It Compliance Analyst

Type of Appointment: Full-Time, Probationary Job Classification: Information Technology Consultant I - Foundation Anticipated Hiring Range: $60,000 - $66,000 annually Work Hours: Monday - Friday, 8am - 5pm, unless otherwise notified Recruitment Closing Date: April 2, 2024THE DEPARTMENT:The Department of Information Security & Compliance (ISC) continually assesses IT security risks and controls to ensure compliance and identify opportunities for improvement. The Division of Information Technology & Institutional Planning develops and promotes resources for safe computing practices.DUTIES AND RESPONSIBILITIES:Accessibility Compliance Evaluation Under AVP's review and supervision:Perform accessibility compliance assessments based on benchmark standards including WCAG 2.0AA and WAI-ARIA, Section 508 based on provided guidelines. Utilize automated and manual testing methods, including CSU checkpoints; Provide written assessments and remediation recommendations to internal requesters and external contacts. Scope of assessments include campus digital content, but not limited to campus websites, mobile applications, electronic documents (including PDFs, videos, documents, learning components), as well as 3rd party applications that are CPP licenses or pending purchases. Research and apply the most appropriate evaluation tool(s) for a given assessment. Seek input from subject matter experts to aid in the assessments.Contribute input for improving progress of the campus-wide Accessible Technology Initiative (ATI).Based on department guidelines, provide compliance assessments for ICT (Information and Communication Technology) purchases by identifying product compliance, as well as consistency with vendor Accessibility Conformance Reports (ACRs)Provide expertise on accessibility and quality benchmark standards and remediation methods in a variety of means and methods, including but not limited to documentation, one-to-one, group trainings for technical and non-technical campus or CSU audiences. Security AssessmentsUnder AVP's and Executive Director's review and supervision:Evaluate the security of campus web-based applications using automated vulnerability assessments to identify Open Web Application Security Project (OWASP) top risks. Assist campus technical staff in the research of identified risks and available mitigations.Assist campus technical staff in the research of identified risks and available mitigations.Assessment & Compliance SupportCollaborates with AVP, Executive Director and other department staff to:Implement department process and procedures to support campus-user self-assessment of digital content; Includes collaboration with campus technical staff/managers and content development staff/managers; Supported by best practices and standards.Perform compliance assessments based on campus and department requirements and guidelines. Utilize automated and manual testing methods and provide written assessment and remediation recommendations. Scope of assessments include campus digital content, but not limited to campus websites, mobile applications, electronic documents (including PDFs, videos, documents, learning components), as well as 3rd party applications that are CPP licenses or pending purchases. Seek input from subject matter experts, such as Information Security, IT Operations, etc., to aid in the assessments.Identify, administer, and train users on campus standard assessment tool(s) and methods for the campus (e.g. HECVAT, Level Access AMP, WAVE, contrast analyzers, Blackboard Ally, manual checklists, Common Look, etc.). Supported by best practices and standards.Assist campus IT&IP staff with accessibility, security and quality requirements to technical specifications and design; Supported by best practices and standards.Train, and provide oversight to student assistants, as needed, to assist with assessment of campus digital content and applications for accessibility, security and quality.Develop and maintain current campus-wide best practices for meeting web, electronic document and mobile accessibility & security compliance requirements.Design, capture and track metrics related to assessments and tool usage; Provide reports as requested to IT&IP managers. Communication & LearningActively participate in California State University (CSU) ATI system-wide meetings and discussions (e.g. CSU WebCOP and IM-CoP) that focus on providing accessible digital content.Collaborate with other CSU campuses and the Chancellor's Office to identify approaches and best practices for compliance with accessibility and usability requirements for digital applications and content.Participate in project or task assignments that include research, analysis, testing, documentation and/or assessments. Includes related documentation and status reporting associated with assigned tasks.Maintain currency in practices, procedures and guidelines for compliance with federal and state laws as they relate to digital content and applications.Maintain currency with application design trends and user interface frameworks.Attend division, department or other meetings, as directed.QUALIFICATIONS:A Bachelor's degree in computer science, information systems, educational technology, communications, or related fields, or similar certified coursework in applicable fields of study.Working knowledge of common software application packages, equipment platforms, reference database systems and sources, and training methods and a basic