IT Security Analyst - GRC Analyst Dimondale, MI (593472) 12 Months In Person Only Short Description: Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.
Complete Description: Relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.
•Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinate and execute IT security related projects for the agency. Coordinate response to information security incidents. Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with State IT Security policies, standards, and guidelines.
•Conduct campus-wide data classification assessment and security audits and manage remediation plans. Collaborate with IT management, Internal Audit, and SOM to manage security vulnerabilities. Create, manage and maintain user security awareness. Conduct security research and keeps abreast of latest security issues.
Support the enterprise Governance Risk & Compliance platform in various capacities, including but not limited to:
• Remove/modify/Create a System Security Plan
• Remove/modify/Create a Risk Assessment
• Remove/modify/Create a Plan of Action and Milestone
• Add/remove/modify Users, Security Roles, Groups and process MiID Requests/Access
• Bulk Operations function (e.g. Assign Controls in Risk Assessment)
• Organize and schedule training sessions (Overview Training, New Advance User Training, Working Sessions)
• Update and track feedback through Governance Risk & Compliance platform Service Requests & Feedback Form (Lockpath KeyLight)
• Manage Governance Risk & Compliance platform Mailbox (Lockpath KeyLight)
• Troubleshoot and Triage User Issues via email, telephone, Skype and Governance Risk & Compliance Tickets (Lockpath KeyLight)
• Executive Report Generation
• Create Reports as requested by users and leadership team
• Create documentation for subsequent Governance Risk & Compliance Phases (Lockpath KeyLight)
• Assist Lead Administrator/Designer in tasks or assignments as requested/needed
Skill Matrix:
skills | Years used | Last used |
of Experience Practical experience in Cyber Security and/or Infrastructure Required1Years |
Practical experience in facilitating training sessions Required1Years |
Practical experience in project and technology documentation Required1Years |
Practical experience in developing executive level presentation materials Required1Years |
Working knowledge of the Lockpath KeyLight GRC platform (or similar) Required1Years |
Practical experience as a Project Coordinator or Project Assistant Required2Years |
General knowledge of the NIST Cyber Security Framework Required1Years |
Experience working in a large and complex Information Technology environment Required2Years |
Solid written and verbal communication skills Required2Years |
Regards, Basha Key Business Solutions, Inc. || Office: 916 646 2080 Ext 227 || Fax: 916 646 2081 Note: This email is not intended to be a solicitation. Please accept our apologies and reply in the subject heading with REMOVE to be removed from our Mailing list.