Job Description

　　A higher education institution is looking to hire a Risk and Compliance Analyst for their information security team. This person will be responsible for conducting annual risk assessments, the PCI-DSS compliance assessment, and third-party risk management involving HIPAA compliance. They will be conducting both internal and external risk assessments. They will be providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. They will be using OneTrust as the GRC tool and project management tools for progress tracking. This person will ideally reside in PST and MUST be comfortable working 8:00-5:00 PST Monday-Friday.

　　Skills and Requirements

　　5+ years of experience in security risk and compliance

　　Knowledge of NIST 800-53 & 800-171 cybersecurity frameworks

　　PCI-DSS compliance knowledge

　　Experience conducting internal risk assessments - NOT third party

　　Experience using the GRC tool: OneTrust

　　Working knowledge of ServiceNow HIPPA compliance knowledge

　　Experience working in the higher education industry null

　　We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].