understanding of networks, data communication, and multimedia systems.Able to demonstrate a basic understanding of the standard principles and terminology associated with the technical specialty, address common problems of limited scope, and demonstrate work-ready communication skills.PREFERRED EXPERIENCE:Experience working in an IT web development, compliance or quality assurance functionFamiliarity with or experience applying regulatory requirements and standards such as Section 508 of the Rehabilitation Act, PCI DSS, HIPAA, GLBA, Red Flag Rule, GDPR, FERPA, WCAG, WAIARIA, OWASP, etc.Familiarity with control frameworks such as CobiT, ITIL, ISO27001, NIST.Familiarity with Assistive Technology, such as JAWS, NVDA, Narrator and VoiceOver;Ability and specialized skills to: use OWASP, WCAG2.0AA and WAI-ARIA evaluation tools; recognize application security risks, access barriers and offer reasonable solutions;Experience providing technical and/or end-user support in a higher-education environment.Knowledge and experience with Windows and MAC-based personal computers in an enterprise wide environment.Knowledge and experience with mobile and cloud technologies in an enterprise environment. Out of State WorkThe California State University (CSU) system is a network of twenty-three public universities providing access to a quality education through the support of California taxpayers. Part of CSU's mission is to prepare educated, responsible individuals to contribute to California's schools, economy, culture, and future. As an agency of the State of California, the CSU's business operations almost exclusively reside within California. The CSU Out-of-State Employment Policy prohibits hiring employees to perform CSU-related work outside California. For more information, go to https://calstate.policystat.com/policy/10899725/latest/ .Background CheckCal Poly Pomona will make a conditional offer of employment to final job candidates, pending the satisfactory completion of a background check (including a criminal records check). The conditional offer of employment may be rescinded if the background check reveals disqualifying information, and/or it is discovered that the candidate knowingly withheld or falsified information. In determining the suitability of the candidate for the position, Cal Poly Pomona will give an individualized assessment to any information that the applicant submits for consideration regarding the criminal conviction history such as the nature, gravity and recency of the conviction, the candidate's conduct, performance or rehabilitation efforts since the conviction and the nature of the job applied for. For more information, go to https://calstate.policystat.com/policy/13813878/latest/ .CSU Classification Salary RangeThis position is part of the California State University Employees Union (CSUEU) bargaining unit 9. The CSU Classification Standards for this position are located on the following site: https://www.calstate.edu/csu-system/careers/compensation/Pages/Classification-Standards.aspx. The CSU Salary Schedule is located on the following site:https://www.calstate.edu/csu-system/careers/compensation/Pages/salary-schedule-documents.aspx . The classification salary range for this position according to the respective skill level is: minimum $3,899 and maximum $7,506 per month. Please refer to the anticipated hiring range for the appropriate salary rate for this particular position.Employment Eligibility VerificationCal Poly Pomona hires only individuals lawfully authorized to work in the United States. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. For more information, go to https://www.uscis.gov/i-9-central/form-i-9-acceptable-documents .Security & Fire SafetyIn compliance with state and federal crime awareness and campus security legislation, including The Jeanne Clery Disclosure of Campus Security Policy and Crime Statistics Act, California Education Code section 67380, and the Higher Education Opportunity Act (HEOA), Cal Poly Pomona's Annual Security Report and Annual Fire Safety Report are available for viewing at: https://www.cpp.edu/pdfs/annual_security_report.pdf and https://www.cpp.edu/housing/documents/fire_safety_report.pdf.Pay Transparency NondiscriminationAs a federal contractor, Cal Poly Pomona will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. For more information, see the Pay Transparency Nondiscrimination Provision poster .Reasonable AccommodationWe provide reasonable accommodations to applicants and employees with disabilities. Applicants with questions about access or requiring a reasonable accommodation for any part of the application or hiring process should contact the ADA Coordinator by email at ******. For more information, go toEmployment Notices .Equal Employment OpportunityCal Poly Pomona is an Equal Opportunity Employer, committed to promoting an inclusive and diverse workforce. The university subscribes to all state and federal regulations that prohibit discrimination based on race, color, religion, national origin, sex, gender identity/gender expression, sexual orientation, marital status, pregnancy, age, disability, genetic information, medical condition, and veteran or military status. We engage the talents of all qualified workers, regardless of their background. More information is available at Equal Employment Opportunity statement .Other NoticesFor other important employment notices, we invite you to visit Cal Poly Pomona's Employment Notices web page.