
- Administrative Jobs
- Advising and Enrollment Jobs
- Audit, Compliance and Legal Jobs
- Collegiate Faculty Jobs
- Data Analytics Jobs
- Facilities Jobs
- Faculty Services Jobs
- Finance and Accounting Jobs
- Financial Aid Jobs
- Human Resources Jobs
- IT and Project Management Jobs
- Institutional Advancement Jobs
- Learning Solutions Jobs
- Library Services Jobs
- Marketing and Communications Jobs
- Other Jobs
- Procurement Jobs
- Student Services Jobs
- Search Jobs by Type
- Search Jobs by Region
-
Search Jobs by Location
- Search All Locations
- Andersen Air Force Base-Guam Jobs
- Asia, Multiple On-site Locations Jobs
- Atsugi Naval Air Facility-Japan Jobs
- Camp Carroll-Korea, South Jobs
- Camp Casey-Korea, South Jobs
- Camp Courtney- Japan to Camp Courtney- Okinawa Jobs
- Camp Foster- Japan to Camp Foster- Okinawa Jobs
- Camp Fuji-Japan Jobs
- Camp Hansen- Japan to Camp Hansen- Okinawa Jobs
- Camp Henry-Korea, South Jobs
- Camp Humphreys-Korea, South Jobs
- Camp Kinser- japan to Camp Kinser- Okinawa Jobs
- Camp Red Cloud-Korea, South Jobs
- Camp Schwab- Japan to Camp Schwab- Okinawa Jobs
- Camp Zama-Japan Jobs
- Diego Garcia Jobs
- Diego Garcia, On-Site Location Jobs
- Futenma Marine Corps Air Stn- Japan to Futenma Marine Corps Air Stn - Okinawa Jobs
- Guam, Multiple On-site Locations Jobs
- Guam Remote Jobs
- Iwakuni Marine Corps Air Stn-Japan Jobs
- Japan, Multiple On-site Locations Jobs
- Kadena Air Base- Japan to Kadena Air Base- Okinawa Jobs
- Kunsan Air Base-Korea, South Jobs
- Misawa Air Base-Japan Jobs
- Naval Base Guam-Guam Jobs
- Okinawa, Japan Jobs
- Okinawa, Japan-Okinawa Jobs
- Okinawa, Multiple On-site Locations Jobs
- Osan Air Base-Korea, South Jobs
- Remote Jobs
- Remote Okinawa Jobs
- Sasebo Naval Base-Japan Jobs
- South Korea, Multiple On-site Locations Jobs
- Torii Station- Japan to Torii Station- Okinawa Jobs
- Kunsan Air Base-Korea, South Jobs
- Yokosuka Naval Base-Japan Jobs
- Yokota Air Base-Japan Jobs
- Yokota Headquarters-Japan Jobs
- Yongsan-Korea, South Jobs
- Adana (Incirlik AFB)-Turkey Jobs
- AFNorth-Netherlands Jobs
- Al Dhafra - United Arab Emirates Jobs
- Al Jaber AB Jobs
- Al Udeid-Qatar Jobs
- Alconbury-United Kingdom Jobs
- Ali Al Salem-Kuwait Jobs
- Ansbach-Katterbach-Germany Jobs
- As Sayliyah-Qatar Jobs
- Aviano-Italy Jobs
- Baumholder-Germany Jobs
- Bemowo Piskie Training Area Jobs
- Brussel-Belgium Jobs
- Buechel-Germany Jobs
- Camp Arifjan-Kuwait Jobs
- Camp Buehring-Kuwait Jobs
- Camp Lemonnier-Djibouti Jobs
- Chievres, Belgium Jobs
- Croughton-United Kingdom Jobs
- Europe Remote Jobs
- Fairford-United Kingdom Jobs
- Garmisch-Germany Jobs
- Geilenkirchen-Germany Jobs
- Ghedi-Italy Jobs
- Grafenwoehr-Germany Jobs
- Hohenfels-Germany Jobs
- Illesheim-Germany Jobs
- Isa-Bahrain Jobs
- Izmir-Turkey Jobs
- Kaiserslautern-Kapaun-Germany Jobs
- Kaiserslautern-Kleber-Germany Jobs
- Kaiserslautern-Rob-Germany Jobs
- Kaiserslautern (Staff)-Germany Jobs
- Kleine Brogel-Belgium Jobs
- Lajes, Azores-Portugal Jobs
- Lakenheath-United Kingdom Jobs
- Landstuhl-Germany Jobs
- Lisbon-Portugal Jobs
- Livorno (Camp Darby)-Italy Jobs
- Manama-Bahrain Jobs
- Mildenhall-United Kingdom Jobs
- Moron AB Jobs
- Muwaffaq Salti Air Base - Jordan Jobs
- Naples-Italy Jobs
- Online Jobs
- Powidz FOS Jobs
- Poznan FOS Jobs
- Prince Sultan AB (Al-Kharj) Jobs
- Ramstein-Germany Jobs
- Rota-Spain Jobs
- Schinnen (AFNORTH)-Netherlands Jobs
- Sembach-Germany Jobs
- SHAPE-Belgium Jobs
- Sigonella-Italy Jobs
