Working Title: IT Policy & Compliance Analyst

State Role Title: Information Technology Specialist II

Position Type: Full-time Staff (Classified)

Position Status: Full-Time

FLSA Status: Exempt: Not Eligible for Overtime

College/Division: Information Technology

Department: 100784 – IT Policy and Compliance

Pay Rate: Pay Range

Specify Range or Amount: $67,000 - $72,000

Is this a JMU only position? No

Is this a grant-funded position? No

Is this a Conflict of Interest designated position? No

Beginning Review Date: 05/09/2025

About JMU:

James Madison University is a publicly funded university with a beautiful campus and a supportive community that is committed to preparing students for the future. The university offers excellent comprehensive benefits which include paid vacation, sick, parental, and community service leave in addition to 19 paid holidays a year; affordable health insurance; retirement through the Virginia Retirement System. We also offer a work-life balance and integration program, Balanced Dukes, that is designed to support the overall wellbeing of our employees and a Tuition Waiver Program that allows employees to have tuition waived for undergraduate and graduate level courses taken at JMU.

Visit our Prospective Employee site to learn more about what makes JMU a great place to work: bit.ly/JMUEmployment

General Information:

James Madison University is accepting applications for an Information Technology Policy and Compliance Analyst to provide support for Information Technology's Third-Party Vendor Management Program. The successful candidate will assist IT in ensuring compliance with applicable information technology regulations, policies, and standards.

Duties and Responsibilities:

• Perform annual reviews of existing systems to ensure continued information security compliance.
• Analyze SOC 2 or other independent security audit reports that attest to a vendor’s security policies, procedures, and controls.
• Prepare information security operations reviews of on-premises and cloud-based IT systems and services to ensure alignment with university polices and compliance regulations.
• Provide assistance with IT’s Third-Party Vendor Management Program by serving as a member of the Technology Review Board.
• Educate and provide guidance to key partners related to JMU’s information technology risk management requirements.
• Ensure information technology compliance records are organized and complete in accordance with applicable regulations, policies, standards, and best practices.
• Demonstrate honesty, integrity, and confidentiality with the handling of university and vendor data.

Qualifications:

Required Qualifications:

• Demonstrated knowledge or experience in computer science, information technology, technical writing, business administration, or related field.
• Experience with information technology vendor risk assessment or vendor compliance.
  Strong security awareness and experience interpreting technical information, especially related to information technology best practices.
• Excellent writing skills, with the ability to create clear requirements, specifications, and documentation.
• Ability to effectively communicate, verbally and in writing, complex, technical information to both technical and non-technical audiences.
• Exceptional organization, time management, and prioritization skills.
• Ability to work independently with limited supervision as well as in teams.
• Detail-oriented and able to work with a high degree of accuracy.
• Proficient with Microsoft Excel, Word, SharePoint, and Teams.

Additional Considerations:

• Familiarity with requirements related to information technology regulations and standards including GLBA, PCI, ISO 27001 and 27002, HIPAA, HITECH, GDPR, etc.
• Experience analyzing SOC 2 or other independent security audit reports that attest to a vendor’s security policies, procedures, and controls.
• Experience with information technology policies and procedures.
• Experience with language and terms used in contracts, licenses, and other legal documents related to information technology.

Additional Posting Information:

Conditions of Employment:  

Employment is contingent upon the successful completion of a criminal background check.

E-Verify Notice: After accepting employment, new hires are required to complete an I-9 form and present documentation of their identity and eligibility to work in the United States. James Madison University uses the E-Verify system to confirm identity and work authorization.

EEO Statement:

James Madison University is committed to creating and supporting a diverse and inclusive work and educational community that is free of all forms of discrimination. This institution does not tolerate discrimination or harassment on the basis of age, color, disability, gender identity or expression, genetic information, national origin, parental status, political affiliation, race, religion, sex, sexual orientation or veteran status.

We promote access, inclusion and diversity for all students, faculty, staff, constituents and programs, believing that these qualities are foundational components of an outstanding education in keeping with our mission. The university is interested in candidates whose experience and qualifications support an ongoing commitment to this core quality.

Anyone having questions concerning discrimination should contact the Office for Equal Opportunity: (540) 568-6991.

Reasonable Accommodation:

If you are an individual with a disability and need assistance searching or applying for jobs please contact us at (540) 568-3597 or jobs@jmu.edu. You may also visit the JMU Human Resource Office, located at 752 Ott Street, Harrisonburg, VA 22807 and we will be happy to assist you.