Senior Information Security Analyst

The University of Pittsburgh’s Information Technology (Pitt IT) department is seeking a qualified Senior Security Analyst. This is a technical and analytical position with Pitt IT’s Security team requiring significant knowledge of and hands-on-experience in Governance, Risk & Compliance (GRC), including risk management, regulatory compliance, security assessments, and user guidance. The Senior Security Analyst will be responsible for understanding and assessing security, confidentiality/privacy, and operational risks related to internal systems, cloud solutions, and third-party providers’ products and services. Assessments and controls include those relevant to laws, regulations, and industry security standards, including NIST 800-171, HIPAA, PCI, FERPA, and GLBA. Security awareness and training activities will also be a component of this position. This position requires the candidate to possess project management and leadership experience, excellent troubleshooting skills, strong communication and organizational skills, and customer service commitment. Like all Security team personnel, this position is required to be available to respond to emergency security incidents on a 24/7/365 basis.


A combination of education, experience, and industry certifications will be considered in lieu of education. The candidate must be a recognized technical expert in information security, compliance, and risk management. CISSP or other similar IT security certifications required.