Job Family
Information Technology
Regular/Temporary
Regular
Employee Class
Acad Prof and Admin
About the Job
Please note that this position is not eligible for H-1B or Green Card sponsorship. This position does not offer a STEM OPT training program.
The University of Minnesota is committed to fostering local talent through employment opportunities.
While this position utilizes a hybrid work modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border OR otherwise open to relocation.
Position Overview: The University of Minnesota's University Information Security seeks an Information Security Risk Analyst who will improve the information security of the University through information security risk assessments, security standards development, and exception management.
The Information Security Risk Analyst will assess the information security posture of collegiate and administrative units by conducting information security risk assessments, including analyzing security controls and processes, interviewing subject matter experts, and helping to shape a risk-based approach to security across the entire University system.
Why Join Our Team? As a Risk Analyst at the University of Minnesota, you won't just be checking boxes on a spreadsheet. You will act as a trusted consultant across a massive ecosystem - ranging from cutting-edge research labs and medical clinics to athletics and student services. Your work directly protects the privacy of our 50,000+ students and safeguards groundbreaking academic research.
Job Responsibilities: Security Analysis - 80%
- Conduct information security assessments utilizing ISO 27001 / 27002, NIST 800-171 or other appropriate information security control structures; develop risk remediation plans, and facilitate risk remediation efforts.
- Facilitate the information security risk management program by identifying areas most in need of risk assessment, coordinating risk assessments with other information security risk analysts, and consulting with information security architects.
- Monitor and advise on information security needs for systems and processes at the University of Minnesota to ensure the information security controls for the campuses are consistent and appropriate.
- Consult with administrative and collegiate units to address policy and process-related information security risks identified through the information security risk and exception management programs.
- Collaborate with stakeholders by translating complex technical vulnerabilities and control deficiencies into clear, business-risk language for non-technical academic and administrative leaders.
- Assist with development and maintenance of information security policies, standards, guidelines and procedures, based on industry best practices and compliance requirements.
- Maintain a strong working knowledge of regulatory frameworks impacting higher education, including GLBA, PCI and FERPA while building knowledge of applicable security standards (SANS, OWASP, NIST).
Procedural Support - 20%
- Facilitate the exception management process by tracking exceptions to information security policies and standards, evaluating associated risks by working with the other information security staff, and coordinating communication with the risk owner.
- Assist with information security reviews of vendors and suppliers.
- We Offer:
- University paid contribution (10% of your salary) to your retirement account - vested immediately.
- 22 paid vacation days per year, in addition to sick leave and 11 paid holidays.
- Reduced tuition opportunities covering 75% - 100% of eligible tuition.
- Excellent and affordable health care benefits.
- Wellness program with opportunity to earn lower health care rates.
- Free disability insurance.
- Annual merit increase program.
Qualifications
Required Qualifications:
- Bachelor's degree in a related field and 2 years of relevant work experience or a Master's degree.
- 1 year experience in information security risk assessment, audit, quality assurance,or similar.
- Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Preferred Qualifications:
- Relevant work experience in a technical role, such as enterprise system management, or working within an IT-role in higher education
- Knowledge of information security standards (e.g., ISO 27001/27002, NIST 800-171.), rules and regulations related to information security and data confidentiality (e.g., FERPA, GLBA, PCI DSS, HIPAA)
- CISSP, CISA, or other security certifications are desirable.
- Strong capability to analyze complex, ambiguous situations and synthesize conflicting information into clear, data-driven risk recommendations.
- Demonstrated ability to look beyond surface-level technical symptoms to identify underlying root causes of systemic risk.
Pay and Benefits
Pay Range: $85,000 - $95,000; depending on education/qualifications/experience Time Appointment: 100% Appointment Position Type: Faculty and P&A Staff Please visit the Office of Human Resources website for more information regarding benefit eligibility. The University offers a comprehensive benefits package that includes:
- Competitive wages, paid holidays, and generous time off
- Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program
- Low-cost medical, dental, and pharmacy plans
- Healthcare and dependent care flexible spending accounts
- University HSA contributions
- Disability and employer-paid life insurance
- Employee wellbeing program
- Excellent retirement plans with employer contribution
- Public Service Loan Forgiveness (PSLF) opportunity
- Financial counseling services
- Employee Assistance Program with eight sessions of counseling at no cost
- Employee Transit Pass with free or reduced rates in the Twin Cities metro area
While our salary ranges provide a framework, it is important to note that most of the time, the initial pay may not reach the maximum of the range. This approach ensures that compensation reflects the value and unique contributions of each candidate while maintaining equity within our organization. As part of our commitment to fair and equitable compensation, please be aware that the salary offered to incoming candidates will be based on their individual credentials and experience.
How To Apply
Applications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will have the opportunity to complete an online application for the position and attach a cover letter and resume or CV. Required Application Materials:
This position will remain open until filled. To request an accommodation during the application process, please e-mail employ@umn.edu or call (612) 624-8647.
Diversity
The University recognizes and values the importance of diversity and inclusion in enriching the employment experience of its employees and in supporting the academic mission. The University is committed to attracting and retaining employees with varying identities and backgrounds. The University of Minnesota provides equal access to and opportunity in its programs, facilities, and employment without regard to race, color, creed, religion, national origin, gender, age, marital status, disability, public assistance status, veteran status, sexual orientation, gender identity, or gender expression. To learn more about diversity at the U: http://diversity.umn.edu
Employment Requirements
Any offer of employment is contingent upon the successful completion of a background check. Our presumption is that prospective employees are eligible to work here. Criminal convictions do not automatically disqualify finalists from employment.
About University of Minnesota
The University of Minnesota, Twin Cities (UMTC) The University of Minnesota, Twin Cities (UMTC), is among the largest public research universities in the country, offering undergraduate, graduate, and professional students a multitude of opportunities for study and research. Located at the heart of one of the nation's most vibrant, diverse metropolitan communities, students on the campuses in Minneapolis and St. Paul benefit from extensive partnerships with world-renowned health centers, international corporations, government agencies, and arts, nonprofit, and public service organizations. At the University of Minnesota, we are proud to be recognized by Forbes as a Best Employer for Company Culture (2026), Best Employer for Women (2023), and Best Employer by State (2022-2026). In 2026, we also received Culture Excellence & Industry Awards recognition for employee appreciation and work-life flexibility.
|