Job Seekers, Please send resumes to firstname.lastname@example.orgShort Description:
Advanced knowledge of security standards and experience performing security audits. Experience in Governance Risk and Compliance (GRC).
Years of Experience:
10 or more years with IT security and audit experience with extensive knowledge of national/international security standards including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH and other regulatory requirements .
- Advanced knowledge of security standards and progressive experience performing security audits.
- Assist the Risk and Compliance Director with risk assessment process re-engineering within the LockPath GRC tool
- Assist in establishing efficient processes for Risk Assessment processes within the GRC tool as part of LockPath Reengineering Project(s).
- Perform gap analysis of security requirements implemented within the LockPath GRC tool and risk assessment process according to security statute, regulation, standards and SOM policies
- Cross-map HIPAA, IRS, CMS, PCI and CJIS security requirements to NIST and State of Michigan Baseline controls
- Document LockPath process design including business and security requirements
- Identify and design reports within the LockPath GRC tool and assist the Risk and Compliance Director to establish monitoring program
- Assist with establishing Cyber Security Framework for the State of Michigan.
- Other cyber security related tasks as assigned
- Assist with MICWRAP Risk Assessment volume of work for agencies.
Required / Desired
Information Technology Experience
IT Security and/or Audit Experience
PCI, NIST, FISMA, HIPPA, CJIS, or related experience
Experience working in large, complex business and/or IT environments
Bachelors or Masters Degree in Computer Science, MIS, Business, Accounting, or Engineering (or related)
Technical skills: knowledge and experience in IT security statutes, regulations, and standards, experience in GRC tool(s).