HIPAA Risk Analyst

The Risk Management & Compliance Team within the Office of Cybersecurity, is looking for an expert in HIPAA data services and security. Someone who thrives while working with others will be successful in filling this cross departmental position. This person will collect information to assess the security of data across campus and collaborate with campus partners to mitigate discovered risks.

The Office of Cybersecurity includes specialists in Cyber Defense and Incident Response, Operations Management, Policy Development, Security Awareness and Risk Management. We work across campus at all levels to remediate and mitigate risk, discuss risk tolerance, and understand the challenges faced by researchers, faculty, and staff in supporting the efforts of Teaching & Learning.

Your Role:

Supporting the campus directives of Teaching & Learning and Research are what drive us to ensure the security of the data arriving to and leaving from our campus daily. This person would need to be a true problem solver and team player working with leaders at all levels.

This person will guide the security controls established to allow us to continue to offer a secure and supportive environment for daily operations and high-profile research.

What we need from you

We need you to understand the challenges of working at a world class educational institution and apply the knowledge you have gained to our strategic campus efforts. You will collaborate with our partners as the School of Medicine and Public Health, Cybersecurity Operations Center, and Risk Assessment team to establish processes and guidelines for proper use and implementation of services campus wide. We need you to be technical when speaking to our IT partners and strategic as we present the vision of the future to Risk Executives. We need you to always be questioning if additional controls are appropriate and asking the difficult questions to understand the core data needs.

Monitors, provides privileged access to, responds to, and analyzes escalated threats to cyber security data and systems to ensure the safety and protection of information system assets under general supervision. Develops cybersecurity training, security standards, procedures, and infrastructure for major systems.

Diversity is a source of strength, creativity, and innovation for UW-Madison. We value the contributions of each person and respect the profound ways their identity, culture, background, experience, status, abilities, and opinion enrich the university community. We commit ourselves to the pursuit of excellence in teaching, research, outreach, and diversity as inextricably linked goals.

The University of Wisconsin-Madison fulfills its public mission by creating a welcoming and inclusive community for people from every background - people who as students, faculty, and staff serve Wisconsin and the world.

For more information on diversity and inclusion on campus, please visit: Diversity and Inclusion

Preferred

Bachelor's Degree

Information Technology Security or related discipline preferred.

Required Qualifications:

-Must hold a security certification (e.g., CISSP, CISM, CCSK or GSEC).

-Professional experience in information security, with specific experience conducting risk assessments and applying standards and practices e.g., NIST, HIPAA, PCI-DSS, COBIT or ISO.

-Experience applying project management skills in a complex environment, specific to Cybersecurity.

-Experience presenting risk results to non-technical and executive leadership.

Preferred Qualifications:

-Experience using vulnerability management tools to analyze discovered vulnerabilities against current configurations to determine the organizational risk.

-Experience working independently to conduct technical investigations with diverse constituents.

-Experience conducting assessments in a healthcare, higher ed or research organization.

-Understanding of network design, security protocols, systems administration, servers, database software (Oracle and SQL) or endpoint management.

UW-Madison continues to follow necessary health and safety protocols to protect our campus from COVID-19. All employees remain subject to the COVID-19 Workplace Safety Policy: https://policy.wisc.edu/library/UW-5086. Please visit https://covidresponse.wisc.edu for the most up-to-date information.

Full Time: 100%

This position is eligible for any of the following: 100% remote work; partial remote work; or fully on-site. Remote work requires an approved remote work agreement (RWA) agreement. An RWA requires successful candidates to possess their own high-speed internet and phone to perform the work on a university provided computer. Must be able to attend on campus events as requested.

Ongoing/Renewable

Minimum $90,000 ANNUAL (12 months)

Depending on Qualifications

Employees in this position can expect to receive benefits such as generous vacation, holidays, and paid time off; competitive insurances and savings accounts; retirement benefits.

Please note that successful applicants must be authorized to work in the United States without need of employer sponsorship, on or before the effective date of appointment.

Please apply at https://jobs.hr.wisc.edu/en-us/job/514859/hipaa-risk-analyst