Join our Information Assurance team to help secure Purdue! As the IT Security Risk Analyst your primary role will be a PCI-DSS Internal Security Assessor (ISA) for a multi-campus, varied merchant environment and maintaining our reduced PCI scope. Additionally, you’ll perform information security risk and compliance assessments for new software or cloud services; help faculty researchers secure their data; and use your skills and experience to identify administrative, technical, and physical security controls to mitigate risk. You’ll often collaborate with IT, business areas, research compliance and faculty to recommend secure solutions.
Four years of experience working with and interpreting regulatory controls or laws impacting information systems technology and/or information system risk assessment as it relates to compliance
In lieu of degree, consideration will be given to an equivalent combination of related education and required work experience.
Ability to communicate effectively with both technical and non-technical audiences at various levels within the organization
Analysis, decision making, problem solving and customer service skills
Familiarity of Federal regulatory agencies and controls for information systems and understanding of laws and regulations associated with information security and privacy
A broad understanding of technology
Ability to work independently and within a team environment
Keen attention to detail
Bachelor’s degree in Business, Computer Science, Engineering, Computer/Information Technology, Accounting or Information Systems Audit and Control, Information Security, or Law
Experience performing risk assessments for compliance with HIPAA, GLBA and/or PCI DSS
Project management experience
Certification in or progress toward at least one designation in information security, risk, compliance or related discipline (e.g. CISSP, CRISC, CISA, CISM, CIPP/IT, GIAC)