Search for University Jobs in Staff & Non-Managerial Professionals

Job ID: 223620

Policy and Compliance Analyst
University at Buffalo, The State University of New York

Date Posted Oct. 16, 2023
Title Policy and Compliance Analyst
University University at Buffalo, The State University of New York
Buffalo, NY, United States
Department Security
Application Deadline Open until filled
Position Start Date Available immediately
  • Professional Staff
  • Information Technology

Position Summary

As the Policy and Compliance Analyst you will be responsible for ensuring that the University at Buffalo’s information security policies, procedures, and practices comply with all relevant laws, regulations, and standards. The incumbent will work closely with the University’s information technology (IT) and business departments to develop and maintain a comprehensive information security compliance program.

Key Responsibilities Include:
    • Develop and maintain an information security compliance program that aligns with the University’s strategic objectives and industry best practices.
    • Develop and Ensure that the University’s information security policies and procedures comply with all applicable laws, regulations, and standards, such as FERPAHIPAAGLBA, and PCI DSS.
    • Work with IT and business departments to identify and assess information security risks, and develop and implement risk mitigation strategies.
    • Conduct periodic security assessments and audits to ensure that the University’s information security controls are effective and are being followed.
    • Develop and deliver training and awareness programs to educate University faculty, staff, and students on information security best practices.
    • Collaborate with IT and business departments to ensure that security controls are integrated into system development life cycle (SDLC) processes.
    • Serve as a subject matter expert on information security compliance matters, and provide guidance and advice to University leadership and staff as needed.
    • Maintain up-to-date knowledge of information security compliance laws, regulations, and standards, and keep the University’s information security compliance program current.


About UBIT:
It is a great time to join UB Information Technology (UBIT)! Our staff are highly skilled and motivated to succeed and have cutting-edge training and technical resources at their disposal. For more information about UBIT visit our website. All the duties & responsibilities listed above continue to occur in a 24×7 environment, therefore, working extended hours, holidays, or varied hours may be required.

Outstanding Benefits:
In addition to professional growth opportunities, UBIT staff have access to benefits that exceed salary alone. There are personal rewards including comprehensive health and retirement plan options. We also focus on creating and sustaining a healthy mix of work, personal, and academic to support your work-life effectiveness. Visit our benefits website to learn about our benefit packages.

About The University at Buffalo:
The University at Buffalo (UB) #ubuffalo is one of America’s leading public research universities and a flagship of the State University of New York system, recognized for our excellence and our impact. UB is a premier, research-intensive public university dedicated to academic excellence. Our research, creative activity and people positively impact the world. Like the city we call home, UB is distinguished by a culture of resilient optimism, resourceful thinking and pragmatic dreaming that enables us to reach others every day. Visit our website to learn more about the University at Buffalo.

University at Buffalo is an affirmative action/equal opportunity employer and, in keeping with our commitment, welcomes all to apply including veterans and individuals with disabilities.

Minimum Qualifications

  • Bachelor’s degree in information security, computer science, or a related field and 3 years of experience in information security compliance, risk management, or related field OR a master’s degree in these related fields with 1 year of experience; Equivalent combination of education and experience will be considered.
  • Knowledge of laws, regulations, and standards related to information security compliance, such as FERPAHIPAAGLBA, and PCI DSS
  • Strong project management skills, with the ability to manage multiple projects and priorities simultaneously
  • Ability to work independently and as part of a team

Preferred Qualifications

  • Familiarity with industry best practices for information security compliance, such as ISO 27001 and NIST Cybersecurity Framework
  • Strong analytical and problem-solving skills, with the ability to identify and mitigate information security risks
  • Excellent communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical audiences

Please reference in your cover letter when
applying for or inquiring about this job announcement.

Contact Information

Please see the job description for contact details
pertaining to this university job announcement.


Refer this job to a friend or colleague!

New Search | Previous

RSS for the latest higher education jobs
Atom for the latest higher education jobs
Need a Sabbatical Home?