"Senior Compliance Engineer"

Senior Compliance Engineer

Company:
The University of Arizona

Job Location:
Tucson, 85724

Category:
Other IT

Type:
Full-Time

Posting Number: req24997

Department: Campus IT Services

Location: To Be Determined

Address: USA

Position Highlights

The University of Arizona Global Campus is seeking a highly skilled and experienced Senior Compliance Engineer (Information Security Analyst IV) to join our team. The primary responsibility of this role is to manage and direct compliance with regulatory requirements and industry best practices related to information technology systems and processes. This role requires advanced technical expertise in IT compliance and risk management, as well as excellent problem-solving and communication skills.

Candidates working anywhere in the U.S. may be considered for a remote assignment. If you are selected for this position and are employed to work remotely from outside of Arizona, your overtime exemption status will depend on the laws of the state where you perform your work. For employees working outside of Arizona, you may be hired as an hourly employee in accordance with state laws. A comparable hourly rate range (based on the position's pay grade, from minimum to midpoint) would be $48.03 to $62.44 per hour. These changes would not affect the position duties as outlined.

Outstanding UA benefits include health, dental, and vision insurance plans; life insurance and disability programs; paid vacation, sick leave, and holidays; UA/ASU/NAU tuition reduction for the employee and qualified family members; retirement plans; access to UA recreation and cultural activities; and more!

The University of Arizona has been recognized for our innovative work-life programs. For more information about working at the University of Arizona and relocation services, please click here.

Duties & Responsibilities

Information Compliance

• Develop, implement, and maintain information security compliance solutions to protect UAGC's IT infrastructure.
• Evaluate and manage system compliance across the institution, including monitoring, documenting, and reporting changes to ensure compliance with HIPAA, FERPA, PCI, and other relevant regulations.
• Investigate and respond to potential compliance incidents, coordinating with relevant teams to mitigate risks and ensure timely resolution.
• Conduct, manage, and review regular vulnerability scans and logs, assigning remediation tasks and following up to completion.
• Ensure that information compliance concerns are integrated into UAGC's business strategies, requirements, and projects, supporting the alignment of IT initiatives with overall institutional goals.

Risk Assessment and Management

• Conduct comprehensive risk assessments and analyze business impacts and exposure based on emerging security threats, vulnerabilities, and risks.
• Develop and execute corrective action plans (CAP), ensuring alignment with the college's strategic goals and regulatory requirements.
• Provide continuous monitoring of the information security program, creating and updating CAPs and managing progress to completion as needed.
• Establish metrics and a reporting framework to measure the efficiency, effectiveness, and maturity level of the security program.
• Prepare and present detailed reports on the status of the information security program to senior leadership, including an annual enterprise risk assessment.

Collaboration and Stakeholder Engagement

• Serve as the primary information security liaison with the Information Security Office, the University Privacy Program Office, and other regulatory bodies.
• Collaborate with UITS ISO, the HIPAA Privacy Office, and other regulatory entities as the primary liaison during any actual or potential information security events.
• Act as a security expert in application development, database design, and network security, collaborating with teams to ensure security measures are integrated into all projects.
• Participate in the development of data management plans for researchers, ensuring information security and HIPAA compliance.
• Ensure effective communication and collaboration between UAGC's and relevant stakeholders on matters related to information security, compliance, and risk management.

Compliance Policies

• Manage the development and enforcement of policies, procedures, and standards.
• Ensure that compliance policies are reviewed and update, if necessary, on a regular scheduled basis.
• Manage and develop processes place to ensure compliance with regulatory requirements and industry best practices in regard to databases and application development.

Continuous Improvement and Innovation

• Research, design, and advocate for the adoption of new technologies that enhance UAGC's information security posture.
• Stay informed of current trends, news, and developments in information technology related to HIPAA compliance, vulnerabilities, security breaches, and malicious attacks.
• Periodically review UAGC's security control set, overseeing the introduction and implementation of new security tools and platforms as necessary.
• Prepare and maintain comprehensive documentation for all security-related activities, ensuring it meets regulatory requirements and is accessible to relevant stakeholders.
• Provide leadership and guidance on information security topics, including the development of business continuity and disaster recovery plans.

Knowledge, Skills, & Abilities

• Skill in critical thinking to address compliance challenges.
• Knowledge of and ability to apply regulatory frameworks related to data privacy, security, and compliance (e.g., HIPAA, FERPA, PCI-DSS, GLBA, CPRA and GDPR).
• Knowledge of industry best practices related to IT compliance and risk management.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and in a team environment.

This job posting reflects the general nature and level of work expected of the selected candidate(s). It is not intended to be an exhaustive list of all duties and responsibilities. The institution reserves the right to amend or update this description as organizational priorities and institutional needs evolve.

Minimum Qualifications

• Bachelor's Degree AND Minimum of 8 years of directly relevant work experience, or equivalent combination of education and directly relevant work experience.

Preferred Qualifications

• Relevant experience in higher education.

FLSA: Exempt

Full Time/Part Time: Full Time

Number of Hours Worked per Week: 40

Job FTE: 1.0

Work Calendar: Fiscal

Job Category: Information Technology

Benefits Eligible: Yes - Full Benefits

Rate of Pay: $99,901 - $129,871

Compensation Type: salary at 1.0 full-time equivalency (FTE)

Grade: 12

Compensation Guidance

The Rate of Pay Field represents the University of Arizona's good faith and reasonable estimate of the range of possible compensation at the time of posting. The University considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, key skills, and internal equity.

The Grade Range represent a full range of career compensation growth over time. The university offers compensation growth opportunities within its career architecture. To learn more about compensation, please review our Applicant Compensation Guide and our Total Rewards Calculator.

Career Stream and Level: PC4

Job Family: Information Security

Job Function: Information Technology

Type of criminal background check required: Name-based criminal background check (non-security sensitive)

Number of Vacancies: 1

Contact Information for Candidates: uits-jobs@arizona.edu

Open Until Filled: Yes

Documents Needed to Apply: Resume and Cover Letter

Special Instructions to Applicant

The application window is anticipated to close on 02/10/2026.