Cybersecurity Analyst
Stanford University

Job Info

---

Cybersecurity Analyst🔍Business Affairs: University IT (UIT), Redwood City, California, United StatesNew📁Information Technology Services📅1 day ago Post Date📅102994 Requisition #Stanford's Information Security Office is looking for a Cybersecurity Analyst to work with our small, tightly-knit team on a wide range of security-related projects. The Information Security Office is a high-profile team and is one of the few departments with university-wide purview, so you'll have plenty of opportunity to share and shine. We operate with a high degree of autonomy, expecting each of our contributors to bring their own special talents to bear on the tough challenges facing the university. It isn't easy doing information security at a large university, but we have a great time doing it. Trust, innovation, and fun are at the heart of what we do.The Cybersecurity Governance, Risk, and Compliance(GRC) team within the Information Security Office is a newly formed team with an entrepreneurial spirit, and we want you to help us grow and to grow along with us. The Cybersecurity GRC team will evaluate institutional cybersecurity risk and ensure Stanford's Minimum Security Standards align with widely recognized cybersecurity best practice frameworks; and partner with the Office of the Chief Risk Officer University Privacy Office in ensuring compliance with relevant security and privacy requirements applicable to Stanford's research, teaching, learning, and healthcare mission. We value training and growth and provide a generous training budget and opportunities for both technical and leadership training to everyone. Every team member is the leader of the services they are responsible for, and everyone contributes to our team strategy and initiatives.The GRC team is seeking a highly motivated Cybersecurity Analyst to join our dynamic and innovative team. As a key member of our team, you will play an integral role in executing a range of challenging and exciting information security-focused projects.Reporting to the Director of GRC, the Cybersecurity analyst will provide highly skilled technical and information security expertise for developing and implementing process guidance for information security risk, vendor risk management programs as well as implementing and maintaining security tools and policies. In this role, you will be instrumental in the success of various projects to enhance Stanford's security posture and capabilities. About Stanford
Stanford is one of the world's leading universities, supported by diverse staff who share a passion for the University's teaching, learning, research, and clinical care mission. At Stanford, you'll find a pervasive culture of excellence, innovation, collaboration, and life-long learning. We work for the greater good. We don't have stock options; there's no profit sharing (because we're a non-profit). Stanford will match-and-double your retirement contributions, help with your dependent's tuition, and provide several healthcare options that include zero deductible plan. Because Stanford is a 501(c)(3) non-profit, you might qualify for the Public Service Loan Forgiveness program with the Dept of Education. Explore some of the many perks enjoyed by our employees at https://sweeteners.stanford.edu and https://uit.stanford.edu/guide/perks
Scale the Knowledge (If Not the Solution)
As an educational institution, we value knowledge sharing and didactic exchange. Here are other activities relating to your practice.

Collaborate with any of the 1,500 members of the campus IT community.Join our IT community, attend lunch-and-learns, participate in annual campus events and give presentations related to IT initiatives.Share your discoveries and experience with other information security teams within our university and peer institutes.Mentor emerging talent.

Core Responsibilities:

Implement automated processes to continuously monitor information security controls, exceptions, risks, testing, and provide reporting metrics, dashboards, and evidence artifacts.Coordinate security audits, penetration testing, and vulnerability assessments to identify weaknesses in the security infrastructure and develop plans to address these weaknesses.Collaborate with cross-functional teams, including IT, Finance, Human Resources, and Legal, to integrate information security into the organization's overall risk management program.Update security controls regularly and provide support to stakeholders on security controls, including internal assessments, regulations, protecting Personally Identifiable Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).Collaborate with software development teams to integrate security into the secure software development lifecycle.Conceptualize design, implement, and develop solutions for complex systems/programs independently.Provide technical analysis, design, development, conversion and implementation work.Work as an advisor for complex projects requiring development and integration of existing applications.Compare, evaluate, and implement new features and technologies, and integrate them into the computing environment.Stay up to date with the latest security threats, technologies, and industry regulations to continually improve the organization's security posture.Maintain detailed documentation and records of security incidents, risk assessments, and audit findings to support ongoing compliance efforts.Perform any other related duties assigned to support the organization's information security program.

