Cybersecurity Documentation Specialist
Position Number: 00102939
Primary Function of Organization Unit: The Security & Compliance Unit (S&C) within the Office of Information Technology oversees the security of the University's systems and data in a manner that is consistent with industry best practices and the University's compliance obligations. S&C develops (and ensures compliance with) information security policies/regulations/procedures, oversees implementation of strategic information security initiatives, provides routine security services, provides campus-wide software license management, coordinates IT resilience efforts and provides portfolio/project management guidance for OIT. The Information Security Risk and Assurance (ISRA) team within the Office of Information Technology (OIT) Security & Compliance unit is a central point for managing university IT security risk and compliance activities. The unit is primarily responsible for IT security strategic planning, solutions architecture, risk management and compliance program development, security service development, specific compliance program relating to HIPAA, FERPA, PCI DSS, NIST 800-series, ISO 27001/2, security awareness, policy and standards development, etc.
Essential Job Duties: The Cybersecurity Documentation Specialist leads efforts to document and maintain university security policies, standards, guidelines, and operating procedures to ensure the security of university information systems and data, as well as, ensure compliance with PCI DSS, NIST 800-series, ISO 27002, HIPAA, HEOA, audits observations, etc. The Specialist is responsible for developing and managing a document management system that seeks to increase the retention of institutional knowledge upon termination of key personnel, help to streamline operational duties, and help to meet compliance. The Specialist will also be responsible for content management of the unit's cybersecurity website and to document meeting minutes for major projects in Security and Compliance. The Specialist will have primary responsibility for coordinating the university Higher Education Opportunity Act (HEOA)/ Digital Millennium Copyright Act (DMCA) program aimed at protecting university constituents from risks associated with downloading and utilizing unauthorized copyrighted materials, and will ensure compliance with the HEOA requirements.
Department Required Skills: * Experience working in a technical environment. * Experience with technical writing. * Experience analyzing, summarizing and reporting both quantitative and qualitative data. * Experience reviewing, analyzing, developing and documenting policies and procedures. * Experience working with a document management system
Preferred Experience, Skills, Training/Education: * Experience working in higher education. * Experience working with a call tracking program such as ServiceNow. * Some familiarity with industry standards such as NIST, HIPAA, PCI, ISO 27002, etc. * Understanding of current technologies. * Experience with Google G-Site applications. * Experience with AoDocs, Microsoft SharePoint, or similar applications.
Necessary Licenses and Certifications: N/A
AA/EOE: NC State University is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, gender identity, age, sexual orientation, genetic information, status as an individual with a disability, or status as a protected veteran.
Individuals with disabilities requiring disability-related accommodations in the application and interview process, please call 919-515-3148. Final candidates are subject to criminal & sex offender background checks. Some vacancies also require credit or motor vehicle checks. If highest degree is from an institution outside of the U.S., final candidates are required to have their degree verified at "www.wes.org":http//wes.org. Degree must be obtained prior to start date.
NC State University participates in E-Verify. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States.