- Sinai-North Camp-Egypt Jobs
- Sinai-South Camp-Egypt Jobs
- Souda Bay-Greece Jobs
- Spangdahlem-Germany Jobs
- Stavanger-Norway Jobs
- Stuttgart-Boeblingen-Panzer-Germany Jobs
- Vicenza-Italy Jobs
- Vilseck-Germany Jobs
- Volkel-Netherlands Jobs
- Wiesbaden-Army-Germany Jobs
- Zagan FOS Jobs
- Aberdeen Proving Grounds - Aberdeen, MD Jobs
- Adelphi, MD Jobs
- Andrews Air Force Base, MD Jobs
- Annapolis Junction, MD (NSA) Jobs
- Annapolis, MD Jobs
- Arizona Jobs
- Arlington, VA Jobs
- Arundel Mills - Hanover, MD Jobs
- Baltimore, MD Jobs
- Bethesda, MD Jobs
- California Jobs
- California, MD Jobs
- College Park, MD Jobs
- Crystal City Jobs
- CSM LaPlata Jobs
- Dorsey - Elkridge, MD Jobs
- Eglin Air Force Base - Eglin, FL Jobs
- Elkridge, MD Jobs
- Fayetteville, NC Jobs
- Fort Belvoir - Belvoir, VA Jobs
- Fort Benning - Fort Benning, GA Jobs
- Fort Bliss East (Biggs) TX Jobs
- Fort Campbell, KY Jobs
- Fort Carson Jobs
- Fort Carson, CO Jobs
- Fort Cavazos, TX Jobs
- Fort Detrick Jobs
- Fort Detrick, MD Jobs
- Fort Drum - Fort Drum, NY Jobs
- Fort Eisenhower, GA Jobs
- Fort Eustis Jobs
- Fort Gordon, GA Jobs
- Fort Gregg-Adams, VA Jobs
- Fort Hood, TX Jobs
- Fort Irwin, Fort Irwin, California Jobs
- Fort Jackson Education Center - Fort Jackson, SC Jobs
- Fort Lee Jobs
- Fort Lee, VA Jobs
- Fort Meade - Fort Meade, MD Jobs
- Fort Myer - Fort Myer, VA Jobs
- Fort Story_Online Hybrid Jobs
- Ft. Bliss, TX Jobs
- GEICO Plaza Jobs
- Guam, Multiple On-site Locations Jobs
- Hagerstown, MD Jobs
- Hampton, VA Jobs
- Hampton, VA (North America) Jobs
- Hawaii Jobs
- Henderson Hall, Navy Annex Jobs
- Hickam AFB, HI Jobs
- Holloman Air Force Base, NM Jobs
- Honolulu, HI Jobs
- ICC - Adelphi, MD Jobs
- Indianapolis, IN (North America) Jobs
- Jacksonville, FL Jobs
- Japan, Multiple On-site Locations Jobs
- JBSA-Fort Sam Houston, TX Jobs
- JBSA-Lackland, TX Jobs
- JBSA-Randolph Jobs
- JEB Little Creek Jobs
- JEB Little Creek, VA Jobs
- Joint Base Anacostia – Bolling Jobs
- Joint Base Lewis- McChord (JBLM), WA Jobs
- Joint Base Lewis McChord, WA Jobs
- JTC Amman Jobs
- Kaiserslautern Military Community Jobs
- Killeen, TX Jobs
- Langley Air Force Base Jobs
- Langley Air Force Base, Hampton, VA Jobs
- LaPlata, MD Jobs
- Largo, MD Jobs
- Laurel College Center Jobs
- Laurel, MD Jobs
- Mayport, FL Jobs
- MCAS Miramar - San Diego, CA Jobs
- Mihail Kogalniceanu Air Base (MKAB) Jobs
- - Minot AFB, ND Jobs
- Newport News, VA Jobs
- Norfolk Naval Base - Norfolk, VA Jobs
- NS Mayport Jobs
- Odenton Jobs
- Odenton, MD Jobs
- Okinawa, Multiple On-site Locations Jobs
- Patrick SFB, FL Jobs
- Patrick SFB - Patrick SFB, FL Jobs
- Patuxent River Naval Air Station - Patuxent River, MD Jobs
- Pearl City, HI Jobs
- Quantico (On-base) - Quantico, VA Jobs
- Remote Jobs
- Rockville, MD Jobs
- San Antonio, TX Jobs
- San Diego (On-base) - San Diego, CA Jobs
- Schofield Barracks, HI Jobs
- Schriever Space Force Base, CO Jobs
- - Shaw AFB, SC Jobs
- South Korea, Multiple On-site Locations Jobs
- Stafford, VA Jobs
- Thomas Nelson Comm College Jobs
- Travis Air Force Base, CA Jobs
- Tripler Army Medical Center, HI Jobs
- Tucson Jobs
- Tucson GEICO Jobs
- Largo, MD Jobs
- USG - Chicago, IL Jobs
- USG - Rockville, MD Jobs
- Vandenberg SFB, CA Jobs
- Virginia Beach, VA Jobs
- WA, Joint Base Lewis- McChord (JBLM) Jobs
- Waldorf, MD Jobs
- Washington DC Jobs
- Zagan FOS Jobs
- View All Jobs
Senior Analyst, Information Security Risk & Compliance
Job Details
- Job Ref:
- 10023703
- Location:
