1. Conducts risk assessments and security assessments of IT applications. 2. Performs vulnerability management for applications and infrastructure. 3. Provides remediation guidance to departments with non-compliant or non-secure applications. 4. Responsibility for monitoring and maintaining the integrity of the University system inventory. 5. Develops routines to aid in security metrics tracking. 6. Assists in the maintenance of content for the HIPAA Security site and the Information Security site. 7. Performs as an IT compliance and audit expert. 8. Assures IT compliance incidents are promptly addressed, tracked and resolved; considers implications, makes recommendations and takes appropriate follow-up. 9. Assists in the application of established policy to particular situations, consulting appropriately. 10. Conducts periodic compliance audit and risk management programs. 11. Coordinate and consults on data security compliance trends, best practice and recommendations for risk management & security design. 12. Conducts periodic risk assessments. 13. May perform other duties as assigned.
Preferred Education: BA in a technical field, and1-2 years of diverse project management experience involving technology and/or information assurance. 1- 2 years of technical computer support, development or programming experience, or an equivalent combination of education and experience.
Preferred Education, Experience and Skills: BA in a technical field, and1-2 years of diverse project management experience involving technology and/or information assurance. 1- 2 years of technical computer support, development or programming experience, or an equivalent combination of education and experience.
Posting Position Title: IT Compliance Specialist
Required Skill/ability 3: Critical, strategic thinking and proven ability to use a combination of research, experience, testing and escalation to efficiently find a balance of the most appropriate and cost-effective solution.
Work Week: Standard (M-F equal number of hours per day)
University Job Title: IT Compliance Officer
Required Skill/ability 1: Proven knowledge of privacy and regulatory compliance as it relates to information security.
Required Skill/ability 4: Proven ability interact with individuals with differing levels of technical expertise including, business, clinical and technical staff, and end users.
Required Skill/ability 2: Demonstrated oral and written communication skills. Well organized and detail oriented. Ability to prepare documentation to provide guidance related to compliance with state and federal regulations, and university policies and procedures.
Bachelor's Degree in a related field and two to five years of related experience in an information security environment; or the equivalent combination of education and experience. Broad knowledge of information security management, risk assessment and regulatory compliance.
Relocation expenses are negotiable.
Internal Number: 49647BR
About Yale University
Yale University is an American private Ivy League research university located in New Haven, Connecticut. Founded in 1701 in the Colony of Connecticut, the university is the third-oldest institution of higher education in the United States.