Minimum Education and Experience Required:

Bachelor's degree in Information Security, Computer Science, or equivalent plus 5 years of relevant experience, or a combination of education and relevant experience. A minimum of 3-5 years of experience in information security, risk management, or compliance is preferred.

Minimum Knowledge, Skills and Abilities Required:

Experience in information security, risk management, and compliance.Experience with programming and scripting languages.Knowledge of industry standards and regulations, particularly NIST. Knowledge in ISO 27001, HIPAA, and PCI DSS is a plus.Experience in conducting security audits, risk assessments, and vulnerability assessments.Knowledge of security technologies such as encryption, firewalls, intrusion detection systems, and SIEMs.Strong analytical and problem-solving skills, with the ability to identify and assess security risks.Excellent written and verbal communication skills, with the ability to articulate technical concepts to a non-technical audience.Ability to work independently and as part of a team, with strong organizational and project management skills.Strong attention to detail, with the ability to maintain accurate records and documentation.Ability to stay up to date with the latest security threats, technologies, and industry regulations.

Physical Requirements:

Constantly perform desk-based computer tasks.Frequently sit, grasp lightly/fine manipulation.Occasionally stand/walk, use a telephone, occasionally lift/carry/push/pull objects that weigh 21-40 pounds.Rarely writing by hand, lift/carry/push/pull objects that weigh up to 20 pounds and lift/carry/push/pull objects that weigh >40 pounds.

This role is open to candidates anywhere in the United States. Stanford University has five Regional Pay Structures. The compensation for this position will be based on the location of the successful candidate. The expected pay range for this position is $122,000 to $162,000 per annum for remote positions.The expected pay range for this position is $156,000 to $185,000 per annum for hybrid positions.Stanford University provides pay ranges representing its good faith estimate of what the university reasonably expects to pay for a position. The pay offered to a selected candidate will be determined based on factors such as (but not limited to) the scope and responsibilities of the position, the qualifications of the selected candidate, departmental budget availability, internal equity, geographic location and external market pay for comparable jobs.At Stanford University, base pay represents only one aspect of the comprehensive rewards package. The Cardinal at Work website (https://cardinalatwork.stanford.edu/benefits-rewards) provides detailed information on Stanford's extensive range of benefits and rewards offered to employees. Specifics about the rewards package for this position may be discussed during the hiring process.Why Stanford is for You

Imagine a world without search engines or social platforms. Consider lives saved through first-ever organ transplants and research to cure illnesses. Stanford University has revolutionized the way we live and enrich the world. Supporting this mission is our diverse and dedicated 17,000 staff. We seek talent driven to impact the future of our legacy. Our culture and unique perks empower you with:

Freedom to grow. We offer career development programs, tuition reimbursement, or course auditing. Join a TedTalk, film screening, or listen to a renowned author or global leader speak.A caring culture. We provide superb retirement plans, generous time-off, and family care resources.A healthier you. Climb our rock wall or choose from hundreds of health or fitness classes at our world-class exercise facilities. We also provide excellent health care benefits.Discovery and fun. Stroll through historic sculptures, trails, and museums.Enviable resources. Enjoy free commuter programs, ridesharing incentives, discounts and more!

The job duties listed are typical examples of work performed by positions in this job classification and are not designed to contain or be interpreted as a comprehensive inventory of all duties, tasks, and responsibilities. Specific duties and responsibilities may vary depending on department or program needs without changing the general nature and scope of the job or level of responsibility. Employees may also perform other duties as assigned.

Consistent with its obligations under the law, the University will provide reasonable accommodations to applicants and employees with disabilities. Applicants requiring a reasonable accommodation for any part of the application or hiring process should contact Stanford University Human Resources at stanfordelr@stanford.edu. For all other inquiries, please submit a contact form.

Stanford is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.Additional Information

• Schedule: Full-time
• Job Code: 4793
• Employee Status: Regular
• Grade: K
• Requisition ID: 102994
• Work Arrangement : Hybrid Eligible, Remote Eligible

This job has expired.