Information Security Risk Analyst

Air InfoSec•Austin, TX

2d•Onsite

About The Position

The Information Security Risk Analyst will support the Texas Department of Transportation (TxDOT) on the Information Security Risk Management team. This role is responsible for planning, implementing, and monitoring security measures for information systems and infrastructures using established federal and state security frameworks. The analyst will perform contract reviews, software and hardware evaluations, and security and risk assessments while collaborating with agency personnel and outside vendors. This position operates under minimal supervision with extensive latitude for the use of initiative and independent judgment.

Requirements

8 years of knowledge of common information security management frameworks, including the NIST Risk Management Framework, NIST Cybersecurity Framework, Payment Card Industry Data Security Standards (PCI -DSS), and Texas Information Security Standards.
8 years of experience working in a federal or state environment.
8 years of experience performing security assessments, risk assessments, and reviews of account permissions, computer data access needs, security violations, and programming changes.
8 years of experience supporting the implementation of computer system security plans with agency personnel and outside vendors.
8 years of experience developing plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
8 years of experience monitoring and maintaining systems and procedures to protect data systems and databases from unauthorized access.
8 years of experience researching systems and procedures for the prevention, detection, containment, and correction of data security breaches.
8 years of experience assisting in designing and deploying security applications and infrastructure program activities.
Candidates must already reside in Texas and be local to the Austin area (within a 50 -mile radius).
Out -of -state candidates or those planning to relocate will not be considered.
Criminal background check and a drug screen in accordance with federal and state law.

Responsibilities

Plan, implement, and monitor security measures using the NIST Risk Management Framework and Texas security frameworks for information systems and infrastructures.
Conduct security assessments and risk assessments, including reviews of account permissions, computer data access needs, security violations, and programming changes.
Support the implementation of computer system security plans in coordination with agency personnel and outside vendors.
Perform contract reviews and software and hardware evaluations in support of risk management efforts.
Develop plans to safeguard computer configuration and data files against accidental or unauthorized modification, destruction, or disclosure.
Develop and maintain emergency data processing plans to meet agency continuity requirements.
Monitor and maintain systems and procedures to protect data systems and databases from unauthorized access.
Research systems and procedures for the prevention, detection, containment, and correction of data security breaches.
Assist in designing and deploying security applications and infrastructure program activities.
Work with data custodians to identify and resolve remediation plans resulting from security findings.