Description

You will conduct in-depth risk assessments to identify and evaluate threats to information assets and business processes.

Responsibilities

• Conduct comprehensive information security risk assessments across various agencies to identify and measure risks in systems, applications, networks, and workflows.
• Document vulnerabilities, including potential impact and likelihood of exploitation, in detailed reports to guide management actions.
• Evaluate current security measures against regulatory expectations and collaborate with stakeholders to develop mitigation plans.
• Provide consultative advice for risk response plans and recommend improvements to policies, processes, and standards.
• Manage relationships with business partners and lead discussions regarding security risks and mitigation strategies.

Required Skills

• 5+ years of demonstrated experience in risk management and documenting assessment findings.
• Expertise in information security principles, concepts, and risk assessment processes for IT systems.
• Knowledge of security frameworks including NIST Cybersecurity Framework and CIS Controls.
• Familiarity with industry compliance standards such as HIPAA, IRS Pub1075, CMS, PCI, CJIS, and Social Security Administration.
• Ability to analyze technical vulnerabilities and assess their impact on security.
• Strong project management skills to set priorities and meet deadlines.
• Proficiency in stakeholder engagement and professional communication.
• Ability to develop plans, policies, and procedures that meet regulatory compliance requirements.

Key Skills

Education

Any Gradute