Harris County (Tx) Houston , TX 77020
Posted 1 week ago
Position Description
Position Overview:
Under minimal direction, the Information Security Analyst
Job Duties and Responsibilities:
Serves as a subject matter expert and/or provides direction on processes, projects, and issues pertaining to Cloud Security with emphasis on Microsoft Azure.
Conducts security risk assessments and facilitates review of cloud and hybrid cloud, and on prem IT solutions and infrastructure.
Utilizes cloud security controls to improve security posture, and research emerging threats relevant to cloud and hybrid cloud operations.
Develops, manages, and coordinates security risk assessments for third-party vendors, Harris County internally developed / managed applications and systems to ensure Confidentiality, Integrity, and Availability (CIA triad).
Assesses and prioritizes information security risk, facilitates compliance with regulatory requirements and information security policies and procedures.
Plans, research, and reviews cybersecurity architecture for the county's Infrastructure (on prem, cloud) projects.
Identifies security design gaps in existing /proposed architectures and recommend changes/enhancements.
Leads the evaluation, design, and implementation of new security solutions and technologies.
Responsible for the creation and implementation of IT Security Policies, Standards, Procedures, Guidelines, and the on-going management of IT Security Policy Development and Exception Management Processes.
Develops policy drafts, procedures, educational materials, strategy/technology roadmaps, metrics/measures packages, Request for Proposal/Offers (RFP/RFO's), project plans, communications, and executive presentations with little guidance, as needed to support the overall delivery of Information Security objectives.
Designs and implements tools and processes to proactively monitor and govern the effectiveness of Information security controls and services.
Develops and maintains metrics, executive dashboards and/or regular reports to communicate IT security risks.
Assists in presenting cybersecurity risks and gaps to stakeholders as appropriate.
Helps establish remediation plans and proactively track progress of remediation efforts to ensure open issues/risks are addressed as agreed.
Will actively participate in the on-going review and management of the Harris County Cyber Security Framework and Cybersecurity Policies to ensure alignment with governance objectives.
Must be able to weigh business needs against security concerns and articulate issues to management.
Conducts accurate evaluation of the level of security required and will assist in the evaluation and implementation of other new security solutions and technologies as needed.
Works on multiple projects as a project leader or as the subject matter expert. Works on projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.
Coaches and mentors more junior level managerial and technical staff.
Conducts communications and Cybersecurity training sessions as required to support the success of the program.
Other duties as assigned.
Harris County is an Equal Opportunity Employer
https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx
If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net.
This position is subject to a criminal history check. Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.
Requirements
Education:
Experience:
Knowledge, Skills, and Abilities (KSAs):
Experience designing, implementing, and executing IT Risk Management projects, information security governance, tools, and technologies across complex, large-scale environments,
Experience writing IT risk assessments and controls, and developing Information Security policies, procedures including Exception Management Processes
Experience with Microsoft Azure security and compliance controls, cloud security governance and compliance
Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership
Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to Criminal Justice Information Services (CJIS) or access to an area where CJIS is received, maintained or stored either manually or electronically (i.e., custodian, maintenance).
Automatic Disqualification:
Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor
Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years
Open arrest for any criminal offense (Felony or Misdemeanor)
Family Violence conviction
NOTE: Qualifying education, experience, knowledge, and skills must be documented on your job application. You may attach a resume to the application as supporting documentation but ONLY information stated on the application will be used for consideration. "See Resume" will not be accepted for qualifications.
Preferences
Education:
Experience:
Experience in design, implementation and operational support of cybersecurity governance solutions, tools, technologies, and processes
Experience consulting with business and technology partners on general security requirements, network controls and best practices
Experience with Governance, Risk & Compliance (GRC) tools
Experience with MS Office 365 (Word, Excel, PowerPoint, Outlook), Teams, SharePoint, QuickBase, and PowerBI.
Knowledge, Skills, and Abilities (KSAs):
Ability to confront challenges in a constructive fashion and influence others through consensus building techniques
Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel
Strong technical writing, research, analysis, and analytical/problem solving skills
A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment
Strong knowledge and experience in securing networks, firewalls, and infrastructure in a complex environment
A broad understanding of cybersecurity concepts across all domains, applicable security models (e.g., NIST Cybersecurity Framework (CSF), CIS Critical Security Controls), ISO 2700X, and regulations (e.g., CJIS, PCI, HIPAA, and Privacy Act)
Exceptional leadership, verbal and written communication, and project management skills.
General Information
Position Type and Typical Hours of Work:
Salary:
Commensurate with experience.
