Job ID: TX-52919098 (910590312)
Security Analyst with Federal System risk/compliance assessments, NIST, PCI, SOC, HIPAA, ISO, data privacy, auditing, eGRC and RSA Archer experience
Location: Austin,TX (HHSC)
Duration: 4 months
5Required Must have experience in performing information technology, security risk and compliance assessments for Federal systems.
5 Required Experience with the National Institute of Standards Technology (NIST) 800-37 Risk Management Framework and 800-53 Security controls.
5 Required Supporting various compliance audits including, PCI, SOC, HIPAA and ISO.
5 Required Data Privacy experience
4 Required Proven ability to work successfully with technical and non-technical groups, and manage multiple responsibilities
4 Required Communication, analytical and interpersonal skills at all levels
4 Required Ability to work on multiple projects or project assignments
4 Required Experience in information technology, security risk and compliance management, assessment, auditing, research and/or consulting.
3 Preferred Experience facilitating productive meetings to formulate business requirements and communicate stakeholder needs to technical staff
3 Preferred Experience using or implementing an eGRC platform (e.g. RSA Archer) is desirable.
The IT Security Analyst will report to the Information Security Risk Manager.
The IT Security Analyst will be a part of the team responsible for elicitation, analysis and documentation of systems and state operations and coordination and facilitation of meetings with Medicaid/CHIP Services (MCS) and IT stakeholders. The team will evaluate over 50 systems to complete the Information Security Program Plan, Information System Security Plans and associated Security Assessments. The Worker will coordinate with IT and business areas to identify risks, confirm controls, and make recommendations for improvement. The Worker will be responsible for identifying system interdependencies and confirming classification of data in a HIPAA environment.
This job role will aide in analysis and documentation of systems necessary to complete the Information Security Program Plan and to conduct security assessments.
The IT Security Analyst’s responsibilities include:
Working with subject matter experts across the MCS system to collect and update business and system data.
Gathering information on HHS data source systems which interface to MCS systems.
Completing Security Assessments using HHS defined security tools to identify risks and confirm current controls.