Penn State Job Catalog

Additional levels that exist for this job profile can be seen below.

The defined natural career progression within or between job profiles.

Privacy and Security Compliance

The Privacy and Security Compliance Specialist ensures University activities and operations are compliant with privacy and security regulatory and policy requirements. Responsibilities include conducting assessments and compliance audits; assisting with external inspection preparation; compiling data, making recommendations, preparing reports; reviewing and advising on contract language; conducting outreach and educational programs.

• Provide unit assistance to implement a privacy and security compliant culture; provide guidance on improving information system resilience, protecting research and intellectual property, and improving identity and access management; ensure business operations protect University information from unauthorized use, access, disclosure, modification, damage or loss
• Monitor unit compliance with local, regulatory, and University privacy and security requirements, policies, and procedures
• Conduct security and privacy impact assessments; analyze unit collection, use, sharing, and maintenance of individually identifiable information; identify security gaps; determine risks and effects; evaluate protections and alternative mitigating processes; prepare reports; make appropriate notifications and recommendations; provide guidance and instruction to resolve non-compliant findings
• Prepare University personnel for sponsor, grantor, accrediting body, and regulatory authority compliance audits and inspections; conduct pre-audit/inspection interviews and record reviews identifying areas of concern; prepare reports and provide remediation guidance
• Review and advise on contractual language related to privacy and information security compliance
• Compile annual compliance data; prepare and submit reports
• Contribute to privacy and security compliance monitoring policies; help create goals and objectives; identify successful program indicators
• Maintain awareness of regulatory requirement and organizational demand changes impacting privacy and security; disseminate information
• Conduct education and outreach programs; instruct on privacy and security requirements, policies, and best practices

Level:

– Advanced Professional

Base Description:

– Completes activities, tasks, and/or projects of a functional nature.

Level Summary:

– Demonstrates proficient and comprehensive knowledge of defined skill areas/applications. Applies knowledge of principles, practices, and procedures of a particular field to decision-making and problem–solving. Works under minimum supervision on varied and sometimes difficult work assignments, conferring with supervisor or subject matter experts on unusual matters. May lead others or a team in completion of complex assignments. Interprets and communicates information clearly, accurately, and persuasively. Researches and tries new approaches when solving difficult or novel problems.

Supervisory Responsibilities:

– Indirect supervisor or mentor for other full–time employees
– May serve as direct supervisor for part–time, student, and/or temporary workers, volunteers, or a full–time employee

Fiscal Responsibilities:

– May validate and pay invoices
– May monitor/track budgets and funding

Problem Solving:

– Encounters generally routine problems with progressively more complex and/or varied problems
– Typically follows recommended course of action and procedures to resolve problems
– May apply specialized knowledge and skills to resolve complex and/or varied problems, with supervisor oversight
– Researches and tries new approaches when solving problems

Independence of Action:

– Works with minimal supervision on more difficult work assignments, conferring with supervisor on unusual matters
– Follows precedents and procedures
– May set priorities and organize work within general guidelines established by supervisor

Communication and Collaboration:

– Communicates internally and externally within working unit and the University
– May communicate with external audiences for business purposes
– Promotes open communication in a manner that builds relationships among team members
– Applies appropriate strategies for managing conflict; negotiate reasonable compromises; propose and evaluate possible solutions
– Interprets and communicates information, ideas and instructions clearly, accurately and persuasively both verbally and in written materials intended for distribution

• Comp Grade – 11
• Minimum – $68,200.00
• MidPoint – $85,200.00
• Maximum – $102,300.00