Responsible for ensuring the organization's information systems and processes align with established cybersecurity, privacy, and regulatory standards. This role conducts in-depth security consultations and risk assessments to evaluate the effectiveness of security controls, identify vulnerabilities, and recommend mitigation strategies

• Plan, coordinate, and facilitate IT disaster recovery (DR) tests and tabletop exercises; evaluate results against requirements and document findings.
• Develop and maintain auditable evidence of implemented security measures to support compliance and assurance activities.
• Conduct privacy impact assessments (PIAs), document risks, and prepare formal reports with recommendations.
• Collect, examine, and preserve forensic images and other digital evidence using validated investigative techniques in support of research integrity investigations and incident response.
• Collaborate with vendors to coordinate incident response activities and ensure timely resolution of security events.
• Analyze digital evidence from security incidents to identify root causes, assess vulnerabilities, and recommend corrective actions.
• Review contracts, data governance requests, and system security plans (SSPs) to ensure alignment with cybersecurity, privacy, and regulatory requirements.
• Monitor relevant cybersecurity, data privacy, and legal regulations to provide informed recommendations and support compliance initiatives.
• Performs other duties as assigned

Education:

• Bachelor's Degree in Computer Science, Information Technology, or related discipline

Equivalency/Substitution:
Experience or a combination of education & related experience can be considered in lieu of degree. A one-to-one ratio is used to determine the number of years of experience required in place of a degree.

Experience:

• 3 years of experience in governance, risk, and compliance (GRC), cybersecurity, information assurance or related field

Certifications or Licenses:

• None

• Ability to perform effectively in high-pressure, fast-paced environments.
• In-depth understanding of cybersecurity frameworks and standards 
• Strong verbal and written communication skills, with the ability to convey complex information clearly to both technical and non-technical audiences.
• Excellent interpersonal and mentoring skills, with the ability to teach and guide others.
• Familiarity with regulatory and compliance requirements 
• Understanding of network and system architecture, including common security configurations and vulnerabilities
• Strong analytical and problem-solving skills for identifying security risks and evaluating mitigation strategies
• Skilled in using risk assessment and compliance tools, vulnerability scanners, and GRC platforms.
• Ability to effectively interpret and apply security policies, procedures, and technical standards
• Ability to assess technical environments for compliance with security and privacy requirements
• Ability to maintain confidentiality and handle sensitive information with discretion
• Ability to adapt to changing technologies, threats, and regulatory landscapes

• Requires extended periods of sitting, working at a computer, and using a phone.
• Requires sound judgment under pressure and the ability to manage multiple competing priorities effectively.
• Office Work Environment.
• Occasional evening, weekend, or on-call availability during critical incidents or high-severity events.