Legal, Privacy, and Security Research:

• Utilizes legal databases to conduct comprehensive research on technology and information-related legal issues pertaining to privacy and data protection.
• Investigates technology, security, and privacy best practices and analyze their legal implications.
• Develops detailed memos and guidance documents to communicate legal, privacy, and security information to relevant parties within the USM.
• Monitors information, technology, privacy, and security news and legislation worldwide to proactively update university policies and procedures.
• Collaborates with the Office of the Attorney General (AG) on legal matters related to information security, privacy, and data protection.

Technology and Information Risk Review and Analysis:

• Reviews institutional risk assessment reports to identify technology and information-related risks.
• Assesses and reviews third-party security and privacy risks to ensure compliance with USM standards and regulations.
• Conducts research to develop comprehensive guidance on information and technology risk best practices.
• Provides expert analysis on risk-related matters to support decision-making processes.

USM Security and Privacy Program Assistance:

• Actively participates in meetings and support the activities of the USM Privacy Council and USM Security Council.
• Assists in coordinating the USM cybersecurity insurance program to ensure adequate coverage for security and privacy incidents.
• Provides guidance and support to institutions within the university system to develop and enhance their cybersecurity and privacy programs.
• Collaborates with the audit community to test the effectiveness of USM security and privacy programs.

MINIMUM QUALIFICATIONS:

Required Education Level/Certifications:

Bachelor's degree in Computer Science, Information Security, Law, or a related field.

Required Experience:

Demonstrable experience in information security, privacy, legal research, risk management, or a related field.

Required Knowledge/Skills/Abilities:

• In-depth knowledge of best practice information security and privacy operations.
• Familiarity with federal standards related to ITSEC and DP.
• Proficiency in evaluating technology solutions for ITSEC and DP, providing guidance to institutions to develop appropriate controls aligned with standards.
• Strong conflict management skills and ability to elicit collaborative input, facilitating consensus.
• Highly consultative, customer-oriented, and collaborative approach to identify and resolve issues.
• Adaptable and able to maintain momentum and effectiveness in ambiguous and fluid organizational structures.
• Excellent analytical and problem-solving skills with the ability to work independently and as part of a team.
• Excellent interpersonal skills, building relationships with multiple internal and external stakeholders.
• Exceptional communication capabilities, including delivering presentations and public speaking.
• Experience working collaboratively with legal professionals.
• Ability to provide legal interpretations of relevant regulations and laws.

PREFERRED QUALIFICATIONS:

Preferred Education Level/Certifications:

Master’s or Juris doctor degree.

Preferred Experience:

Experience in an academic or large organizational setting.

Preferred Knowledge/Skills/Abilities:

Familiarity with USM-specific standards related to ITSEC and DP.