- Adelphi, MD
- Category:
- IT and Project Management
- Type:
- Full time
Senior Analyst, Information Security Risk & Compliance
Security Risk & ComplianceUS Exempt RegularFull timeStateside Exempt 4.2Location: Adelphi, MD (Hybrid)Summary:
The Senior Analyst, IS Risk & Compliance performs security risk assessments, audits, and/or inspections, of the computing environment for UMGC's customers. The Senior Analyst, IS Risk & Compliance is responsible for delivering executing security assessments, promoting effective IT internal controls and risk management, and providing guidance to IT and business units on all aspects of internal & external audits, governance, and business process improvements.
Additionally, the Senior Analyst, IS Risk & Compliance key role is to provide an independent opinion on the suitability of the IT risk management framework and to provide objective assurance that the risks in the business are being appropriately managed and that controls are operating as expected. You will be responsible for implementing the assessment process, educating stakeholders, building partnerships , and socializing security best practices.
Duties and Responsibilities:
Planning, preparation and completion of the assigned audits to include assessing the effectiveness and compliance with policies, laws/regulations and best standards.
You are also expected to conduct Kick-off Meetings, IT internal control testing, develop IT internal audit plans, conduct IT audit closure meetings and provide other IT internal audit services.
Collaborate with departments to improve security compliance and manage technology risk.
Assist in developing system security plans (SSPs) and ensure they meet NIST SP 800-171 control requirements and other required standards.
Assist in developing and/or reviewing IT security policies.
Provide corrective action support to include developing Plan of Actions and Milestones (POA&Ms), monitor milestones, and support completion of action steps for any deficiencies identified in systems.
Strong understanding of various laws/regulations to include, but not limited to, CMMC, GLBA, FERPA, PCI-DSS, and GDPR and ability to execute audit plans to assess compliance.
Able to identify relevant IT risks and to properly document the audit/assessment process, gaps, and remediation steps.
Collaborates with business units to enhance IT security posture.
Work closely with security operations team, server operations, network operations, and application teams and ensure security practices comply with applicable laws and regulations.
Assess security products and effectiveness of various security products to include firewalls, intrusion detection systems, antivirus, patch management, etc.
Review and provide input into network designs to ensure compliance with security and enterprise architecture.
Provide input and visibility into emerging security technologies, deployment strategies and other security protocols to ensure awareness within the IT security branch.
Review in-house and 3rd-party applications and code for security vulnerabilities and best practices.
Develop and/or implement automated security assessment testing tools where possible.
Act as a liaison to interpret external audit requests, describe what should be provided, and suggest possible options.
Strong understanding of cloud (Azure) and network environments.
Skills:
Demonstrated process improvement experience.
Recognized as a strategic thinker and is results oriented.
