IT Security Analyst 3 - GRC Analyst

Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.Relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected.• Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinate and execute IT security related projects for the agency. Coordinate response to information security incidents. Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with State IT Security policies, standards, and guidelines.• Conduct campus-wide data classification assessment and security audits and manage remediation plans. Collaborate with IT management, Internal Audit, and SOM to manage security vulnerabilities. Create, manage and maintain user security awareness. Conduct security research and keeps abreast of latest security issues.Support the enterprise Governance Risk & Compliance platform in various capacities, including but not limited to:• \tRemove/modify/Create a System Security Plan• \tRemove/modify/Create a Risk Assessment• \tRemove/modify/Create a Plan of Action and Milestone• \tAdd/remove/modify Users, Security Roles, Groups and process MiID Requests/Access• \tBulk Operations function (e.g. Assign Controls in Risk Assessment)• \tOrganize and schedule training sessions (Overview Training, New Advance User Training, Working Sessions)• \tUpdate and track feedback through Governance Risk & Compliance platform Service Requests & Feedback Form (Lockpath KeyLight)• \tManage Governance Risk & Compliance platform Mailbox (Lockpath KeyLight)• \tTroubleshoot and Triage User Issues via email, telephone, Skype and Governance Risk & Compliance Tickets (Lockpath KeyLight)• \tExecutive Report Generation• \tCreate Reports as requested by users and leadership team• \tCreate documentation for subsequent Governance Risk & Compliance Phases (Lockpath KeyLight)• \tAssist Lead Administrator/Designer in tasks or assignments as requested/neededRequired/Desired SkillsSkillRequired /DesiredAmountof ExperiencePractical experience in Cyber Security and/or Infrastructure Required1YearsPractical experience in facilitating training sessions Required1YearsPractical experience in project and technology documentation Required1YearsPractical experience in developing executive level presentation materials Required1YearsWorking knowledge of the Lockpath KeyLight GRC platform (or similar) Required1YearsPractical experience as a Project Coordinator or Project Assistant Required2YearsGeneral knowledge of the NIST Cyber Security Framework Required1YearsExperience working in a large and complex Information Technology environment Required2YearsSolid written and verbal communication skills Required2YearsQuestions