DATA BREACH & INCIDENT ANALYST, SENIOR, or LEAD
The Technology Services Privacy and Security Office has an opening for a Privacy Data Breach and Incident Analyst at the Analyst, Senior, or Lead level. This position provides consultative and direct support regarding the privacy components of a data incident and/or breach in a privacy-principled manner. We are looking for candidates with high privacy awareness, experience and interest, technical competency, strong collaboration skills, and an interest in learning and a willingness to partner within and across the organization to support, grow, and create a culture of privacy at Illinois. If you have a passion for privacy, consider applying to this exciting role on a growing and maturing team.
Why Work at Technology Services? Highlights of Employee Benefits (PDF)
The Data Breach and Incident Analyst, Senior, or Lead will have a comprehensive understanding of privacy laws and regulations, privacy and data security controls and compliance obligations, especially areas of breach notification obligations, risk assessment, and incident response and handling. The role will primarily be responsible to assure the University applies consistent practices to notify individuals in scenarios where information has been breached in accordance with the law.
This position, along with the Privacy Manager of Operations will advise University leadership and /or appropriate data and incident/breach governance teams of the recommendations and potential reporting obligations based on circumstances and scenarios. The role will manage and update the policies and procedures related to breach reporting, notification, risk assessment of incidents and the definition of a breach as well as the circumstances under which notification is warranted in compliance with the law.
The Senior and Lead Analysts will identify breach and incident patterns and lead other analysts through breach and incident responses. The Lead Analyst will be responsible for keeping the office as well as University community current and aware of changes to breach practices and obligations in partnership with other offices. The lead will mentor other analysts and provide training, awareness, and development opportunities as available on breach, incident, and privacy related matters.
DUTIES & RESPONSIBILITIES
Data Breach & Incident Response Analyst
- Builds collaborative relationships with University stakeholders ahead of breach and data security/privacy incidents.
- Builds and leads incident and breach governance, policy, procedures, and handling, and co-manages Incident Response playbook.
- Supports the Manager, Privacy Operations, and University leadership in identifying likely breach notification obligations and executes operational practices and procedures to reduce them.
- Supports and drafts breach notification letters, establishes call center(s), and assures the University creates meaningful notification to affected individuals in the event of a data incident/breach requiring notification.
- Acts as liaison to the Privacy and Security Incident Response team and works closely to provide timely identification, notice and response in alignment with obligations to various notification practices and law.
- Understands existing sources of data used by the university, data classifications, appropriate controls, and can evaluate incidents in partnership with the incident response team in alignment with those scenarios and regulatory obligations.
- In partnership with University counsel, evaluates and coordinates all phases of a potential breach scenario and / or notification process.
- Advises University leadership on potential obligations and best practices, along with the ethical, moral, privacy-principled approach to notification of possible or likely data breach scenarios.
- With the Privacy Operations Manager and / or Director, identifies capabilities and improvements to the incident and breach reporting processes and advocates for the appropriate resources and capabilities to exist across the University to enable timely and accurate breach response on behalf of units.
- Establishes and matures recommended process improvements or actions departments, units must take following a data security incident or breach and creates processes to recommend and apply consistent measures to continually improve data and system security and privacy.
- Keeps relevant business leaders and units informed on evolving breach practices.
- Participates with colleagues and other units to maintain a breadth of knowledge of privacy analysis, privacy design and engineering, data security and privacy capabilities, tools, processes, controls, and technologies to stay well informed of upstream and downstream privacy and identifiable data issues and needs.
- Serves as a point of contact with Public Affairs, FOIA, and other offices related to incident and breach response, in coordination with PrivSec leadership.
- In partnership with the Privacy Program team and Privacy, Security, Identity and Digital Risk leaders, recommends and contributes to incident and breach training, education, and awareness programs for students, faculty, and staff.
- Contributes to data security and privacy best practices, new technologies, privacy complaints, and methods to reduce potential institution wide risks.
- Recommends improvements to incident & especially breach response plans in the event of an unauthorized disclosure of personal information as well as compliance plans.
- Manages and coordinates with Incident Response regarding formal administrative process for university privacy breaches or incidents. Leads data breach analyst(s) and translates findings into process and / or training programs to proactively reduce future events based on findings.
Projects, Program & Governance
- In partnership with Privacy and Security leadership, works with incident and breach teams and counsel to improve playbooks, processes and capabilities for incident and breach management.
- Coordinates and facilitates University's Data, Privacy, Security, and Identity Governance activities
Additional Responsibilities - Senior Data Breach & Incident Analyst
- Manages intake improvement projects.
- Oversees the advocacy for and improvement of processes and capabilities related to incident reporting and management.
- Participates with Privacy and Security analysts, TechServices colleagues on unit, university, or external committees.
- Networks with university and industry partners.
Additional Responsibilities - Lead Data Breach & Incident Analyst
- Leads and provides supervisory and secondary review for incident and breach governance, policy, procedures, and handling, and co-manages Incident Response playbook.
- Provides direct support to the Lead, Breach Analyst and Manager, Privacy Operations, and University leadership in identifying likely breach notification obligations and recommends updates to operational practices and procedures to reduce them.
- Reviews draft breach notification letters, establishes call center(s), and assures the University creates meaningful notification to affected individuals in the event of a data incident/breach requiring notification.
- Liaise and guide Breach analysts and Privacy and Security Incident Response team and works closely to provide timely identification, notice and response in alignment with obligations to various notification practices and law.
- With data breach analyst(s), translates findings into recommended process improvements and / or training programs to proactively reduce future events based on findings.
- Identifies possible new tools, services, and capabilities to support improved playbooks, processes and capabilities for incident and breach management.
