Cybersecurity Analyst
Share
Job Location:
Houston, MS - USA
Monthly Salary:
Not Disclosed
Posted on:
2 hours ago
Vacancies:
1 Vacancy
Job Summary
Title: Infosec Analyst
Start: ASAP
CJIS required: YES
Job Description
Client is seeking a Cybersecurity Analyst - Governance Risk & Compliance (GRC) to join our team. Now is a great time to join Universal Services as we enhance critical services to County residents and internal customers!
Key Responsibilities:
Governance
Assist in the development maintenance and enforcement of security policies standards and procedures.
Participate in the creation and management of the organizations information security governance framework.
Monitor the effectiveness of cybersecurity controls and propose improvements.
Risk Management
Conduct risk assessments for systems vendors and processes to identify vulnerabilities and areas of non-compliance.
Maintain a risk register and track remediation efforts for identified risks.
Support business units in developing risk mitigation strategies and action plans.
Compliance
Ensure compliance with industry standards regulatory requirements and frameworks (e.g. NIST CSF ISO 27001 HIPAA PCI-DSS CJIS GDPR).
Assist with internal and external audits including evidence collection and audit readiness.
Develop and maintain metrics and dashboards to report on compliance status and risk posture to stakeholders.
Third-Party Risk
Conduct due diligence and security assessments for third-party vendors and service providers.
Maintain documentation and track remediation efforts related to vendor risk management.
Training & Awareness
Contribute to the development of security awareness training materials.
Promote cybersecurity awareness across the organization to foster a culture of security. Continuous Improvement
Monitor emerging cybersecurity threats trends and regulatory changes.
Recommend and implement improvements to the GRC program in alignment with industry best practices.
Qualifications :
Requirements
Education: A High School Diploma or GED accompanied by a recognized cybersecurity certification (e.g. Security SSCP or equivalent) or a Bachelors degree in a related field such as Cybersecurity Information Technology or Information Systems.
Experience: 25 years of experience in Governance Risk and Compliance (GRC) cybersecurity IT audit or risk management.
Hands-on experience with GRC tools (e.g. Archer ServiceNow GRC MetricStream).
Familiarity with security and privacy regulations and frameworks (e.g. NIST ISO GDPR HIPAA SOC 2). Skills and Competencies
Strong analytical organizational and problem-solving skills.
Ability to communicate effectively with technical and non-technical audiences.
Knowledge of cybersecurity principles risk management practices and regulatory environments.
Proficient in Microsoft Office 365 including Excel PowerPoint and SharePoint.
Ability to work independently and collaboratively in a fast-paced environment.
Preferences
Industry certifications such as CISSP CISA CRISC Security or ISO 27001 Lead Implementer/Auditor are highly desirable.
Demonstrated passion for cybersecurity risk reduction and continuous professional development.
Strong attention to detail with an emphasis on accuracy and quality.
Excellent communication and interpersonal skills with a collaborative team-oriented approach.
Additional Information :
All your information will be kept confidential according to EEO guidelines.
Remote Work :
No
Employment Type :
Contract
