Lead Risk Security Analyst

Responsible for assessing and managing cybersecurity risks across our University, ensuring the confidentiality, integrity, and availability of our information assets, and supporting our mission of academic excellence and innovation.

• Conducts comprehensive risk assessments of our information systems, applications, and infrastructure to identify potential cybersecurity threats and vulnerabilities.
• Develops risk mitigation strategies and action plans to address identified vulnerabilities and reduce the likelihood and impact of cyber incidents.
• Collaborates with stakeholders across the organization, including IT, academic departments, research units, and administrative offices, to understand their risk exposure and support their risk management efforts.
• Monitors and analyzes cybersecurity trends, threat intelligence, and regulatory developments to anticipate emerging risks and ensure our risk management practices remain effective and up-to-date.
• Evaluates third-party vendors and service providers for compliance with cybersecurity standards and contractual requirements, and assess the associated risks to our University.
• Develops and maintains risk management documentation, including risk registers, risk assessment reports, and risk treatment plans, to facilitate decision-making and accountability.
• Provides guidance and support to our stakeholders on cybersecurity risk management principles, methodologies, and best practices, fostering a culture of risk awareness and accountability.
• Collaborates with other IT Security team members.
• Collaborates with internal audit, compliance, and legal teams to support regulatory compliance efforts, respond to audit findings, and address legal and regulatory requirements related to cybersecurity.
• Performs essential duties during any emergencies, such as hurricanes, storms and/or any other University emergency closing. The employee is expected to be available to report to work as needed during University emergency closings with appropriate notification by department administrator.
• Participates in incident response activities, including incident detection, analysis, and coordination with relevant stakeholders, to minimize the impact of cybersecurity incidents.
• Contributes to the development and implementation of cybersecurity policies, procedures, and guidelines to promote consistency and effectiveness in our cybersecurity program.

Bachelor's degree in Computer Science, Information Technology or a related field with eight (8) years of experience in related field or equivalent combination of education and/or experience.

• Advanced degree or professional certifications (e.g., CRISC, CISA, CISSP) preferred.
• Proven experience in cybersecurity risk management, including risk assessment methodologies, risk analysis techniques, and risk mitigation strategies, preferably in a higher education or academic environment.
• Strong understanding of cybersecurity principles, frameworks, and standards, such as NIST Cybersecurity Framework and NIST800-171.
• Experience with risk assessment tools and technologies, data analysis and visualization techniques, to support risk analysis and decision-making.

Administrative

Begin time: 8:30 AM

End time: 5:00 PM

Expanded Background Check

• Ability to work evenings and weekends.
• Ability to work flexible hours as needed.
• Must be available 24/7 for possible emergency situations.

Prospective Employee

If you have not created a registered account, you will be asked to create a username and password for use of the system. It is recommended that you provide an active/valid e-mail account as that will be the main source of communication regarding your status within the process. In this account, you are able to track your applicant status in "My Applications".

To be considered eligible for the position as an internal candidate, departmental staff must meet minimum requirements of the position and be in good performance standing.

Before you begin the process, we recommend that you are prepared to attach electronic copies of your resume, cover letter or any other documents within the application process. It is recommended that you combine your cover letter and resume/curriculum vitae into one attachment. Attached documents should be in Microsoft Word or PDF format. All applicants are required to complete the online application including work history and educational details (if applicable), even when attaching a resume.

*This posting will close at 12:00 am of the close date.

Current Employee

As a current employee, you must log into Employee Self Service (ESS) to apply for this and any other internal career opportunity of interest. In this account, you are able to track your applicant status in "My Applications".

To be considered eligible for the position as an internal candidate, departmental staff must meet minimum requirements of the position and be in good performance standing.

Before you begin the process, we recommend that you are prepared to attach electronic copies of your resume/ curriculum vitae, cover letter or any other documents within the application process. It is recommended that you combine your cover letter and resume into one attachment. Attached documents should be in Microsoft Word or PDF format.

*This posting will close at 12:00 am of the close date.

Clery Notice

In compliance with the , the University Police department at Florida International University provides information on crimes statistics, crime prevention, law enforcement, crime reporting, and other related issues for the past three (3) calendar years. The FIU Annual Security report is available online at: .

To obtain a paper copy of the report, please visit the FIU Police Department located at 885 SW 109th Avenue, Miami, FL, 33199 (PG5 Market Station).

Pay Transparency

Florida International University will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

FIU is a State University System of Florida member, Equal Opportunity, Equal Access, and Affirmative Action Employer for individuals with disabilities and veterans. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability, or protected veteran status. For inquiries regarding nondiscrimination, contact FIU's Office of Civil Rights Compliance and Accessibility at or email .