Demonstrated effective strong team player and self-motivator. Ability to work and interface internally with IT and other functional support groups with minimal guidance.
Demonstrated successful experience in a customer-facing role.
Excellent written and oral communication skills.
Education & Experience Requirements:
Experience:
7+ years in IT audit.
Strong understanding of the NIST 800 special publications (e.g. NIST 800-171, NIST 800-53, Risk Management Framework, etc) and DoD CMMC.
Collaborating with IT and business stakeholders to plan the engagement and develop work program timelines, risk assessments and other documents/templates.
Lead and execute IT audit engagements.
Experience in applying relevant technical knowledge in the following engagements: (a) ITGC audits; (b) IT internal or operational audits; (c) Service Organization Controls (SOC) Reporting engagements; (d) ERP and cloud security reviews.
Demonstrating and applying strong project management skills.
Solid knowledge of and experience with secure web architectures, tools and processes.
Experience auditing network designs, network Security, wireless Security, and client/server security.
Knowledge of vulnerability assessment/network discovery and associated tools.
Experience auditing networking technologies.
Experience auditing applications.
Enterprise aware (change control, downstream impacts, understanding of cause and effect, change windows, etc.).
Must have the knowledge of IT security technologies such as firewalls, intrusion detections systems, antivirus, patch management, etc., and the interest and experience to work on security policy and architecture.
Knowledge of various control and risk management concepts and methologies as well as knowledge and expertise of all applicable regulations and audit standards such as FERPA, PCI-DSS, and SSAE-16.
Advanced understanding of IT general controls (e.g. security, change management, incident and problem management, disaster recovery, backup, data center, infrastructure, data protection etc.)
Competent knowledge of IT and Information Security operations, policies and procedures in areas such as Windows Active Directory, Unix/Linux and databases. Knowledge of cloud architecture (Azure, AWS), operational frameworks and security controls would be beneficial
Ability to identify issues and associated risks, and provide practical solutions to a wide range of audit issues
Experience of an IT line role would be advantageous but is not essential
Experience or aptitude for using data analytics tools and techniques in an audit role would be a distinct advantage
Proficient in the use of Microsoft Office Word, Excel, PowerPoint
Preferred Experience Requirements:
Education:
Bachelor's Degree
Certifications:
Certificate of Cloud Security Knowledge
Certified Computer Examiner (CCE)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Check Point Certified Master Architect (CCMA)
Check Point Certified Security Expert (CCSE)
Cisco Certified Network Professional - Security
All submissions should include a cover letter and resume.
The University of Maryland Global Campus (UMGC) is an equal opportunity employer and complies with all applicable federal and state laws regarding nondiscrimination. UMGC is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, ancestry, political affiliation or veteran status in employment, educational programs and activities, and admissions.
Workplace Accommodations:
The University of Maryland Global Campus Global Campus (UMGC) is committed to creating and maintaining a welcoming and inclusive working environment for people of all abilities. UMGC is dedicated to the principle that no qualified individual with a disability shall, based on disability, be excluded from participation in or be denied the benefits of the services, programs, or activities of the University, or be subjected to discrimination. For information about UMGC's Reasonable Workplace Accommodation Policy or to request an accommodation, applicants/candidates can contact Employee Accommodations via email at employee-accommodations@umgc.edu.
Benefits Package Highlights:
- Generous Time Off: Enjoy 22 days of paid vacation, 15 days of sick leave, 3 personal days, and 15 paid holidays (16 during general election years). For part-time employees, time off rates will be prorated based on the number of hours worked.
- Comprehensive Health Coverage: Access to health care, medical with vision, dental, and prescription plans for both individuals and families, effective from the 1st of the month following your hire date.
- Insurance Options: Term Life Insurance, Accidental Death and Dismemberment Insurance, and Long-Term Disability (LTD) Insurance. Part-time employees working less than 0.5 FTE are not eligible for LTD.
- Flexible Spending Accounts: Available for medical and dependent care expenses.
- Retirement Plans: Choose between the Optional Retirement Program (ORP) or the Maryland State Retirement and Pension System (MSRPS).
- Supplemental Retirement Plans: include 401(k), 403(b), 457(b), and various Roth options. The university does not provide matching funds.
- Tuition Remission: Immediate availability for Regular Exempt Staff. Spouses and dependent children are eligible for undergraduate tuition remission after two years of service. NOTE: For part-time employees (at least 50 percent of the time), tuition remission benefits are prorated.
Hiring Range:
$132,000.00 - $142,600.00