Southwest Research Institute

This IT Security Auditor and Governance Analyst position is a cyber governance role that leverages a multi-disciplinary skillset to pursue creation and maintenance of technologies, frameworks, policies, metrics, agreements and other governance and compliance functions to protect the confidentiality and integrity of the Institute’s systems and data.. Support risk management activities by operating the Institute’s IT risk management process.. Evaluate policy exception requests and make recommendations to the CISO regarding risk reduction and approval.. Requires a Bachelors degree in Cybersecurity, Computer Science, Management Information Systems, Computer Information Systems or related degree field.. 3 years: Experience auditing IT controls environments or conducting compliance assessments (PCI, SOX, RMF, DFARS, NIST).

lead it specialist

Who We Are:This IT Security Auditor and Governance Analyst position is a cyber governance role that leverages a multi-disciplinary skillset to pursue creation and maintenance of technologies, frameworks, policies, metrics, agreements and other governance and compliance functions to protect the confidentiality and integrity of the Institute’s systems and data.Objectives of this Role:<ul><li>Conduct internal compliance assessments against industry frameworks and security policy.</li><li>Manage the IT risk program.</li><li>Assist leadership in authoring and updating policies.</li><li>Exception and policy deviation processing.</li><li>Manage cyber metrics and reporting.</li></ul>Daily and Monthly Responsibilities:<ul><li>Evaluating the Institute’s compliance with cybersecurity internal controls and industry frameworks.</li><li>Support audit functions by interpreting of control requirements and gathering artifacts.</li><li>Author and track Plans of Actions and Milestones to bring security controls into compliance.</li><li>Support risk management activities by operating the Institute’s IT risk management process.</li><li>Assist in developing training, standards, and guidance to support cyber governance processes.</li><li>Evaluate policy exception requests and make recommendations to the CISO regarding risk reduction and approval.</li></ul>Requirements:<ul><li>Requires a Bachelors degree in Cybersecurity, Computer Science, Management Information Systems, Computer Information Systems or related degree field.</li><li>Certified Information Systems Auditor (CISA) strongly desired.</li><li>6 years: Experience understanding and implementing information security standards, E.g., NIST 800-171 or 800-53, CIS Critical Security Controls.</li><li>3 years: Experience auditing IT controls environments or conducting compliance assessments (PCI, SOX, RMF, DFARS, NIST).</li><li>2 years: Exposure to/understanding of the fundamentals of network and systems administration .</li><li>2 years: General IT systems administration, development, or support.</li><li>A valid/clear driver's license is required.</li></ul>

START NEW SEARCH