Governance, Risk & Compliance Analyst, University Information Security Office (UISO) - University I
Governance, Risk & Compliance Analyst, University Information Security Office (UISO) - University Information Services
The Governance, Risk & Compliance Analyst (GRC) serves as a project analyst for all assigned information security and cybersecurity initiatives, interacting with multiple levels of staff and faculty within the University, as well as nationally and internationally with professionals holding similar positions at other universities. Reporting to the Director for Information Security Compliance and Governance, the GRC has duties that include but are not limited to:
Security Compliance, Risk Management and Governance
- Designs and collects weekly cybersecurity activities and summarize trends and activities.
- Monitors regulatory obligations, updates, and University applications.
- Provides analysis and reporting on University risk factors related to cybersecurity and technical compliance.
- Proposes problem-solving strategies for security processes and workflow.
- Provides basic technical support to security analysts, such as vulnerability scan analysis; suspicious email evaluation and response; and certificate analysis and confirmation.
- Reviews, documents, and evaluates University procedures.
- Provides Incident Response support and communication.
Security Awareness, Outreach and Communications
- Generates high-quality copy writing for broadcast communication and publication.
- Develops presentations to clearly articulate information security policies, procedures, best practices, and Georgetown standards.
- Assists with preparing internal and external UISO security briefings and general reports, communications, and analyses.
- Serves as the content contributor for the UISO web site and the technology policies web site, supports management of the content structure and appearance.
- Develops materials for dissemination of program/service information.
- Collaborates with UIS Security Operations teams on incident response activities, including planning and follow-up.
- Coordinates with key UIS and University personnel to identify key incident response needs and opportunities for improvement.
- Identifies and documents compliance incidents, and policy violations, and remediation actions.
- Bachelor's degree - preference for Master's degree
- 2 to 5 years of demonstrated technical service, administration and program management experience required, preferably supporting a large complex organization with a diverse constituent or customer base and complex security requirements
- Demonstrated experience developing executive-level communications, presentations and briefs - including strong writing and editing skills
- Demonstrated experience with in-person and online training delivery
- Previous experience in research, higher academic institution, as well as with working with faculty, staff, student body on cybersecurity issues
- Confidential reliability for a position of trust with access highly sensitive or confidential data or information
- Availability and willingness to work outside of usual business hours of Georgetown University - including potential on-call responsibilities - and/or to provide assistance for security incidents
Applicable technical certification - including CISSP, CISM, CISA, or GRISC
Current Georgetown Employees:
If you currently work at Georgetown University, please exit this website and login to GMS (gms.georgetown.edu) using your Net ID and password. Then select the Career worklet on your GMS Home dashboard to view Jobs at Georgetown.
Please note that in order to be considered an applicant for any position at Georgetown University you must submit a cover letter and resume for each position of interest for which you believe you are qualified. These documents are not kept on file for future positions.
If you are a qualified individual with a disability and need a reasonable accommodation for any part of the application and hiring process, please click here for more information, or contact the Office of Institutional Diversity, Equity, and Affirmative Action (IDEAA) at 202-687-4798 or firstname.lastname@example.org.
Need some assistance with the application process? Please call 202-687-2500
Georgetown University is an Equal Opportunity/Affirmative Action Employer fully dedicated to achieving a diverse faculty and staff. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, national origin, age, sex (including pregnancy, gender identity and expression, and sexual orientation), disability status, protected veteran status, or any other characteristic protected by law.