The Risk Management & Compliance Team within the Office of Cybersecurity, is looking for an expert in HIPAA data services and security. Someone who thrives while working with others will be successful in filling this cross departmental position. This person will collect information to assess the security of data across campus and collaborate with campus partners to mitigate discovered risks.
The Office of Cybersecurity includes specialists in Cyber Defense and Incident Response, Operations Management, Policy Development, Security Awareness and Risk Management. We work across campus at all levels to remediate and mitigate risk, discuss risk tolerance, and understand the challenges faced by researchers, faculty, and staff in supporting the efforts of Teaching & Learning.
Your Role: Supporting the campus directives of Teaching & Learning and Research are what drive us to ensure the security of the data arriving to and leaving from our campus daily. This person would need to be a true problem solver and team player working with leaders at all levels.
This person will guide the security controls established to allow us to continue to offer a secure and supportive environment for daily operations and high-profile research.
What we need from you We need you to understand the challenges of working at a world class educational institution and apply the knowledge you have gained to our strategic campus efforts. You will collaborate with our partners as the School of Medicine and Public Health, Cybersecurity Operations Center, and Risk Assessment team to establish processes and guidelines for proper use and implementation of services campus wide. We need you to be technical when speaking to our IT partners and strategic as we present the vision of the future to Risk Executives. We need you to always be questioning if additional controls are appropriate and asking the difficult questions to understand the core data needs.
Responsibilities:
Monitors, provides privileged access to, responds to, and analyzes escalated threats to cyber security data and systems to ensure the safety and protection of information system assets under general supervision. Develops cybersecurity training, security standards, procedures, and infrastructure for major systems.
40% Conducts vulnerability-scanning analysis, tests security controls, documents the results of risk assessments, and designs procedures to prevent future incidents
20% Assists in the design, development, and implementation of security methodology and infrastructure for major systems
20% Configures, develops, and tests applications and security controls
5% Communicate effectively to UW-Madison campus partners to educate and develop strategies and policies to reduce risk across campus.
5% Offer guidance to reduce/eliminate vulnerabilities and monitor action to increase campus security posture specific to the Health Care Component and the security of ePHI.
5% Apply analytical knowledge of data security controls to secure specific data types and engage with specific campus segments (i.e. InterOp, EBS, PCI, HIPAA, FERPA, HCC, Cloud) to develop best practices for data handling.
5% Applies Cybersecurity risk expertise and NIST standards to incoming assessment requests to secure data and reduce risk across campus.
Institutional Statement on Diversity:
Diversity is a source of strength, creativity, and innovation for UW-Madison. We value the contributions of each person and respect the profound ways their identity, culture, background, experience, status, abilities, and opinion enrich the university community. We commit ourselves to the pursuit of excellence in teaching, research, outreach, and diversity as inextricably linked goals.
The University of Wisconsin-Madison fulfills its public mission by creating a welcoming and inclusive community for people from every background - people who as students, faculty, and staff serve Wisconsin and the world.
For more information on diversity and inclusion on campus, please visit: Diversity and Inclusion
Education:
Preferred Bachelor's Degree Information Technology Security or related discipline preferred.
Qualifications:
Required Qualifications: -Must hold a security certification (e.g., CISSP, CISM, CCSK or GSEC). -Professional experience in information security, with specific experience conducting risk assessments and applying standards and practices e.g., NIST, HIPAA, PCI-DSS, COBIT or ISO. -Experience applying project management skills in a complex environment, specific to Cybersecurity. -Experience presenting risk results to non-technical and executive leadership.
Preferred Qualifications: -Experience using vulnerability management tools to analyze discovered vulnerabilities against current configurations to determine the organizational risk. -Experience working independently to conduct technical investigations with diverse constituents. -Experience conducting assessments in a healthcare, higher ed or research organization. -Understanding of network design, security protocols, systems administration, servers, database software (Oracle and SQL) or endpoint management.
COVID-19 Considerations:
UW-Madison continues to follow necessary health and safety protocols to protect our campus from COVID-19. All employees remain subject to the COVID-19 Workplace Safety Policy: https://policy.wisc.edu/library/UW-5086. Please visit https://covidresponse.wisc.edu for the most up-to-date information.
Work Type:
Full Time: 100%
This position is eligible for any of the following: 100% remote work; partial remote work; or fully on-site. Remote work requires an approved remote work agreement (RWA) agreement. An RWA requires successful candidates to possess their own high-speed internet and phone to perform the work on a university provided computer. Must be able to attend on campus events as requested.
Appointment Type, Duration:
Ongoing/Renewable
Salary:
Minimum $90,000 ANNUAL (12 months) Depending on Qualifications Employees in this position can expect to receive benefits such as generous vacation, holidays, and paid time off; competitive insurances and savings accounts; retirement benefits.
Additional Information:
Please note that successful applicants must be authorized to work in the United States without need of employer sponsorship, on or before the effective date of appointment.
How to Apply:
APPLICATION INSTRUCTIONS: Click on the "Apply Online" button to start the application process. You will be prompted to upload the following documents: Resume (REQUIRED) Cover letter (REQUIRED) Please use your cover letter to speak to each of the Required Qualifications for this position (listed above in the Qualifications section). For each Required Qualification, describe your relevant experience, using specific examples from your work history to illustrate how your experience satisfies the requirement.
Contact:
Charissa Weber charissa.weber@wisc.edu 608-262-0596 Relay Access (WTRS): 7-1-1 (out-of-state: TTY: 800.947.3529, STS: 800.833.7637) and above Phone number (See RELAY_SERVICE for further information. )
The University of Wisconsin is an Equal Opportunity and Affirmative Action Employer. We promote excellence through diversity and encourage all qualified individuals to apply.
Employment will require a criminal background check. It will also require you and your references to answer questions regarding sexual violence and sexual harassment.
The University of Wisconsin System will not reveal the identities of applicants who request confidentiality in writing, except that the identity of the successful candidate will be released. See Wis. Stat. sec. 19.36(7).
The Annual Security and Fire Safety Report contains current campus safety and disciplinary policies, crime statistics for the previous 3 calendar years, and on-campus student housing fire safety policies and fire statistics for the previous 3 calendar years. UW-Madison will provide a paper copy upon request; please contact the University of Wisconsin Police Department.
The University of Wisconsin–Madison has been a catalyst for the extraordinary since its founding in 1848. Our students, staff, and faculty partake in world-class education and conduct prolific research that solves real-world problems. Our guiding principle is the Wisconsin Idea, a commitment to outreach that creates a better future for our state, our nation, and the world. We value the contributions of each person and recognize that diversity is a source of strength, creativity, and innovation.