- Advocates for appropriate resources, staff, and funds to support obligations around breach response services, call center services, and plans and prepares appropriate capabilities to rapidly and readily scale support for large incident/breach response needs.
- Selects and recommends "retainer" services necessary for University to rapidly meet capacity for large scale incident/breach response. Partners with breach teams, public affairs, counsel, to select and identify resources.
- Leads and participates in disaster and continuity plans and tabletop tests aligned with possible continuity loss or breach of data.
REQUIRED QUALIFICATIONS Analyst
- Provides direct support to the Manager, Privacy Operations, and University leadership in identifying likely breach notification obligations and approves updates to operational practices and procedures to reduce them.
- With the manager, leads incident and breach governance, policy, procedures, and handling, and co-manages Incident Response playbook.
- Develops policy and practices related to data handling practices to reduce likelihood and impact of breach related matters.
- Identifies clear patterns where breaches commonly occur in the environment and develops training and awareness efforts to educate and reduce the risk profile related to data incidents and breaches.
- Develops and implements incident intake improvement projects, in coordination with multiple units.
- Leads breach prevention, remediation, and education efforts and committees, under the direction of the manger, with Privacy and Security analysts, TechServices colleagues on unit, university, or external committees.
- Bachelor's Degree.
- One year* of experience in supporting an incident or breach response team, analysis of data privacy, project management, policy administration, compliance, auditing/assessment, data governance, information technology or a closely related field. (*A Master's Degree in a related field may be substituted for one year of work experience.)
- Bachelor's Degree
- Two years* of experience in leading an incident or breach response teams, analysis of data privacy, project management, policy administration, compliance, auditing/assessment, data governance, information technology or a closely related field. (*A Master's Degree in a related field may be substituted for one year of work experience.)
- Bachelor's Degree.
- Two years* of experience in leading an incident or breach response team, analysis of data privacy, project management, policy administration, compliance, auditing/assessment, data governance, information technology or a closely related field. (*A Master's Degree in a related field may be substituted for one year of work experience.)
- Demonstrated experience in employee training, supervision, project leadership, or peer coaching.
KNOWLEDGE, SKILLS, & ABILITIES
- Experience working two or more years in incident response and / or breach reporting discipline or field.
- Certified Information Privacy Professional (CIPP) or Certified Information Privacy Professional/Information Technology (CIPP/IT)
- Knowledge and understanding of privacy and security regulations and best practices, including federal, state, international laws, policies, and standards.
- Proven record of identifying the need for, developing, and enforcing realistic compliance methods from a risk/benefit analysis standpoint.
- Demonstrated ability to carry out extremely complex initiatives requiring expert knowledge of key business principles and practices.
- Extensive background and participation in collaborative leadership activities in a higher education (or similar) environment with demonstrated results of appropriate and effective business strategies and goals being reached.
- Demonstrated leadership and management skills.
- Demonstrated knowledge and skills in program and project management and analysis, negotiation, and conflict resolution.
- Demonstrated strong effective communication ability in presentation and advanced writing skills including reflecting sensitivity to tone, audience, and organizational politics.
- Ability to communicate highly technical matters effectively to non-technical audiences in public or private forums, across a spectrum of groups, from senior leadership to middle management and staff, demonstrating the ability to clearly define a problem/issue, succinctly describe current status, analyze data and draft reports, presentations, and other materials.
- Demonstrates the ability to use active listening skills, oral communication skills to speak effectively and demonstrates outstanding writing skills via email, letters and in person to teams and customers.
- Demonstrated understanding of policies and procedures, best practices, and management of incident response.
This is a 100% full-time Civil Service 5002 - Program Coordinator position, overtime exempt, appointed on a 12-month basis. The expected start date is as soon as possible after 5/15/2023. Salary range starts at $65,000 for the Analyst level, $75,000 for the Senior level, and $85,000 for the Lead level. Salary is commensurate with experience. This position is eligible for remote work. Immigration sponsorship is not available.
For more information on Civil Service classifications, please visit the SUCSS web site at https://www.sucss.illinois.gov/pages/classspec/default.aspx . Application Procedures & Deadline Information
Applications must be received by 6:00 pm (CST)
on Tuesday, March 28
. Apply for this position using the Apply Now button at the top or bottom of this posting. If you have not applied before, you must create your candidate profile at http://jobs.illinois.edu . If you already have a profile, you will be redirected to that existing profile via email notification. To complete the application process:
Step 1) Submit the Staff Vacancy Application using the "Apply for Position" button below.
Step 2) Submit the Voluntary Self-Identification of Disability forms.
Step 3) Upload your cover letter
(months and years of employment must be included), and names/contact information for three references
. Academic credentials will be verified before hire.
In order to be considered as a transfer candidate, you must apply for this position. Applications not submitted through https://jobs.illinois.edu will not be considered.
For further information about this specific position, please contact Samantha Willits-Rosten at email@example.com or 217-300-9188. For questions regarding the application process, please contact 217-333-2137.
The University of Illinois System is an equal opportunity employer, including but not limited to disability and/or veteran status, and complies with all applicable state and federal employment mandates. Please visit Required Employment Notices and Posters to view our non-discrimination statement and find additional information about required background checks, sexual harassment/misconduct disclosures, COVID-19 vaccination requirement, and employment eligibility review through E-Verify .
Applicants with disabilities are encouraged to apply and may request a reasonable accommodation under the Americans with Disabilities Act (2008) to complete the application and/or interview process. Requests may be submitted through the reasonable accommodations portal , or by contacting the Accessibility & Accommodations Division of the Office for Access and Equity at 217-333-0885, or by emailing firstname.lastname@example.org . Requisition ID
: 1014017 Job Category
: Administrative Apply at: