Job Title: Information System Security Officer/Risk Analyst
Location: Austin, TX (Hybrid 2 days onsite)
Duration: 12-24 Months
Interview: Webex
The ideal candidate will be responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by the information systems to determine the overall effectiveness of the controls.
Qualifications/Requirements
- At least 5 years of experience in common information security and risk management frameworks
- Security + certification (at a minimum) is required
- 3+ years of experience with NIST Compliance and Third-Party Risk assessments
- Strong knowledge of information security practices, procedures, and regulations
- Previous experience in a government agency environment is highly desirable
- Ability to work independently with minimal oversight to complete assigned projects
General Duties
- Assist with implementation and management the Organization's Secure Systems
- Perform security assessments and reviews of account permissions, computer data access needs, security violations, and programming changes
- Develop appropriate plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs
- Coordinate the implementation of system security plans for internal personnel and outside vendors
- Coordinate account permissions and data access needs
- Review security violations and programming changes required
- Advise management and users regarding security configurations and procedures
- Participate in the development of information technology disaster recovery and business continuity planning
- Continuously review and assess technical risks of new and existing applications and systems, including data center physical security and environment
- Research, evaluate, and recommend systems and procedures for the prevention, detection, containment, and correction of data security breaches
- Prepare final security assessment reports containing findings
- May be asked to perform additional duties as required