UNITED NEGRO COLLEGE FUND

Compensation

Full Description

Job Title:                   Senior IT Security Analyst Department:              Enterprise Technology Reports To:               Senior Director, Cybersecurity FLSA Status:             Exempt                          JOB DESCRIPTION  The Senior IT Security Analyst will be responsible for driving the development and adoption of Governance, Risk, and Compliance (GRC) frameworks. This position plays a critical role in advancing UNCF’s operating environment to ensure the confidentiality, integrity, and availability of its digital platforms, systems and services. ABOUT UNCF   The United Negro College Fund (UNCF) has been an engine of educational achievement for more than 80 years. UNCF’s mission is to build a robust and nationally recognized pipeline of HBCU students who, because of UNCF support, become highly qualified college graduates. In addition, UNCF ensures that its member institutions remain respected models of best practices in moving students to and through college. Since its inception in 1944, UNCF has raised over $6 billion in private support, distributed scholarships to help students attend school, and enabled more than 500,000 scholars and low-income students to graduate from UNCF’s member historically black colleges and universities (HBCUs) and launch professional careers. UNCF is committed to closing the educational attainment gap by increasing postsecondary access and success for student groups, particularly low-income and first-generation students. PRIMARY RESPONSIBILITIES AND DUTIES:  GRC Framework Development and Implementation: * Develop, implement, and maintain GRC frameworks to ensure compliance with industry standards and regulations. * Collaborate with various departments to integrate GRC practices into business processes. * Assist in proposing, coordinating, implementing, and enforcing information system security policies, standards, and methodologies. NIST Standards and Controls: * Ensure the organization’s compliance with NIST standards and controls. * Conduct regular assessments and audits to identify gaps and areas for improvement. * Develop and implement corrective action plans to address identified deficiencies. Enterprise Risk Management Plan (ERMP): * Lead the development and continuous improvement of the ERMP. * Identify, assess, and prioritize risks to the organization. * Develop risk mitigation strategies and monitor their effectiveness. Security Awareness Training: * Design and deliver security awareness training programs for employees. * Monitor and report on the effectiveness of training programs. * Stay updated on the latest security threats and trends to ensure training content is current and relevant. Monitoring and Reporting: * Develop and implement monitoring and reporting mechanisms to track compliance and risk management activities. * Prepare regular reports for senior management and the board of directors. * Ensure timely and accurate reporting of compliance and risk management metrics. Collaboration and Communication: * Work closely with IT, legal, and other departments to ensure a cohesive approach to GRC and NIST compliance. * Communicate effectively with stakeholders at all levels of the organization.   SUPERVISORY RESPONSIBILITIES No supervisory responsibilities.   QUALIFICATIONS:    EDUCATION AND EXPERIENCE  * Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. * Familiarity with other compliance standards and regulations (e.g., ISO 27001, GDPR, PCI, FERPA). * Minimum of 7 years of experience in GRC, NIST compliance, or a related role. * Strong knowledge of GRC frameworks and NIST standards. * Experience with risk management and security awareness training. * Excellent communication and people skills. * Strong analytical and problem-solving abilities. * Relevant certifications (e.g., Security+, CISSP, CISM, CRISC) are a plus. * Experience with Governance, Risk, and Compliance (GRC) tools such as ServiceNow, ControlMap, AuditBoard, Vanta or similar preferred.   OTHER SKILLS AND ABILITIES    * Strong leadership and team management skills. * Excellent written and verbal communication skills and are able to explain technical concepts to non-technical stakeholders. * Ability to work collaboratively with cross-functional teams. * Excellent problem-solving abilities with a focus on reducing security risks. * Ability to work independently and as part of a team    ADDITIONAL INFORMATION   Benefits include: Medical, Dental & Vision Vacation, Sick & Personal Leave  Life Insurance (Basic & Optional) Flex Spending Accounts 403(b) Retirement Account Holiday Savings Plan Annual Success Sharing   Salary Range: $110,000.00 To $125,000.00 per year (Salary is commensurate with experience.) This is a hybrid role: 4 days on-site and 1-day remote per week, located in UNCF’s Washington DC Headquarters building.     Background checks required. UNCF is EOE M/F/D/V