Security Analyst (GRC Analyst) (On-site from Day One)Join Our TeamDo you want to make an impact on the world around you? The work we do at Kyra Solutions directly impacts government entities and the citizens they serve. In Transportation, our solutions are designed to save lives on the roadways and in our Regulatory practice, we are designing solutions to make government digital for your accessibility. Kyra works hard to offer long-term growth potential, competitive wages, and continuous professional development for our employees. If you are interested in furthering your career with Kyra and help us improve the way governments serve their citizens, please send your resume, and make sure to include salary expectation, availability, and contact information. You do not want to miss this opportunity!
Required Skills and Experience7-10 years of IT Audit experience. (CISA certified preferred)3 years of IT Risk Management lifecycle experience.3 years of hands-on technical experience (e.g. developer, system administrator)Experience working with NIST 800-30 Risk Assessment Standard.Extensive experience with IT General Controls evaluation and design.Advanced skill level in business process mapping and documentation as well as policy and procedure development.Recent experience in Information Security with up-to-date knowledge of the current threat landscape.Solid understanding of PCI DSS standards.Primary ResponsibilitiesPerform PCI, SOC2, ISO, and applicable Client cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Client security policies.Plan and perform IT security controls effectiveness. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies.Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.Manage IT security vulnerabilities management program aligned with PCI and NIST standards.Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important.For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.Coordinating, tracking, and verifying remediation of audit findings.Documenting the results and developing a plan of action and milestones for mitigating any identified risk.Produce formal audit reports based on ISACA Audit Standards.Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.EducationBachelor's Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.CertificationCISA and CISSP certifications (preferred).Why Kyra?Founded in 1997, Kyra Solutions is a national leader of transportation technology and regulatory solutions in government. We specialize in the art and science of digital transformation in government. Our commitment to providing the highest level of service and tailored solutions has supported our consistent double-digit growth for over a decade. We are headquartered in the greater Tampa Bay area with other offices across Florida and an innovation center in Silicon Valley, CA. Because of our dedication to our employees, we have won one of the Best Companies to Work for in Florida 2 years in a row by Florida Trend magazine. Kyra has won other numerous awards including the coveted INC magazine's one of America's Fastest Growing Companies several years in a row. Kyra's commitment to our employees, to best practices in project management and business analysis, and to solution development has led to our achievement in becoming the first Project Management Institute certified company in Florida. Our proven successful track record has resulted in several prestigious awards including the State of Florida's Diversity Business of the Year Award. We are proud to be a sponsor for the TaxWatch Productivity Awards and partner to Florida TaxWatch.
Background & ReferencesVerifiable professional references will be required along with the resume; however, references will be checked/contacted after the interview and before the project starts. Level two background check will be done on the selected candidate for employment, criminal (State & Federal), education, and others as mandated by the client. Please make sure your resume and all other information provided are accurate. Any misrepresentation will mean permanent disqualification by the client. Equal employment opportunity employer.
Think you might be a good fit for this job? Apply online using the form below. We look forward to hearing from you!
#J-18808-Ljbffr