May 3, 2019
IT Security Analyst 3 - GRC Analyst
About The Opportunity
Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.
- Relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.
- Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinate and execute IT security related projects for the agency. Coordinate response to information security incidents. Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with State IT Security policies, standards, and guidelines.
- Conduct campus-wide data classification assessment and security audits and manage remediation plans. Collaborate with IT management, Internal Audit, and SOM to manage security vulnerabilities. Create, manage and maintain user security awareness. Conduct security research and keeps abreast of latest security issues.
- Support the enterprise Governance Risk & Compliance platform in various capacities, including but not limited to:
- Remove/modify/Create a System Security Plan
- Remove/modify/Create a Risk Assessment
- Remove/modify/Create a Plan of Action and Milestone
- Add/remove/modify Users, Security Roles, Groups and process MiID Requests/Access
- Bulk Operations function (e.g. Assign Controls in Risk Assessment)
- Organize and schedule training sessions (Overview Training, New Advance User Training, Working Sessions)
- Update and track feedback through Governance Risk & Compliance platform Service Requests & Feedback Form (Lockpath KeyLight)
- Manage Governance Risk & Compliance platform Mailbox (Lockpath KeyLight)
- Troubleshoot and Triage User Issues via email, telephone, Skype and Governance Risk & Compliance Tickets (Lockpath KeyLight)
- Executive Report Generation
- Create Reports as requested by users and leadership team
- Create documentation for subsequent Governance Risk & Compliance Phases (Lockpath KeyLight)
- Assist Lead Administrator/Designer in tasks or assignments as requested/needed
- Practical experience in Cyber Security and/or Infrastructure Required 1 Years
- Practical experience in facilitating training sessions Required 1 Years
- Practical experience in project and technology documentation Required 1 Years
- Practical experience in developing executive level presentation materials Required 1 Years
- Working knowledge of the Lockpath KeyLight GRC platform (or similar) Required 1 Years
- Practical experience as a Project Coordinator or Project Assistant Required 2 Years
- General knowledge of the NIST Cyber Security Framework Required 1 Years
- Experience working in a large and complex Information Technology environment Required 2 Years
- Solid written and verbal communication skills Required 2 Years
Please Contact me to discuss the hiring process!
Sr. Executive Recruiter
Contact: (310) 929-8421 Ext: 104
Hi! My name is Sumit Gupta. I treat all my consultants in a manner that they feel comfortable while working with me on any position they are applying for. Although, the motive is to find the best match for my consultants. But I make sure that I suggest them the right job matching their profile and work history by interacting with them in detail and follow-up with them at each and every level of the hiring process.