Harvard University Information Technology (HUIT) is a community of Information Technology professionals committed to understanding our users and devoted to making it easier for faculty, students, and staff to teach, research, learn, and work through the effective use of information technology. We are recruiting an IT workforce that has both breadth in their ability to collaborate and innovate across disciplines – and depth in specific areas of expertise. HUIT offers opportunities for IT professionals to learn and work in a unique technology landscape and service-focused environment. If you are a technically proficient, nimble, user-focused and accountable IT professional who also connects with the importance of collaborating well in a team environment we are looking for you!
The HUIT security organization (HUIT Security) is hiring an information security professional to be an Information Security Risk & Consulting Specialist on our Education & Consulting team. The Specialist will report to the Director of Education & Consulting and be a member of a small team devoted to helping community members select and apply reasonable information security controls to offset identified risks. The primary focus of this team is to consult with researchers, faculty, and departments about potential security risks and controls for the data, technology, and vendors they use within their projects and research protocols. The successful candidate will be a blend of trusted advisor, technologist, and risk assessor.
Principal Duties and Responsibilities:
Conduct Vendor Risk Assessments to identify security vulnerabilities (people, process, technology), quantify risks, and offer guidance on potential mitigations to business stakeholders
Review Research Data Security Plans for research projects involving high-risk data and consult with researchers on appropriate methods to collect, store, analyze, and share the data elements
Provide security and policy guidance to Institutional Review Boards
Interpret security policies and requirements into simple actions and behaviors that general members of the community can achieve
Become a facilitator for the Information Security Foundations course within Harvard's internal IT Academy
Establish a trusted risk advisor role with peers and stakeholders across the university
Collaborate with security operations, incident response, and architecture & engineering teams to strengthen security strategy and posture at Harvard
Stay up-to-date on industry trends, security risks, vulnerabilities, and best practices
Represent Information Security at university forums
Other duties as needed or required
Please note: Harvard University requires pre-employment reference and background screening.
Harvard University Information Technology is unable to provide work authorization and/or visa sponsorship.
This position has a 180-day orientation and review period.
Harvard offers an outstanding benefits package including:
Time Off: 3 - 4 weeks paid vacation, paid holiday break, 12 paid sick days, 11.5 paid holidays, and 3 paid personal days per year.
Medical/Dental/Vision: We offer a variety of excellent medical plans, dental & vision plans, all coverage begins as of your start date.
Retirement: University-funded retirement plan with full vesting after 3 years of service.
Tuition Assistance Program: Competitive tuition assistance program, $40 per class at the Harvard Extension School and discounted options through participating Harvard grad schools.
Transportation: Harvard offers a 50% discounted MBTA pass as well as additional options to assist employees in their daily commute.
Wellness options: Harvard offers programs and classes at little or no cost, including stress management, massages, nutrition, meditation and complimentary health services.
Harvard access to athletic facilities, libraries, campus events and many discounts throughout metro Boston.
Join Harvard University Information Technology (HUIT) to assure Harvard's leadership in IT!
More about HUIT:
Harvard University Information Technology (HUIT) is responsible for the strategy, planning, and delivery of information technology across the University.
To make it easier for students, faculty and staff to learn, research, teach, and work through the effective deployment and use of information technology.
Salary Grade: 058
Union: 00 - Non Union, Exempt or Temporary
Three or more years of progressive experience in information security and risk management, in a complex, decentralized IT environment
Situational application of risk management and security principles, including: threat actors and objectives, data access control, segregation of duties, change management controls, system hardening, vulnerability management, and incident response
Familiarity with various security and privacy regulatory requirements, including PCI DSS, HIPAA, FERPA, FISMA, and MA201CMR17
Experience in vendor SaaS security assessments and implementations
Ability to clearly articulate security risks for technical and nontechnical stakeholders
Strong interpersonal, presentation, and written communication skills
Desire to invite and integrate ideas and experiences from our broad community
Demonstrated ability to perform in a consultative role
Strong organization and time management to prioritize work against negotiated deadlines
Ability to initiate and develop strong partnerships across the organization
Experience in a decentralized, diverse, and mobile environment
Passion for on-going learning and experimentation
EQUAL OPPORTUNITY EMPLOYER: We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Harvard University is devoted to excellence in teaching, learning, and research, and to developing leaders in many disciplines who make a difference globally. The University, which is based in Cambridge and Boston, Massachusetts, has an enrollment of over 20,000 degree candidates, including undergraduate, graduate, and professional students. Harvard has more than 360,000 alumni around the world. T...he University has twelve degree-granting Schools in addition to the Radcliffe Institute for Advanced Study, offering a truly global education. Established in 1636, Harvard is the oldest institution of higher education in the United States.