What are the responsibilities and job description for the Information Security Lead position at Smarter HR Solutions LLC?
The Lead GRC Analyst will be instrumental in establishing and operationalizing Harris County’s cybersecurity governance structure through the development and daily management of the Cyber Review Program. This strategic role supports the GRC Manager in embedding cybersecurity risk assessments, governance protocols, and awareness activities into the county’s enterprise-wide technology initiatives.
The ideal candidate is a self-starter with proven experience in building and managing GRC functions, facilitating cross-functional collaboration, and aligning risk oversight with regulatory frameworks such as NIST, CJIS, HIPAA, and PCI-DSS. This role requires strong project coordination skills, the ability to drive governance processes independently, and a deep understanding of public sector security compliance.
Key Responsibilities:
Governance, Risk & Compliance (GRC) Program Development
Design, implement, and manage the Cybersecurity Risk process, including intake workflows, assessment coordination, and centralized tracking.
Develop comprehensive governance artifacts, including risk assessment templates, SOPs, operational guides, and reporting structures.
Facilitate risk reviews, ensuring consistent and risk-aligned evaluation of technology projects.
Track remediation efforts, monitor open findings, and support escalation of high-risk items to executive leadership.
Ensure all processes align with applicable regulatory standards, including CJIS, HIPAA, and state cybersecurity mandates.
Cybersecurity Awareness & Engagement
Collaborate with the cybersecurity awareness team to develop and disseminate training materials targeted at project stakeholders.
Promote a culture of cyber hygiene and compliance across departments through ongoing engagement and education.
Project Documentation & Stakeholder Communication
Prepare strategic roadmaps, presentations, and executive-level communication in support of cybersecurity objectives.
Serve as the primary liaison between cybersecurity teams, project managers, and the IT Review Board, ensuring clear and consistent communication.
Requirements
Minimum Qualifications:
Experience working in a public sector or regulated government environment.
A High School Diploma or GED accompanied by a recognized cybersecurity certification (e.g., Security , SSCP, or equivalent), or a Bachelor’s degree in a related field such as Cybersecurity, Information Technology, or Information Systems.
5 years of experience in Governance, Risk, and Compliance (GRC), cybersecurity, IT audit, or risk management.
Demonstrated experience building or managing cybersecurity governance frameworks or review committees.
Strong working knowledge of key security and privacy frameworks and regulations, including NIST CSF, ISO 27001, HIPAA, GDPR, and SOC 2.Skilled in developing SOPs, risk documentation, and leadership-ready reporting artifacts.
Excellent written and verbal communication skills with experience engaging technical and non-technical stakeholders.
Proficient with collaboration and intake platforms such as SharePoint, ServiceNow, or Excel-based dashboards.
Preferred Qualifications:
Practical experience using GRC platforms such as Archer, ServiceNow GRC, or MetricStream.
Familiarity with cybersecurity awareness platforms (e.g., KnowBe4) and training implementation strategies.
Strong analytical, organizational, and problem-solving skills.
Ability to communicate effectively with technical and non-technical audiences.
Knowledge of cybersecurity principles, risk management practices, and regulatory environments.
Proficient in Microsoft Office 365, including Excel, PowerPoint, and SharePoint.
Ability to work independently and collaboratively in a fast-paced environment.
Working Conditions
Hybrid - 3 days in office 2 WFH
Salary : $56