Lead Cybersecurity GRC, DB/BC Analyst

Under general direction of supervisor, propose and implement solutions across the Cybersecurity GRC, DR/BC landscape by applying cybersecurity knowledge and using professional expertise. Experienced in or knowledgeable about a broad range of cybersecurity subject areas. Able to manage own work with general direction and priority setting. Able to switch between a range of tasks as need arises and exercise sound problem-solving skills. Able to develop and present information, ideas and instructions with minimal oversight. Able to exercise sound judgment within generally defined practices and processes with guidance in selecting methods, techniques, and evaluation criteria for obtaining results. Strong written and verbal communication skills.

Bachelor's degree and four years of experience in information technology/cybersecurity field.

Broad knowledge of several cybersecurity domains and specific knowledge about IT Contingency Planning (Disaster Recovery/Business Continuity / Incident Response)

Demonstrated experience working in managed project teams.

Strong organizational skills and attention to detail.

Effective oral and written communication skills.

Experience in higher education.

Project management skills.

Demonstrated ability to effectively coordinate multiple priorities in a dynamic environment.

Exceptional analytical and problem-solving skills.

Effective time management skills demonstrated by successful and timely completion of daily operational tasks.

Ability to work both independently and in a team-oriented, collaborative environment.

Ability to compose and present material to communicate difficult concepts.

Salary is complemented by a comprehensive benefits package which includes medical, dental, retirement, tuition, and paid time off.

The University of New Hampshire is an R1 Carnegie classification research institution providing comprehensive, high-quality undergraduate and graduate programs of distinction. UNH is located in Durham on a 188-acre campus, 60 miles north of Boston and 8 miles from the Atlantic coast and is convenient to New Hampshire's lakes and mountains. There is a student enrollment of 13,000 students, with a full-time faculty of over 600, offering 90 undergraduate and more than 70 graduate programs. The University actively promotes a dynamic learning environment in which qualified individuals of differing perspectives, life experiences, and cultural backgrounds pursue academic goals with mutual respect and shared inquiry.

The UNH Diversity Resource Guide with information and programming available in the seacoast area, New Hampshire, and the region can be found here: https://www.unh.edu/hr/diversity-resource-guide

Awareness & Training
Work with ET&S Service Lines as well as administrative, academic, and other business units to develop and deliver cybersecurity training programs, both generic and role-specific, computer-based and in-person. Administer the USNH Phishing Awareness Program, with guidance from Director, including designing and proposing phishing simulations, deploying, and measuring simulated phishing attacks, and tracking and reporting on Program metrics. Assist in the development of Incident Response training drill content and assist with the facilitation of Incident Response drills for USNH ET&S.

IT Contingency Planning
Assist with development and implementation of USNH IT Contingency Planning Program. Lead or assist with development of all program aspects including plan design, coordination with USNH and Institutional leadership, administrative, academic, and business units, and all USNH ET&S Service Lines, and plan testing strategy.

Cybersecurity Policies & Standards
Assist with the development and implementation of Cybersecurity Policies and Standards aligned with the NIST Cybersecurity Framework and leveraging the NIST 800-53 and 800-171 control sets. Coordination of ongoing review sessions with key stakeholders and overall Program monitoring to ensure all Policies & Standards are maintained appropriately. Coordinate Cybersecurity Policy & Standard Exception Program.

Risk Management
Assist with implementation of USNH Cybersecurity Risk Management Program. Assist with development of all program components. Coordination of Risk Assessment scheduling with appropriate administrative, academic, and business units and ET&S Service Lines. Participate in performing risk assessments and risk analysis. Assist in management of the Risk Register.

Security Assessment & Review
Participate in and assist with existing Security Assessment & Review programs and processes. Assist in design, development, and implementation of new Security Assessment & Review programs and processes.

Cybersecurity Metrics
Assist in the development of a Cybersecurity Metrics Program. Handle tasks related to metrics collection and reporting, as needed, to implement the program for all of Cybersecurity & Networking.

Regulated Data
Assist with the development of information handling standards and procedures for all regulated information in use across USNH. Build relationships with regulated data subject matter experts at each institution. Assist with other tasks related to safeguarding regulated data across USNH as needed.

Other duties as assigned.