Job no: 515842
Work type: Staff Full Time
Location: UMass Amherst
Department: A&F Information Technology
Categories: Computer & Information Technology
About UMass Amherst
UMass Amherst, the Commonwealth's flagship campus, is a nationally ranked public research university offering a full range of undergraduate, graduate and professional degrees. The University sits on nearly 1,450-acres in the scenic Pioneer Valley of Western Massachusetts, and offers a rich cultural environment in a bucolic setting close to major urban centers. In addition, the University is part of the Five Colleges (including Amherst College, Hampshire College, Mount Holyoke College, and Smith College), which adds to the intellectual energy of the region.
The IT Security Administrator/Analyst position authorizes, administers and audits security role administration and workflow administration for University and Campus enterprise applications. The position is a primary point of contact for internal and external security audits and also participates in IT security compliance activities such PCI-DSS, ISO27000, and others. This position requires significant contact with administrative and academic areas of the campus as well as close coordination with enterprise application administrators.
- Authorizes and administers security for University-wide enterprise application modules as well as various campus applications. This includes reviewing and authorizing access requests, maintaining security roles, preferences, department security, privilege assignment and workflow. Participates on security teams for development and implementation of University-wide and campus applications.
- Holds responsibility for all security administration audit compliance and documentation for the campus and is a primary contact with any auditors, internal or external, in performance of security audits at the campus for University, campus and departmental applications. Ensures compliance to security policies, procedures and controls.
- Manages security access reviews on University-wide enterprise applications and various campus and A&F systems to ensure compliance with security policies and standards at least annually or as directed by University information security policies, including applications audit policy.
- Develops and establishes policy and procedures for security and compliance consistent with application and audit requirements.
- Coordinates and tracks annual PCI-DSS compliance submissions from campus merchants. Verifies and consolidates for reporting to the University Treasurer’s Office.
- Works as part of a team with IT Compliance Field Tech to provision and de-provision user accounts and facilitate user access reviews. Meet with new users to orient them and answer questions on data-handling, security and acceptable use of A&F technology.
- Serves as a liaison to systems users and departments relative to the day-to-day security operations of University and Campus enterprise applications. Provides tier 1 user support for Finance and BuyWays systems.
- Participates in the development and implementation of campus applications for security roles and administration.
- Performs related duties as assigned or required to meet Department, Executive Area/Division and University goals and objectives.
- Associate’s degree and/or two (2) years information technology experience.
- Familiarity with application security principles as they relate to security administration.
- Familiarity in security administration and/or security compliance.
- Demonstrated ability to work in an organized and effective manner, with independence, where attention to detail is important and multiple simultaneous assignments are common.
- Experience in meeting demands of a complex environment where timeliness and availability are considered critical.
- Excellent written and verbal communications skills are required. Solid interpersonal skills with the ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies and organizational relationships.
- Ability to pass thorough background and security checks to allow access to confidential and secure data and systems including Criminal Justice Information Systems (CJIS) background check.
- Working knowledge of PCI-DSS, HIPPA, FERPA and other security/privacy laws
- Familiarity with identity management tools for administration such as Oracle OAM.
- Information security certification is highly desired.
- Knowledge of scripting languages, such as power shell.
Physical Demands/Working Conditions
Typical Office Environment Activities.
Monday - Friday (37.5 hrs./week)
Special Instructions to Applicants
Applicants must complete online application, submit cover letter, resume and contact information for three (3) professional references to ensure consideration. Applications will be accepted until the position is filled.
UMass Amherst is committed to a policy of equal opportunity without regard to race, color, religion, gender, gender identity or expression, age, sexual orientation, national origin, ancestry, disability, military status, or genetic information in employment, admission to and participation in academic programs, activities, and services, and the selection of vendors who provide services or products to the University. To fulfill that policy, UMass Amherst is further committed to a program of affirmative action to eliminate or mitigate artificial barriers and to increase opportunities for the recruitment and advancement of qualified minorities, women, persons with disabilities, and covered veterans. It is the policy of the UMass Amherst to comply with the applicable federal and state statutes, rules, and regulations concerning equal opportunity and affirmative action.
Advertised: Sep 1 2022 Eastern Daylight Time