Security Risk Compliance Analyst
Job ID: R0030695 | IT Support | Full Time | Charlottesville, VA

UVA Information Technology Services (ITS) is seeking an Information Security Risk Compliance Analyst to join the IT Compliance Team. Reporting to the Director of Information Security Compliance, the Analyst will perform security and compliance reviews of IT solutions used to access UVA data. The Analyst will perform security reviews of system architectures and serve as a technical resource for UVA business units implementing or procuring solutions that touch sensitive data and/or IT resources across the university. The ideal candidate will be highly detail-oriented and self-driven, with a fundamental working technical knowledge of server and endpoint management, both on prem and in a cloud computing environment. The successful Analyst will be solutions-oriented and leverage interpersonal skills to build numerous professional relationships and develop an intimate knowledge of secure technical solutions that will support the business processes and missions of numerous UVA departments, schools, and UAOs.

ITS at UVA is a phenomenal place to lead, grow, and deliver impact. It's an organization that values results and teamwork. We like the people we work with and the work we get to do. We strive to create a welcoming and supportive workplace where everyone feels empowered to be their authentic selves and share ideas. We embrace a commitment to diversity, equity, and inclusion. ITS values work-life balance and provides flexible work location options where possible. Please see additional information about joining our team.


What you will do:

  • Communicate effectively both in writing and verbally with both non-technical managers and front-line technical support providers to pursue compliant IT solutions.
  • Review system architectural diagrams for compliance with UVA policy, standards, and procedures and for consistency with cybersecurity industry best practices and/or recommended security frameworks.
  • Work independently and with larger teams to manage complex projects from start to finish.
  • Operate in a highly technical environment to provide security compliance analysis effectively and efficiently to various schools and units across the academic division.
  • Provide risk assessments based on legal and regulatory requirements often with limited resources and against tight timelines.
  • Provide advanced, strategic support mitigating the risks and vulnerabilities for the Institute in compliance with state and federal laws, regulatory compliance requirements, and the University policies and procedures.
  • Review system-related information security plans and IT Risk Management results to provide departments recommendations to align better with the University security, privacy practices, and legal and industry regulations.
  • Maintain current working knowledge of relevant technologies as assigned.



Required Qualifications:

  • High School Diploma and at least 3 years of experience with management of endpoints and/or servers
  • Highly detail-oriented and self-driven
  • Solutions-oriented with the ability to leverage interpersonal skills to build numerous professional relationships


Preferred Qualifications:

  • Bachelor's degree
  • One or more relevant technology certifications including: CISSP, CCSP, CISM, CISA, CRISC, AWS/Azure solutions-oriented certifications



Benefits Include:
The choice between 3 different health plans; vision and dental insurance; life insurance; benefits savings accounts; starting with 22 days of paid time off a year in addition to 12 or more paid holidays; 8 weeks of paid parental leave; short term disability; up to $4,360 after your first year for combined use of tuition toward a degree-seeking program or up to $2,000 for professional development including classes, certification training and conferences; and more!


The selected applicant will be required to complete a background check prior to their first day of employment per university policy.

COVID Vaccination Requirement

Due to the scope of President Biden's Executive Order 14042 issued in early September, all University employees, including remote employees, must receive their final vaccination dose by January 4, 2022, unless they have a University-approved religious or medical exemption. The University has updated policy SEC-045 to reflect these new requirements.

If hired by the Academic Division, excluding School of Medicine, School of Nursing, UVA Physicians Group, and the Health Systems Library, you will be required to provide proof of vaccination or be willing to be vaccinated by January 4, 2022. Academic employees may apply for a University-approved medical or religious exemption.

Note: Some medical and safety-sensitive positions require vaccination and are not eligible for an exemption. For more information on how vaccination requirements will apply to you, please visit the UVA New Hire Vaccination Requirements webpage.


Charlottesville, VA
Charlottesville, VA 22903

Working here.

Careers at the University of Virginia reflect a wide breadth of professions, ranging from teaching to administration, IT professionals to financial analysis, research to grounds management, and talent recruiting to facilities management, among many others. Every person here — faculty, staff, student, healthcare professional — helps to advance our world-class institution, encompassing a larger mission of discovery and service.

Quality of Life

Charlottesville, Virginia is one of the nation’s most charming and picturesque places to live and work. Our area boasts many excellent restaurants, wineries and craft breweries; historic sites; Shenandoah National Park and Skyline Drive; and a great selection of homes in welcoming neighborhoods, as well as urban and rural locations. Public transportation is excellent, and you’re just a short drive from the beach or Washington, D.C.