Information Security Analyst / GRC Analyst

Hybrid in Phoenix, AZ, US • Posted 1 day ago • Updated 1 day ago

Contract W2

No Travel Required

Hybrid

Depends on Experience

Abacus Service Corporation

Fitment

Dice Job Match Score™

🧠 Analyzing your skills...

Job Details

Skills

RMF
NIST

Summary

Job Duties:
• Perform risk assessments, audit reviews, generate findings reports, and make appropriate recommendations for improvement and track outcomes from those activities for DES reporting requirements. Develop and formulate comprehensive reports detailing the findings, areas of non-compliance, required POA&Ms (Plan of Action and Milestones), environmental observations, and incident reports.
• Review, update, and manage security related audit plans, security plans and risk plan documentation for accuracy and consistency, proactively solves problems.
• Evaluate data and formulate comprehensive reports detailing the findings, areas of non-compliance, required action plans, and environmental observations. Generates incident reports and investigates suspicious network activity.
• Preparing audit documentation that supports audit results, drafting and editing audit findings to adhere to the standards and the agency''s writing style.
• Research agency and industry IT security practices standards, best practices, laws and regulations, and other applicable resources, ensures compliance with standards

Knowledge, Skills & Abilities (Not incompassing)
• Knowledge of security principles, policies, and procedures, and be able to develop effective security policies.
• Knowledge of Information Security Risk Management.
• Knowledge of laws, regulations, policies, principles, and ethics as they relate to cybersecurity and privacy. (Required: NIST 800-53 R5, IRS Pub1075, IPAA/HITRUST, CJIS and MARS-E)
• Expert knowledge of internal auditing, internal controls, and risk management practices and methods.
• Knowledge of Selection/Approval, Implementation, and Assessment/Audit of Security and Privacy Controls.
• Knowledge of Risk Management Framework (RMF) requirements.
• Knowledge of Authorization/Approval of Information Systems.
•Knowledge in conducting audits or reviews of technical systems.
•Knowledge in comprehensive understanding of internal control environments within the IT function.
•Knowledge in multiple technology domains including aspects of Windows, Unix and/or database administration, software development and networking.
•Knowledge in identifying cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
• Ability to produce high quality work products for both the IT groups and Senior Management.
• Ability to perform excellent interpersonal, written and oral communication skills.
• Ability to assess, manage, and improve security policies and procedures.
• Ability to work collaboratively in teams and across organizations.
• Ability to synthesize feedback and adjust plans accordingly, build strong relationships inside and outside the organization and manage large teams.
• Ability to ensure security practices are followed throughout all phases of the life cycle of every aspect of business and IT processes.
• Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
• Ability to exercise judgment when policies are not well-defined.
• Ability to ensure information security management processes are integrated with strategic and operational planning processes.
• Ability to ensure that senior officials within the organization provide information security for the information and systems that support the operations and assets under their control.
• Ability to understand technology, management, and leadership issues related to organization processes and problem solving.
• Ability to understand the basic concepts and issues related to cyber and its organizational impact.Develop plans and materials to support user adoption, training, and customer service.
• Ability to work collaboratively in teams and across organizations.
•Develop plans and materials to support user adoption, training, and customer service.
•Work directly with users from other divisions, programs, and service units to provide insight and guidance.
•Identify risks and suggest improvements to information systems and processes.
•Support technical project managers to fulfill information analysis requirements with the highest degree of accuracy and quality.
•Develop and maintain key project artifacts.

Required Skills
NIST 800-53R5 (Must have)
Risk Management Framework (RMF)
Windows/Unix experience

Preferred Skills
Project Management experience
CISSP, CCSP, GSTRT, GSNA, or CAP certification

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10122208
Position Id: 10482
Posted 1 day ago

Company Info

About Abacus Service Corporation

Abacus Service Corporation is a full service employment solutions firm designed around the ability to provide agile contingent workforce solutions.

Formed in 2004 by industry veterans, Abacus Service Corporation implemented guiding principles with best in industry processes and innovative technologies, to form an influential force in employment solutions. Abacus Service Corporation was founded in Farmington Hills, Michigan and has grown to become a nationwide presence with offices in 18 locations and two international offices. Through our locations, Abacus has been able to offer our clients cost effective and quality employment solutions regardless of the geographic coverage based on our successful strategies. Abacus is a privately held company with employees in 27 US states and four Canadian Provinces. Abacus is MBE and WBE certified nationally and upholds our commitment to diversity by adhering to a philosophy of recruiting employees from diverse backgrounds. Our extensive experience, passion to deliver the best in class solutions, and dedication to customer service has allowed Abacus to become the workforce ally of our clientele.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

IT Support Technician

Remote or Hybrid in Austin, Texas

•

Yesterday

Position:- Support Technician 3 Location:- Austin TX Contract: 8 Months contract Client:State of Texas Rate:-$58/hr The Support System Administrator will be responsible for supporting the migration and modernization of EOL systems, including legacy systems running older versions of Windows and Red Hat Enterprise Linux . The role will focus on upgrading these systems to supported OS versions (e.g., Windows Server 2016/2019/2022, RHEL 5/6/7/8/9) to ensure improved security, performance, and oper

Easy Apply

Contract, Third Party

50 - 58

Search all similar jobs