"Information Security Compliance Analyst"

Information Security Compliance Analyst

Salary: $71,905.60 - $75,573

Job Type: Full-Time

Job Number: FY2300646

Location: Main Campus - Baytown, TX

Division: Information Technology

Position Overview

Starting Salary Range is $71,905.60 - $75,573. The initial salary offer is commensurate with education and related work experience. The Information Security Compliance Analyst is the designated administrator of the Lee College Information Security Program TAC 202.

This position provides assistance to the Chief Information Officer in the operations of the Lee College Information Security Program, as well as oversight and implementation of system-wide information security strategies and solutions. Specific areas include IT policy, continuity of IT operations, information security risk assessment, information security operations review, and security life cycle for information systems.

Please Note: This position offers a hybrid work arrangement, blending onsite presence with remote flexibility.

Essential Duties & Responsibilities

• Develop, recommend, and establish policies, procedures, and practices as necessary to protect Lee College information resources against unauthorized or accidental modification, destruction, or disclosure.
• Design, coordinate and execute audit process, monitoring and procedures to assess and measure company Governance, risks, compliance with its security policies and procedures. Monitor advancements in information privacy laws to ensure organizational adaptation and compliance.
• Identify and implement proactive and reactive technical measures to detect vulnerabilities and to defend against external and internal security threats.
• Plan, implement and overseeing risk-related programs as per TAC 202 and other industry related frameworks & compliances. Creating and coordinating proper reporting channels for compliance issues. Developing compliance communications. Coordinating and scheduling required compliance training for employees.
• Provide consulting and technical support services to owners, custodians, and users in defining and deploying cost-effective security controls and protections.
• Ensures College functions in a legal and ethical manner while meeting its business goals. Responsible for developing Risk & compliance programs, reviewing company policies, and advising management on possible risks as per TAC202 state program and other best practices.
• Establish, maintain, and institutionalize security incident response procedures to ensure that security events are thoroughly investigated, documented, and reported; that damage is minimized, that risks are mitigated, and that remedial actions are taken to prevent recurrence.
• Investigate or direct Governance, Risk and compliance security issues, assess product, vulnerabilities, compliance, or operational risks and develop risk management strategies.
• Establish and publicize a security awareness program to achieve and maintain a security-conscious user community.
• Document, maintain, and obtain ongoing support for all aspects of the information security program.
• Monitor the effectiveness of strategies, activities, measures, and controls designed to protect the College information resources.
• Assure executive management's awareness of legal and regulatory changes that might impact the College information security and privacy policies and practices.
• Serve as Lee College internal and external point of contact for information security matters.
• Report frequently (at least annually) on the status and effectiveness of the information security program as directed by the Chief Information Officer (see TAC §202.73(a)).
• Have authority for information security for the entire institution (see TAC §202.71(a)(2)).
• Develop and recommend policies and establish procedures and practices, in cooperation with the information-owners and custodians, necessary to ensure the security of information and information resources against unauthorized or accidental modification, destruction, or disclosure.
• Coordinate the review of the data security requirements, specifications, and, if applicable, third-party risk assessment of any new computer applications or services that receive, maintain, and/or share confidential data.
• Verify that security requirements are identified, and risk mitigation plans are developed and contractually agreed to and obligated prior to the purchase of information technology hardware, software, and systems development services for any new high impact computer applications or computer applications that receive, maintain, and/or share confidential data.
• Serve as liaison with assigned Lee College educational centers for the purpose of monitoring information security program effectiveness and compliance with program requirements.

Additional Duties & Responsibilities

Perform other duties as assigned.

Minimum Education, Experience, Knowledge, Skills & Abilities

• Bachelor's (or higher) degree in a related field
• Five (5) years of experience designing, implementing, auditing, and/or managing information resources, information security, or risk management projects, operations, and/or programs
• Experience in the implementation of governance, risk, and compliance strategies preferred
• Experience working in a higher education setting preferred
• Experience in Texas State government preferred
• Must be able to work evenings and weekends as required

Lee College does not discriminate on the basis of race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, age, disability, veteran status, genetic information or any other basis protected by law.

To apply, please visit https://www.schooljobs.com/careers/lee/jobs/5161539/information-security-compliance-analyst