The candidate will perform cyber security risk, governance and compliance management and oversight.

QUALIFICATIONS

A four (4) year degree in Information Systems, Computer Science or Cyber Security. Staff must

have a minimum of five (5) years of current experience in:

(i) Risk Management

(ii) Governance and Compliance

(iii) Information Security

(iv) Special Publication National Institute of Standards and Technology (NIST) 800 series

SKILLS, KNOWLEDGE AND ABILITIES

The Senior Cyber Security Analyst (GRC) must have experience conducting/implementing/managing information systems audits. Must possess strong written  and verbal communication skills. Proficiency with all Microsoft (MS) Office programs is necessary,  including familiarity with SharePoint. Conducting and/or coordinating information  security risk assessments for technology and security frameworks. Facilitating multiple  stakeholders to agree on appropriate security solutions and verifying that security risks are mitigated appropriately. Verifying that required security controls are built into new products

Performing deep dives on Information security-related processes and systems. Identifying system

limitations that could lead to regulatory risks in new products and services and provide guidance for resolution and risk mitigation. Staying abreast of innovative business and technology trends  in Information Security, risk, and controls and advising leadership on technology initiatives. Carrying out risk assessments and gap analysis of multi-networks and cloud environments using compliance standards and frameworks such as PCI, Diplomatic Security Service (DSS), Criminal  Justice Information Services (CJIS) and NIST. Creating, managing, and enforcing compliance  requirements for business process and information systems and assisting in the development of Authority wide cybersecurity compliance program. Designing and/or implementing Information Security solutions in an enterprise environment. Leading initiatives for re-architecting and reengineering of security controls to enhance the security posture of the Authority. Strong  knowledge of Vulnerability Management Remediation and Payment Card Industry (PCI) Compliance

Certification Requirements:

(i) Certified Information Systems Security Professional (CISSP)

(ii) CRISC

(iii) Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM)

Job Type: Full Time
Benefits: Medical, Dental & Vision Insurance, Paid Time Off, & 401K Matching, Employee Assistance Programs