Harris County

(5)-Five years of work experience in an Information Security, Information Technology, Computer Science, IT Risk Management or related field.. Experience designing, implementing, and executing IT Risk Management projects, cloud solutions, cybersecurity governance, and technologies across complex, large-scale environments.. Comptia Security+, Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) is preferred.. Experience with Governance, Risk & Compliance (GRC) tools. Knowledge in 3rd party risk management, cloud security, network security, database security, application security, infrastructure and system hardening, technical security controls implementation and ability to judge effectiveness of security control implementation against cyber threats and risk scenarios.

information security analyst

Position Overview:
Under minimal direction the Information Security Analyst will help to ensure cybersecurity risks and threats are proactively identified and addressed to maintain the protection of Harris County's information systems, critical assets, and network security infrastructure.
Job Duties and Responsibilities:
Conducts information security risk assessments and facilitates review of cloud and hybrid cloud, and on premise IT solutions and infrastructure. Performs third-party vendor security risk assessments, as required to support governance efforts. Serves as a subject matter expert and/or provides direction on processes, projects, and issues pertaining to Cloud Security with emphasis on Microsoft Azure. Stays up to date on the latest cybersecurity threats and vulnerabilities, and provides recommendations for addressing them, with a focus on Microsoft Azure cloud security. Utilizes security controls to improve security posture, and research emerging threats relevant to cloud and hybrid cloud operations. Assesses and prioritizes information security risk, facilitates compliance with regulatory requirements and information security policies and procedures. Oversee assigned project activities daily to ensure on-time completion of planned tasks. Supports development of remediation plans and proactively track progress of remediation efforts to ensure open issues/risks are addressed and assist in presenting cybersecurity risks and gaps to stakeholders as appropriate. Responsible for design input, implementation, and maintenance of multiple enterprise-wide security solutions to address Cybersecurity needs as they are identified and prioritized. Works on projects or issues of high complexity as a subject matter expert that require in-depth knowledge across multiple technical areas and business segments. Communicate security vulnerabilities and risks to key stakeholders and consults on remediation efforts. Develops documents to support the overall delivery of Cybersecurity Operations objectives. This includes but is not limited to communications, job aids, educational/training materials, architecture diagrams, technical reference guides, procedures, strategy/technology roadmaps, Request for Proposal/Offers (RFP/RFO's), Statement of Work (SOW), metrics/measures packages, reports, project plans, and executive presentations with little guidance, as needed. Coaches and mentors more junior level technical staff. Participates on Cybersecurity incident response team (CIRT) investigation and response activities as required. Other duties as assigned. Harris County is an Equal Opportunity Employer
https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx
If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net .
This position is subject to a criminal history check. Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.
Education:
High School diploma, or G.E.D. equivalency from an accredited educational institution. Experience:
(5)-Five years of work experience in an Information Security, Information Technology, Computer Science, IT Risk Management or related field. Knowledge, Skills, and Abilities (KSAs):
Experience designing, implementing, and executing IT Risk Management projects, cloud solutions, cybersecurity governance, and technologies across complex, large-scale environments. Ability to build and maintain strong relationships across departments/teams and effectively communicate information security risks and controls to stakeholders and leadership. A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment. Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to Criminal Justice Information Services (CJIS) or access to an area where CJIS is received, maintained, or stored either manually or electronically (i.e., custodian, maintenance). Automatic Disqualification:
Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor
Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years
Open arrest for any criminal offense (Felony or Misdemeanor)
Family Violence conviction NOTE : Qualifying education, experience, knowledge, and skills must be documented on your job application. You may attach a resume to the application as supporting documentation but ONLY information stated on the application will be used for consideration. "See Resume" will not be accepted for qualifications.
Education:
Bachelor's degree in Computer Science, Information Security, Information Technology, Risk Management, or similar area of study from an accredited college or university Certifications:
Comptia Security+, Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) is preferred. Experience:
Experience working with Azure cloud platforms, MS Defender and automating cloud-based Compliance and Security. Experience in design, implementation and operational support of cybersecurity governance solutions, tools, technologies, and processes Experience consulting with business and technology partners on security requirements and best practices Experience with Governance, Risk & Compliance (GRC) tools Experience with MS Office 365 (Word, Excel, PowerPoint, Outlook), SharePoint and PowerBI reporting. Knowledge, Skills, and Abilities (KSAs):
Knowledge in 3rd party risk management, cloud security, network security, database security, application security, infrastructure and system hardening, technical security controls implementation and ability to judge effectiveness of security control implementation against cyber threats and risk scenarios. A broad understanding of cybersecurity concepts across multiple domains, applicable security models (e.g., NIST and CIS Critical Security Controls) and regulations (e.g., CJIS, PCI, HIPAA, and Privacy Act). Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel. Ability to confront challenges in a constructive fashion and influence others through consensus building techniques. Be able to weigh business needs against security concerns and articulate issues to management and stakeholders. Exceptional leadership, verbal and written communication, and project management skills. Position Type and Typical Hours of Work:
40 hours per week Monday - Friday. Weekend and 24 on-call infrequently as needed. Salary:
Commensurate with experience Based on 26 pay periods. Location:
406 Caroline St. Houston, TX 77002 Employment may be contingent on passing a drug screen and meeting other standards. Due to a high volume of applications positions may close prior to the advertised closing date or at the discretion of the Hiring Department. #J-18808-Ljbffr

START NEW SEARCH