Department: Information Services
Appointment Type and Duration: Regular, Ongoing
Salary: $78,000 - $88,000 per year
Compensation Band: OS-OA08-Fiscal Year 2025-2026
FTE: 1.0
Application Review Begins
Position closes March 30, 2026
Special Instructions to Applicants
To be considered for this position, applicants must submit a complete application. A complete application includes:
• A resume that clearly outlines your work history, including the month and year for the start and end dates.
• A cover letter that addresses how you meet the minimum qualifications and, if applicable, any preferred qualifications. Use your cover letter to share what draws you to this position, what transferable skills you bring, and how your experiences have prepared you to contribute meaningfully in this role.
We are committed to finding the best candidate for this role. Even if you do not meet every preferred qualification, we encourage you to apply.
If you have questions about the application process or the position, please reach out to fass@uoregon.edu
Department Summary
Information Services (IS) is the central information technology unit at the University of Oregon and provides wide ranging services to campus. Information Services consists of four major functional areas: Customer Experience, which serves as the key contact point for interactions with campus clients and customers; Applications & Middleware, which manages and supports applications, integration services, identity management and data management; Information Security, which helps protect virtual or physical information; and Technology Infrastructure, which provides administration and support for the software, hardware, and services needed to support the campus IT environment. Information Services also includes the Advanced Network Technology Center. IS works closely with the Network for Education and Research in Oregon.
Established in 1876, the University of Oregon offers a breadth and depth of curricula with more than 270 academic programs and provides the opportunity to work at a respected research university with a strong holistic, liberal arts foundation. The UO also has a history of political and social involvement that embraces diverse beliefs, cultures, and values, and it is committed to environmental responsibility.
The university is also proud of the Phil and Penny Knight Campus for Accelerating Scientific Impact, an initiative specifically designed to fast-track scientific discoveries and the process of turning those discoveries into innovations that improve the quality of life for people in Oregon, the nation and beyond. Information Services collaborates with Research and Innovation and our schools and colleges to support the research, teaching, and learning mission of the university.
Eugene is the home of the University of Oregon. Located in the lush Willamette Valley, Eugene is well-known for outdoor pursuits like running, cycling, rafting, and fishing, as well as arts, music, crafts, brewing, wine-making, and community-supported agriculture. With branches in Portland and on the Oregon coast, the UO is deeply connected to Oregon's natural and cultural treasures.
Position Summary
Reporting to the Director of IT Security Risk & Compliance, the IT Security Compliance Analyst is part of the Information Security Office (ISO) team. This is a technical position, responsible for the development, assessment and evaluation of Identity and Access Management (IAM) security controls; implementation and evaluation of short-term and long-term goals and objectives, and for strategically aligning campus IT security and compliance needs with university policies, relevant laws, regulations, and requirements for the protection of enterprise systems and data, operational technologies (OT) and other internet of things (IoT) deployed at the University.
The IT Security Compliance Analyst will maintain a clear understanding of the research, academic and operational needs of the university, including its infrastructure, assets, identities, and associated risks. This will involve working with various stakeholders, such as business units, IT teams, cybersecurity teams, risk managers, auditors, and vendors, to help drive security of access control initiatives in support of internal policies, regulatory compliance, and industry standards. In addition, maintain an overview of authentication processes of the new and existing systems deployed across campus and provide high-level situational awareness and warnings about any security lapses.
As part of the ISO team, the person in this role will collaborate with other members of the team to tailor our risk management program, help prioritize actions, advise system owners, and contribute their expertise during assessment and remediation efforts.
This position requires superior interpersonal skills, like empathy, tact, flexibility, and collaboration. Woven through these responsibilities and duties is the need for effective oral and written communication skills to successfully interact with the diverse range of stakeholders at the university. The array of tasks performed by this position requires good organization, the ability to work independently, and to manage multiple, and sometimes competing, priorities.
Work is reviewed regularly by the supervisor to ensure it is performed efficiently, safely, and meets both expectations and applicable requirements. A performance appraisal is conducted annually.
This unit may provide essential services during times of emergencies and inclement weather. This position may be required to fulfill essential services and functions during these times.
Minimum Requirements
• Bachelor’s degree from an accredited college or university or demonstrated equivalent skills and experience.
• Three years of experience working in an IT position with information security responsibilities; this may include responsibilities as a security professional or as an IT administrator (e.g., network, systems, application, or cloud administrator) with significant experience implementing or supporting security controls. An advanced degree (Master's) may be substituted for one year of experience.
• Demonstrated expertise in Identity and Access Management (IAM), Security Assessment and Testing, and one or more of the following IT Security domains: Information Security, IT Systems and Operations, Network Security, Systems and Applications Security, Vulnerability Management, Cloud Security, Security and Risk Management.
Professional Competencies
• Perform duties in a way that advances and supports the mission of the department and university.
• Work effectively in a diverse team environment and create effective relationships for problem solving and positive interactions.
• Ability to adapt within a rapidly changing technical environment.
• Ability to explain technical concepts to audiences with a wide range of technical skills.
• Ability to work independently and in a team-oriented, collaborative environment.
• Demonstrated experience in current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
Preferred Qualifications
• Two years of experience in an operational information security role.
• Working knowledge of laws, regulations and standards affecting information technology security in a higher education environment, including PCI-DSS, HIPAA, GLBA, HEOA, FERPA, and DMCA.
• Certification in or progress toward at least one designation in an information security, risk, compliance or related discipline (e.g. CISSP, SSCP, CSA+, CASP, GESC, GCIA, CEH).
FLSA Exempt: Yes
All offers of employment are contingent upon successful completion of a background check.
The University of Oregon is proud to offer a robust benefits package to eligible employees, including health insurance, retirement plans, and paid time off. For more information about benefits, visit our website.
The University of Oregon is an equal-opportunity institution committed to cultural diversity and compliance with the Americans with Disabilities Act. The University encourages all qualified individuals to apply and does not discriminate on the basis of any protected status, including veteran and disability status. The University is committed to providing reasonable accommodations to applicants and employees with disabilities. To request an accommodation in connection with the application process, please email us or call 541-346-5112.
UO prohibits discrimination on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, pregnancy (including pregnancy-related conditions), age, physical or mental disability, genetic information (including family medical history), ancestry, familial status, citizenship, service in the uniformed services (as defined in federal and state law), veteran status, expunged juvenile record, and/or the use of leave protected by state or federal law in all programs, activities and employment practices as required by Title IX, other applicable laws, and policies. Retaliation is prohibited by UO policy. Questions may be referred to the Office of Equal Opportunity and Access. Contact information, related policies, and complaint procedures are listed here.
In compliance with federal law, the University of Oregon prepares an annual report on campus security and fire safety programs and services. The Annual Campus Security and Fire Safety Report is available online.
