Security Analyst

IBA InfoTech Inc.
San Jose, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

San Jose, United States of America

Tech stack

Amazon Web Services (AWS)
Configuration Management
Computer Security
Rapid Application Development
Information Technology

Job description

6 or more years with IT security and audit experience with extensive knowledge of national/international security and risk management standards including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH and other regulatory requirements .

Knowledge of GRC systems, security standards and progressive experience documenting and performing security assessments, and reviews.

  1. Assist the CJIS Program Manager/Administrator with the administration of the CJIS Security, Governance, Risk and Compliance (GRC) enterprise risk management processes.
  2. Engage and assist specific stakeholders/agencies with risk assessment processes, and identify gaps in security control environment and CJIS compliance requirements.
  3. Perform gap analysis of security requirements implemented within the business unit/agency application(s) and operations according to Corporate processes, statute, regulation, standards and CJIS policies.
  4. Provide guidance to staff with standard interpretation of CJIS/NIST/FedRAMP controls and other security statutory and regulatory requirements.
  5. Assist with policy/process/procedure development and documentation along with entering information into GRC systems to complete risk assessment, analysis and processes.
  6. Assist with GRC volume of work for business units/agencies.
  7. Assist with establishing Cyber Security/Risk Management Frameworks.
  8. Work with team in improving process.
  9. Other risk management/cyber security related tasks as assigned.

Requirements

  • Information Technology Experience - Required - 6 Years
  • IT Security and/or Audit Experience - Required - 6 Years
  • PCI, NIST, FISMA, HIPPA, CJIS, or related experience - Required - 5 Years
  • Experience working in large, complex business and/or IT environments - Required - 6 Years
  • Bachelors or Masters Degree in Computer Science, MIS, Business, Accounting, or Engineering (or related) - Required - 4 Years
  • Technical skills: knowledge and experience in IT security statutes, regulations, and standards, experience in GRC tool(s). - Required - 5 Years
  • CISSP/CISM/CISA certifications - Preferred
  • AWS Cloud experience and certifications - Preferred
  • Practical experience with commercial and/or Federal Government Governance, Risk & Compliance platforms - Required - 3 Years
  • Practical experience working with business and IT/LOB stakeholders to complete Risk Assessments - Required - 3 Years
  • 8-10 total years related experience, ideally in a fast-paced startup environment.
  • Experience building solid configuration management for rapid application deployment and pipeline environments.
  • Results-oriented, collaborative professional with ability to work successfully in a highly matrixed organization.
  • Clear communicator who is very conductive to working in a team environment and helps lift team spirit.
  • Grit, drive and a strong feeling of ownership.

Apply for this position