Information Security Analyst Job at Harris County, Houston, TX

aGtLQVVYRUZHb21GTmJnVEpJTFpCdz09

Job Description

Position Description

Position Overview:
Under minimal direction, the Information Security Analyst - Governance, Risk & Compliance (GRC) performs all procedures necessary to ensure the security of information and information systems, and to protect systems from intentional or inadvertent access or destruction.

Job Duties and Responsibilities:
  • Reviews and applies security controls to Microsoft Azure, cloud-based applications, systems, and technologies.
  • Develops, manages, and coordinates security risk assessments for third-party vendors, Harris County internally developed / managed applications and systems to ensure Confidentiality, Integrity, and Availability (CIA triad).
  • Plans, research, and designs cybersecurity architecture for the county’s Infrastructure (on prem, cloud) projects.
  • Identifies security design gaps in existing /proposed architectures and recommend changes/enhancements.
  • Leads the evaluation, design, and implementation of new security solutions and technologies.
  • Responsible for the creation and implementation of IT Security Policies, Standards, Procedures, Guidelines, and the on-going management of IT Security Policy Development and Exception Management Processes.
  • Develops policy drafts, procedures, educational materials, strategy/technology roadmaps, metrics/measures packages, Request for Proposal/Offers (RFP/RFO’s), project plans, communications and executive presentations with little guidance, as needed to support the overall delivery of Information Security objectives.
  • Designs and implements tools and processes to proactively monitor and govern the effectiveness of Information security controls and services.
  • Develops and maintains metrics, executive dashboards and/or regular reports to communicate IT security risks.
  • Assists in presenting cybersecurity risks and gaps to stakeholders as appropriate.
  • Helps establish remediation plans and proactively track progress of remediation efforts to ensure open issues/risks are addressed as agreed.
  • Will actively participate in the on-going review and management of the Harris County Cyber Security Framework and Cybersecurity Policies to ensure alignment with governance objectives.
  • Must be able to weigh business needs against security concerns and articulate issues to management.
  • Conducts accurate evaluation of the level of security required and will assist in the evaluation and implementation of other new security solutions and technologies as needed.
  • Works on multiple projects as a project leader or as the subject matter expert. Works on projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.
  • Coaches and mentors more junior level managerial and technical staff.
  • Conducts communications and Cybersecurity training sessions as required to support the success of the program.
  • Other duties as assigned.

Harris County is an Equal Opportunity Employer
https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx
If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net.

This position is subject to a criminal history check. Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.

Requirements

Education:
  • High School diploma, or G.E.D. equivalency from an accredited educational institution.
Experience:
  • 5 years of work experience in Information Security, or IT Risk Management.
Knowledge, Skills, and Abilities (KSAs):
  • Experience designing, implementing, and executing IT Risk Management projects, information security governance, tools, and technologies across complex, large-scale environments,
  • Experience writing IT risk assessments and controls, and developing Information Security policies, procedures including Exception Management Processes
  • Experience with Microsoft Azure security and compliance controls, cloud security governance and compliance
  • Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership

Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to Criminal Justice Information Services (CJIS) or access to an area where CJIS is received, maintained or stored either manually or electronically (i.e. custodian, maintenance).

Automatic Disqualification:
  • Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor
  • Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years
  • Open arrest for any criminal offense (Felony or Misdemeanor)
  • Family Violence conviction

NOTE : Qualifying education, experience, knowledge and skills must be documented on your job application. You may attach a resume to the application as supporting documentation but ONLY information stated on the application will be used for consideration. "See Resume" will not be accepted for qualifications.

Preferences

Education:
  • Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) or CompTIA Security+ Certification is preferred.
Experience:
  • Experience in design, implementation and operational support of cybersecurity governance solutions, tools, technologies, and processes
  • Experience consulting with business and technology partners on general security requirements, network controls and best practices
  • Experience with Governance, Risk & Compliance (GRC) tools
  • Experience with MS Office 365 (Word, Excel, PowerPoint, Outlook), Teams, SharePoint, QuickBase, and PowerBI.
Knowledge, Skills, and Abilities (KSAs):
  • Ability to confront challenges in a constructive fashion and influence others through consensus building techniques
  • Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel
  • Strong technical writing, research, analysis, and analytical/problem solving skills
  • A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment
  • Strong knowledge and experience in securing networks, firewalls, and infrastructure in a complex environment
  • A broad understanding of cybersecurity concepts across all domains, applicable security models (e.g., NIST Cybersecurity Framework (CSF), CIS Critical Security Controls), ISO 2700X, and regulations (e.g., CJIS, PCI, HIPAA, and Privacy Act)
  • Exceptional leadership, verbal and written communication, and project management skills.

General Information

Position Type and Typical Hours of Work:
  • 40 hours per week / Monday - Friday
  • Weekends and 24 on-call infrequently, as needed.
Salary:
  • Commensurate with experience.
  • Based on 26 pay periods
Location:
  • 406 Caroline St., Houston, TX 77002

Employment may be contingent on passing a drug screen and meeting other standards.

Due to a high volume of applications positions may close prior to the advertised closing date or at the discretion of the Hiring Department.


BENEFITS
Harris County offers a competitive benefits program, including comprehensive group health and related benefits plan as well as defined benefit retirement plan.
The following list of benefits is offered only to employees in regular (full-time) positions:
  • Medical
  • Dental
  • Vision
  • Wellness
  • Life Insurance
  • Long-term disability
  • Employee Assistance Program
  • 10 days of vacation each year for the first five (5) years of service. Accrual rates increase based on years of service.
  • 10 county holidays plus one (1) floating holiday
  • Professional development opportunities
  • Dependent Care Reimbursement Plan
  • Healthcare Reimbursement Account
  • 457 Deferred Compensation Plan
The following benefits are also available to regular (full-time) employment and may be available to part-time employees:
  • Retirement pension (TCDRS)
    • Flexible schedules (varies by department)
      • Transportation Assistance (Metro RideSponsor Program)

In accordance with the Harris County Personnel Regulations, Group Health and related benefits are subject to amendment or discontinuance at any time. Commissioners Court reserves the right to make benefit modifications on the County's behalf as needed.
For plan details, visit the Harris County benefits website:
https://hrrm.harriscountytx.gov/Pages/Medical.aspx

Similar Jobs