Information Security Analyst Contract to Hire

S R INTERNATIONAL INC
Phoenix, United States of America
24 days ago

Role details

Contract type
Temporary to permanent
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 96K

Job location

Remote
Phoenix, United States of America

Tech stack

Microsoft Windows
Data analysis
Unix
Computer Security

Job description

The Arizona Department of Economic Security (AZDES) is seeking an experienced Information Security Analyst to join its Governance, Risk, and Compliance (GRC) team. This contract-to-hire position will support risk assessments, security audits, compliance initiatives, policy development, and information security governance activities across the agency. The ideal candidate will possess strong knowledge of cybersecurity frameworks, risk management, audit practices, and security compliance standards., * Conduct risk assessments, security reviews, and compliance audits.

  • Develop findings reports, recommendations, POA&Ms, and incident reports.
  • Maintain and update security plans, audit plans, and risk management documentation.
  • Review security controls and ensure compliance with applicable frameworks and regulations.
  • Research security standards, laws, regulations, and best practices.
  • Evaluate information systems and identify cybersecurity and privacy risks.
  • Support governance, risk, and compliance (GRC) initiatives.
  • Develop policies, procedures, and security documentation.
  • Assist project managers with information analysis, requirements gathering, and project artifacts.
  • Develop user training materials and support user adoption initiatives.
  • Collaborate with business units, technical teams, and leadership to improve security posture.
  • Participate in security reviews, assessments, and continuous improvement efforts.

Required Compliance Knowledge

  • NIST 800-53 Rev. 5
  • Risk Management Framework (RMF)
  • IRS Publication 1075
  • HIPAA / HITRUST
  • CJIS
  • MARS-E
  • Security Authorization & Accreditation Processes
  • Internal Controls and Audit Practices

Primary Skills Information Security, Governance Risk & Compliance (GRC), NIST 800-53 Rev. 5, Risk Management Framework (RMF), Cybersecurity, Security Audits, Risk Assessments, Compliance, Security Controls, Internal Auditing, Windows, Unix, Security Policies, Incident Reporting, POA&M Development, Project Management, CISSP, CCSP, CAP, GSNA, GSTRT.

Requirements

  • NIST 800-53 Rev. 5
  • Risk Management Framework (RMF)
  • Windows and Unix Administration Experience
  • Information Security Risk Management
  • Internal Auditing and Risk Assessment
  • Security Controls Assessment and Compliance
  • Security Policy Development
  • Security Documentation and Reporting
  • Cybersecurity Governance and Compliance
  • Strong Written and Verbal Communication Skills

Preferred Skills

  • Project Management Experience
  • CISSP Certification
  • CCSP Certification
  • CAP Certification
  • GSNA Certification
  • GSTRT Certification
  • Government Security Compliance Experience
  • Audit and Regulatory Compliance Experience

Apply for this position