Cyber Security Risk & Compliance Analyst

The Cyber Security Risk & Compliance Analyst is responsible for assessing and managing cybersecurity risks across the university's IT environment while ensuring adherence to regulatory requirements, industry standards, and institutional security policies. This position plays a key role in identifying vulnerabilities, conducting risk assessments, monitoring compliance controls, and providing actionable recommendations to strengthen the university's overall security and compliance posture., * Occasional after-hours work for incident response or change management work in designated maintenance windows

• Participation in on-call rotation (applicable positions)
• Occasional travel required for training, conferences, or other events

• Requires a high school diploma (or equivalent) and six years of relevant experience. Requirements may be met through a combination of work experience and education., * 3-5 years of experience in compliance, audit, or risk management
• Strong knowledge of regulatory frameworks and standards
• Experience with GRC platforms
• Understanding of risk assessment methodologies
• Excellent written and verbal communication skills
• Experience with audit processes and evidence collection
• Knowledge of cybersecurity frameworks (NIST, ISO 27001)
• Compliance or risk management certifications (CISA, CRISC, CISM)
• Experience with specific industry regulations (FERPA, GLBA, PCI DSS, etc)
• Knowledge of business process mapping and documentation
• Experience with policy management systems
• Understanding of legal and regulatory research, Candidates must be legally authorized to work in the U.S. on an ongoing basis without sponsorship