A higher education institution is looking to hire a Risk and Compliance Analyst for their information security team. This person will be responsible for conducting annual risk assessments, the PCI-DSS compliance assessment, and third-party risk management involving HIPAA compliance. They will be conducting both internal and external risk assessments. They will be providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. They will be using OneTrust as the GRC tool and project management tools for progress tracking. This person will ideally reside in PST and MUST be comfortable working 8:00-5:00 PST Monday-Friday.
5+ years of experience in security risk and compliance
Knowledge of NIST 800-53 & 800-171 cybersecurity frameworks
PCI-DSS compliance knowledge
Experience conducting internal risk assessments - NOT third party
Experience using the GRC tool: OneTrust
Working knowledge of ServiceNow
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.