Job ID: TX-5370ITC681 (912690603)
Security Analyst (CISSP/CISM/CISA/PMP) with service/risk/incident management, policy/compliance and networking experience
Location: Austin TX (HHSC)
Duration: 4 months (with possibility of extension)
Minimum Requirements:
YearsRequired/PreferredExperience
6RequiredEstablishing and implementing/executing information security protocols and adhering to policies procedures and guidelines as directed by Information Security executive management.
5RequiredService management and/or risk management; policy and compliance; procedures and standards; best practices; training, and incident management.
5RequiredProgressive experience in information technology which includes direct responsibility for service delivery; systems or network configuration.
5RequiredProgressive experience administering secure network infrastructure and associated systems: Experience in information security either on IT Projects or as staff for a state agency or private sector employer.
4PreferredBachelor’s Degree from an accredited four-year college/university in Computer Science, Computer Engineering, Management of Information Systems, Communications, or a related field.
3PreferredCertified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Project Management Professional (PMP).
The Security Analyst (SA) is responsible for ensuring the technology resources associated with the project adhere to agency standards. The SA works under general supervision, with moderate latitude for the use of initiative and independent judgment, yet follows all policies and procedures required by the office of the HHS IT Chief Information Security Officer (CISO).
Confers with IT management, program, vendor, and office of the HHS IT CISO to discuss issues such as computer data access needs, security and programming changes.
Implements new technology solutions to secure agency information security assets and/or confidential data as directed by CISO.
Ensures timely and appropriate reports are provided to the Project Manager as input to project status reports.
Provides technical and non-technical audits, risk analyses, and documents compliance and/or noncompliance based on findings.
Updates the Security Plan for the new infrastructure for NEDSS in the state data center.
Remediate the risks identified in the Annual Risk Assessment for NEDSS completed on December 9, 2019.
Writes reports for CISO and other IT related needs as required by Law, Rule, or Direction. This includes effectively collaborating with and communicating with stakeholders.