Privacy and Information Security Specialist

Privacy and Information Security Specialist
Office of the Chief Information Office - Technology Services at Illinois
University of Illinois at Urbana-Champaign

Technology Services at Illinois is the provider of campus-wide computing, networking, telephone, and instructional technology services supporting academic activities of faculty, staff, and students at the University of Illinois at Urbana-Champaign.

The University of Illinois at Urbana-Champaign is seeking a privacy and security professional who is self-motivated and has excellent interpersonal skills to serve as a Privacy and Information Security Specialist. This position is responsible for designing and facilitating technical and non-technical solutions related to sensitive data for a diverse set of customers across the University. 

This individual will interact with faculty, staff, researchers, IT professionals, and vendors to analyze business, research, and compliance needs and in conjunction with appropriate stakeholders create scalable, secure, and usable solutions that enables the University to further its mission.  For this role, experience providing excellent customer services and working in a complex environment with competing priorities is a must.  Prior experience working to secure one or more types of sensitive data (FERPA, PCI, PII, PHI/HIPAA) is needed to be successful in this role.

Primary Position Function: 

Responsible for collaboration with the University to identify and reduce privacy and information security risk exposure and in an as needed basis response to and recovery from privacy or security incident investigations.

Major Duties and Responsibilities:

  • Identify and analyze sensitive data and the environments in which they are processed, transmitted, or stored.
  • Execute the development and implementation of processes that support business and research needs across the University.
  • Apply security knowledge, skills, and abilities on assignments, projects and programs at the discretion of the Chief Privacy and Security Officer.
  • Design and advise on process, solutions, technical specifications, and implementation details to provide confidentiality, integrity, and availability of systems and process that involve sensitive data and/or mission critical systems.
  • Work with operational security staff to implement proactive detection, automation, and defenses into the University IT infrastructure and respond to security incidents.
  • Contribute to team discussions on formulating new or improving existing processes, policies, and standards.
  • Use discretion and maintain confidential information.
  • Review existing and planned practices, policies, and standards with University stakeholder to implement University policy and standards.
  • Set and manage customer expectations through partnership with the Technology Services Service Center.
  • Advocate for Technology Services clients in service planning and deployment across the organization.
  • Resolve customer satisfaction issues.
  • Understand the overall processes and procedures of the organization and make recommendations in the continual improvement of those processes and procedures, providing for management analysis and recommendations on continual improvement.
  • Maintain professional expertise by attending outside seminars/courses and thorough review of published literature.

Specific Duties and Responsibilities for Health Insurance Portability and Accountability Act (HIPAA) and Protected Health Information (PHI)

  • Consult with business and technical partners across campus regarding HIPAA & PHI privacy and security matters.
  • Analyze existing solutions and advise privacy and security operations team on monitoring, detection, and response for HIPAA & PHI related processes and systems.
  • Facilitate completion of vulnerability assessment and risk analyses of existing and planned HIPAA & PHI systems.
  • Advise and support University general security and HIPAA training programs.
  • Conduct partial and/or complete HIPAA & PHI privacy and security assessments and audits at the discretion of the Chief Privacy and Security Officer.

Organizational Chart

Vice Chancellor for Academic Affairs and Provost
Chief Information Officer
Chief Privacy and Security Officer
Senior IT Security Risk Analyst
Privacy and Information Security Specialist

Position Requirements and Qualifications

Required Education

Bachelor's degree.

Preferred Education

Bachelor’s degree in a relevant field, including Computer Science, Engineering, Information Technology, or other relevant field.

Required Experience

  • Experience authoring and presenting a wide range of formal and informal business and technical communications tailored to individual or plural organizational audiences.
  • Demonstrated ability in effective communication and collaborating in a high performance team environment.
  • Demonstrated commitment to customer service.
  • Experience participating in diverse workgroups.

Preferred Experience

  • Experience with healthcare regulatory matters.
  • One or more years of experience in an academic campus IT environment.
  • Experience working with or for a dedicated IT security office.
  • Experience working with IT Security Incident Response.
  • Experience evaluating vulnerability scans in a professional environment.

Knowledge Requirements

  • Applied knowledge in one or more of the following domains including but not limited to Data Security, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management.
  • Understand instructional design methodologies.

Preferred Knowledge Requirements

  • Experience and knowledge of HIPAA, HITECH, and related domestic privacy laws.
  • Familiarity working with a Security Event Management product.

Preferred Training

  • CISSP, HCISSP, CHP, CEA, CRISC, MCA, CCSA, CISA, GSEC or similar certifications highly desired.
  • Project Management certification a plus.

Appointment Status and Salary

This is a full-time, benefits eligible academic professional position appointed on a 12-month basis.  The University Benefits package includes but not limited to 24 vacation days, 12 sick days, insurance (health, dental, vision, life) and  SURS retirement.   For other University provided benefits, please go to: https://nessie.uihr.uillinois.edu.  Salary and position level are competitive and commensurate with qualifications and experience.  Applicants should have a current, valid legal authorization to work in the United States.  There will be no relocation costs included in this package. The start date will be as soon as possible after the close date.

To Apply

For full consideration, complete applications should be received by March 23, 2017.  Please create a candidate profile at https://jobs.illinois.edu and upload a combined package of materials in one file:

  1. Letter of application
  2. Resume
  3. Names/contact information of three professional references

The online application will require the names and contact information for three professional references.  Three letters of recommendation will be required for all Search Finalists.  For further information regarding application procedures, please contact Lori Oakes at techsvc-hr@mx.uillinois.edu or call (217) 333-4222.

The University of Illinois conducts criminal background checks on all job candidates upon acceptance of a contingent offer.

Illinois is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. Illinois welcomes individuals with diverse backgrounds, experiences, and ideas who embrace and value diversity and inclusivity. (www.inclusiveillinois.illinois.edu).