Emory University Sr Enterprise Information Security Risk/Cmpl Specialist in Atlanta, Georgia


JOB DESCRIPTION: The Senior Enterprise Information Security Compliance Specialist serves as a subject matter expert for information security elements of one or more IT compliance regulatory schemes (e.g. Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) Act, Payment Card Industry Data Security Standard (PCI DSS), Gramm-Leach-Bliley Act (GLBA), Federal Information Security Management Act (FISMA). Assumes additional technical and thought-leadership responsibilities spanning multiple IT security, risk management, regulatory compliance, and security operations domains. Consumes and analyzes cyber threat intelligence to maintain situational awareness of the threat, vulnerability, and compliance landscape. Leverages this information to appropriately assess and mitigate cyber risk to the enterprise IT systems. Ensures that appropriate operational, technical and managerial controls are implemented and operating appropriately to sustain the required security posture of Emory IT systems. Conducts risk assessments and coordinates remediation of discovered risks. Implements and administers plans, processes, and procedures necessary to ensure compliance. Provides guidance and assistance regarding information security and compliance matters, such as the interpretation of information security policies and requirements and/or their applicability to particular situations. Represents Information Security to other organizations on IT risk and compliance related matters. Publishes regular status reports and submits to management. Prepares information security, compliance reports, and other documentation. Performs other related responsibilities as required.

MINIMUM QUALIFICATIONS: A bachelor's degree and five years of related IT experience including demonstrated technical expertise in multiple information security domains, project management skills, OR an equivalent combination of education, training and experience. Excellent project management and team participation skills. Excellent written and verbal communication skills. Experience conducting large scale enterprise risk management and/or compliance efforts in a complex and/or highly distributed environment (preferably within a large healthcare provider or academic medical center environment) is preferred.

Apply Now

Connect With Us!

Not ready to apply?

Job Number 24864

Job Type Regular Full-Time

Division LITS: Library and IT Services

Department LITS: Enterprise IT Security

This position may involve the following Health and Safety issues: Not Applicable

Job Category Information Technology

Emory University is an equal opportunity/equal access/affirmative action employer fully committed to achieving a diverse workforce and complies with all applicable Federal and Georgia State laws, regulations, and executive orders regarding nondiscrimination and affirmative action in its programs and activities. Emory University does not discriminate on the basis of race, color, religion, ethnic or national origin, gender, genetic information, age, disability, sexual orientation, gender identity, gender expression, and veteran's status. Inquiries about this statement should be directed to the Office of Equity and Inclusion, 201 Dowman Drive, Administration Bldg, Atlanta, GA 30322