Information Security Analyst - Compliance (Operating Systems Analyst) (506069)

  • San Diego State University
  • San Diego, California
  • Oct 23, 2021
Full Time Administrative Analysis and Research Information Technology and Communication Services Regulatory and Licensing

Job Description


Position Summary

The mission of the Information Technology Division is to develop the long-term infrastructure, services, and strategy necessary to support the University's mission of learning, discovery, and engagement. The IT Division has the stewardship responsibility for core IT assets on campus and the obligation to provide the services, training, and community building necessary to realize the benefits of those investments across the San Diego State University community.

Information Technology Security Office (ITSO), is part of the Information Technology Division (ITD) reporting to the SDSU Chief Information Officer (CIO). ITSO is responsible for coordinating efforts and providing services to protect SDSU information assets. ITSO is committed to engaging the SDSU community to establish an appropriate information security governance structure and establish security controls that enable collaboration and support for the University's strategic plan.

Under minimal supervision, the Security Analyst Risk and Compliance are responsible for reviewing and evaluating information security compliance issues and concerns within the California State University system. The Risk and Compliance Analyst joins a small team dedicated to supporting SDSU risk posture and security efforts. This will include leading a number of compliance activities related to Controlled Unclassified Information, PCI, HIPAA and ensuring that the University is in compliance with the information security rules and regulations of regulatory agencies and that University practices meet the standards set by the University in relation to state and federal compliance issues. The incumbent will perform gap analyses and risk assessments for a number of systems, programs, and vendors and work with system and service owners on bringing them into compliance required policies This position requires expert knowledge of security engineering and the ability to design compensation controls and to act as trusted counsel to staff and faculty on most domains of security.

Under the direction of the Information Security Officer, the Information Security Analyst Risk and Compliance ensures that all information security-related regulations are properly documented and implemented, and works collaboratively with technical and non-technical members of the University community to provide assistance to the implementation of compliance requirements.

For more information regarding the Information Technology Division, click here.

This is a full-time (1.0 time-base) benefits-eligible, permanent (probationary) position. This position is designated exempt under FLSA and is not eligible for overtime compensation. Standard SDSU work hours are Monday - Friday, 8:00 a.m. to 4:30 p.m., but may vary based on operational needs.

The individual hired into this role will work on-campus at SDSU in San Diego.

Education and Experience

To enter this classification, a basic foundation of knowledge and skills in operating systems programs, maintenance, and systems administration features is a prerequisite. This foundation would normally be obtained through a bachelor's degree, preferably in computer science, mathematics, or a related technical field, or equivalent technical training and/or experience. Foundation knowledge and skills for the Operating Systems Analyst include a working knowledge of the assigned computer operating systems, systems analysis, and systems-level programming.

Preferred Qualifications

  • At least one industry certification (e.g. CISA, CRISC, CISSP) is highly desired.

  • Experience with a compliance framework such as ISO 27K, HIPAA, PCI, or NIST 800-171.

  • Exceptional verbal and written communications and consultative customer service skills. This includes, but is not limited to: the ability to communicate effectively with people at varying levels of technical fluency - including the ability to explain complex technical issues in a way that non-technical people may understand; the ability to establish collaborative working relationships at all contact levels of the University; and the ability to effectively communicate progress/challenges to appropriate personnel.

  • Knowledge of IT governance and operations.

  • In-depth knowledge of computer hardware, software, and network security issues and approaches.

  • Demonstrated skill at administering complex security controls and configurations to computer hardware, software, and networks. Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, etc.

  • Experience reviewing and monitoring third-party vendor contracts for appropriate data security/privacy considerations preferred.

  • Ability to maintain security documentation and manuals.

  • The ability to organize and manage efficiently is preferred.

  • Experience in project management is preferred. Experience in a university setting is preferred.

Compensation and Benefits

Salary placement is determined by the education, experience, and qualifications the candidate brings to the position, internal equity, and the hiring department's fiscal resources. Starting salary upon appointment is not expected to exceed $9,500 per month.

San Diego State University offers a rich benefits package that constitutes a major portion of total compensation. For more information regarding SDSU benefits, please click here.

CSU Classification Salary Range: $6,249 - $12,100 per month.

SDSU COVID-19 Vaccine Policy

In accordance with the California State University systemwide policy, students, faculty, and staff must be fully vaccinated against COVID-19 or provide a valid medical or religious exemption in order to access campus. An individual is considered fully vaccinated two weeks after their second dose of a two-shot vaccine or two weeks after the first dose of a single-shot vaccine.

The individual hired into this role will be required to submit their completed vaccination documentation to the university's secure online health portal prior to beginning work. Individuals with an approved medical or religious exemption on file with the university will be required to participate in SDSU's COVID-19 testing program.

Supplemental Information

Initial review of the required application materials, including cover letters and resumes, will begin on November 5, 2021. To receive full consideration, apply by November 4, 2021. The position will remain open until filled.

The person holding this position is considered a 'mandated reporter' under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment.

San Diego State University is not a sponsoring agency for staff or management positions (e.g., H-1B visa). Applicants must currently be authorized to work in the United States on a full-time basis. Offers of employment are contingent upon the presentation of documents that demonstrate a person's identity and authorization to work in the United States, which are consistent with the provisions of the Immigration Reform and Control Act.

A background check (including a criminal records check) must be completed satisfactorily before any candidate can be offered a position with the CSU. Failure to satisfactorily complete the background check may affect the application status of applicants or the continued employment of current CSU employees who apply for the position.

SDSU is a smoke-free campus. For more information, please click here.

SDSU is an equal opportunity employer and does not discriminate against persons on the basis of race, religion, national origin, sexual orientation, gender, gender identity and expression, marital status, age, disability, pregnancy, medical condition, or covered veteran status.

Applicants with disabilities and applicants who require assistance completing an application may contact Noemi Bravo-Rojas at

Closing Date/Time: Open until filled

Job Address

San Diego, California 92182 United States View Map