Penn State Job Catalog

Additional levels that exist for this job profile can be seen below.

The defined natural career progression within or between job profiles.

Privacy and Security Compliance

The Privacy and Security Compliance Specialist ensures University activities and operations are compliant with privacy and security regulatory and policy requirements. Responsibilities include conducting assessments and compliance audits; assisting with external inspection preparation; compiling data, making recommendations, preparing reports; reviewing and advising on contract language; conducting outreach and educational programs.

• Provide unit assistance to implement a privacy and security compliant culture; provide guidance on improving information system resilience, protecting research and intellectual property, and improving identity and access management; ensure business operations protect University information from unauthorized use, access, disclosure, modification, damage or loss
• Monitor unit compliance with local, regulatory, and University privacy and security requirements, policies, and procedures
• Conduct security and privacy impact assessments; analyze unit collection, use, sharing, and maintenance of individually identifiable information; identify security gaps; determine risks and effects; evaluate protections and alternative mitigating processes; prepare reports; make appropriate notifications and recommendations; provide guidance and instruction to resolve non-compliant findings
• Prepare University personnel for sponsor, grantor, accrediting body, and regulatory authority compliance audits and inspections; conduct pre-audit/inspection interviews and record reviews identifying areas of concern; prepare reports and provide remediation guidance
• Review and advise on contractual language related to privacy and information security compliance
• Compile annual compliance data; prepare and submit reports
• Contribute to privacy and security compliance monitoring policies; help create goals and objectives; identify successful program indicators
• Maintain awareness of regulatory requirement and organizational demand changes impacting privacy and security; disseminate information
• Conduct education and outreach programs; instruct on privacy and security requirements, policies, and best practices

Level:

– Senior Professional

Base Description:

– Completes activities, tasks, and/or projects of a functional nature.

Level Summary:

– Demonstrates advanced knowledge of principles, practices, and procedures of a particular field. Works independently on moderately complex work assignments under limited oversight, reviews progress, and evaluates results. Monitors work and projects ensuring timeliness, quality, and efficiency. Identifies and mobilizes resources to achieve outcomes. Trains others and reviews progress with management. Presents ideas, concepts, and instructions in a clear and persuasive manner. Develops new techniques, concepts, and approaches and applies them to moderately complex and strategic and/or operational issues.

Supervisory Responsibilities:

– Indirect supervisor for other full–time employees
– May serve as direct supervisor for part–time, student, and/or temporary workers, volunteers, or a full–time employee

Fiscal Responsibilities:

– May validate and pay invoices
– Monitors and tracks budgets and funding

Problem Solving:

– Encounters moderately complex problems
– Applies specialized knowledge and skills to resolve problems
– Understands benefits, limitations, and impact of potential solutions

Independence of Action:

– Works independently on moderately complex work assignments, reviews progress, and evaluates results
– May set priorities and organize work within general guidelines established by supervisor
– May review the work of others to verify accuracy and conformance to required procedures and special instructions

Communication and Collaboration:

– Communicates internally within working unit and the University
– Communicates with external audiences for scheduling/coordination
– May communicate with external audiences for business purposes
– Coaches others in using appropriate strategies for resolving conflict; negotiating reasonable compromises; and proposing and evaluating possible solutions
– Give candid and constructive feedback to others to influence and persuade managers and employees to accept and implement findings and recommendations

• Comp Grade – 12
• Minimum – $76,700.00
• MidPoint – $95,900.00
• Maximum – $115,100.00