Sr. IT Security Analyst

Key Responsibilities

• Review Program documentation, policies, plans and procedures and recommend updates based on best practices, State and federal laws and regulations.
• Serve as a consultant for the overall planning and analysis of the security architecture of information systems. Provide technical advice and guidance to business partners, the State's Office of Information Security and Privacy, Deputy CISO, and the CISO as well as to other IT managers and staff to design solutions that meet the State's requirements. Directly participate in information security short and long-term planning processes.
• Evaluate security and privacy needs of all aspects of the Program. Assist with security and privacy review and attestation activities. Identify gaps and shortfalls of plans, practices, and work to mature the overall security and privacy posture of the program.
• Assist in the analysis of security and privacy incident reports to the Program security and privacy team. Provide incident response support as needed.
• As required, represent the Office of Information Security and Privacy at meetings with other governmental or agency officials.
• Review and update security, privacy, and compliance documentation. Respond to and recommend remediations for audit findings.
• Audit, review and recommend actions of requests for access rights to system functionality through the 7078 process.
• Contribute to the alignment of security governance with Enterprise Architecture governance and project and portfolio management (PPM).
• Develop, review, update, and present security and privacy training and tabletop exercise materials and reports.

Required Skills and Qualifications

Skills : IT Security