Based on 26 pay periods
Location:
Employment may be contingent on passing a drug screen and meeting other standards.
Due to a high volume of applications positions may close prior to the advertised closing date or at the discretion of the Hiring Department.
BENEFITS
Harris County offers a competitive benefits program, including comprehensive group health and related benefits plan as well as defined benefit retirement plan.
The following list of benefits is offered only to employees in regular (full-time) positions:
Medical Coverage
Dental Coverage
Vision Coverage
Wellness Plan
Life Insurance
Long-term disability
Employee Assistance Program
Ten (10) days of vacation each year for the first five (5) years of service
Accrual rates increase based on years of service
Eleven (11) County-observed holidays and one (1) floating holiday
Professional development opportunities
Dependent Care Reimbursement Plan
Healthcare Reimbursement Account
457 Deferred Compensation Plan
The following benefits are also available to regular (full-time) employment and may be available to part-time employees:
In accordance with the Harris County Personnel Regulations, Group Health and related benefits are subject to amendment or discontinuance at any time. Commissioners Court reserves the right to make benefit modifications on the County's behalf as needed.
For plan details, visit the Harris County benefits website:
https://benefitsathctx.com/
01
Which of the following best describes your highest level of education completed as it relates to this position?
High School or GED diploma
Associate Degree
Bachelor's Degree
Master's Degree or higher
None of the above
02
Do you have any of the following certifications? Select all that apply:
03
Which of the following best describes your verifiable work experience in Information Security, or IT Risk Management? (To be considered, qualifying experience must be documented in your application's employment history)
Less than five (5) years
Five (5) years but less than six (6) years
Six (6) years but less than seven (7) years
Seven (7) years or more
I do not have this experience
04
Please provide details about your verifiable work experience in Information Security, or IT Risk Management. Do not use "Please see Resume" or "See Resume" (To be considered, qualifying experience must be documented in your application's employment history) Please include your (a) role(s), (b) types of organizations, (c) scope of duties and responsibilities If you do not have this experience, please type "None" in the space provided.
05
Do you have experience designing, implementing, and executing IT Risk Management projects, information security governance, tools, and technologies across complex, large-scale environments?
Yes
No
06
Do you have experience writing IT risk assessments and controls, and developing Information Security policies, procedures including Exception Management Processes?
Yes
No
07
Do you have experience with Microsoft Azure security and compliance controls, cloud security governance and compliance?
Yes
No
08
Do you have experience in design, implementation and operational support of cybersecurity governance solutions, tools, technologies, and processes?
Yes
No
09
Do you have experience consulting with business and technology partners on general security requirements, network controls and best practices?
Yes
No
10
Do you have experience with Governance, Risk & Compliance (GRC) tools?
Yes
No
11
Do you have experience with MS Office 365 (Word, Excel, PowerPoint, Outlook), Teams, SharePoint, QuickBase, and PowerBI?
Yes
No
12
Which of the following describes your level of proficiency using a personal computer and common office software such as MS Office Suite (Word, Excel, PowerPoint, and Outlook). Please select your level of proficiency based on the following descriptions: Advanced: A person with this level of skills is able to produce very large, complex formal documents that require a table of contents, footnotes, endnotes, bookmarks, and other special elements; a wide range of graphic effects, and use advanced techniques for analyzing and manipulating data. Has full mastery of Macro commands and skills to tie the objects together into a cohesive system by using Macros and Visual Basic for Applications code. Makes interactive presentations by using hyperlinks and action buttons. Intermediate: A person with this level of skills is able to customize toolbars, import and insert graphs, embed Excel data, and elaborate reports. Understands the concepts of databases and is able to work with charts and to use the list management capabilities of Excel. Able to use complex query techniques, create efficient forms and reports, and create Macros to automate these forms. Makes interactive presentations by using hyperlinks and action buttons. Basic: A person with this level of skills is able to use basic formatting, editing, printing functions, and understands the document page setup. Has the ability to enter and correct data, modify a workbook, format a worksheet, and use printing functions. Understands the different database concepts and structures and is familiar with data validation and is able to create a simple presentation in PowerPoint, run it, and print it. Entry Level: A person with this level of skills has the ability to open, create, save and modify documents in Word, send and receive email in Outlook and create spreadsheets in Excel. Format documents for printing, comfortable using the printer menu to preview documents. Has ability to change the font, the margins, insert or delete pages and use the built-in spellchecker and grammar check.
Advanced
Intermediate
Basic
Entry Level
Not proficient
Required Question
Agency Harris County
Address 1111 Fannin St
Ste. 600
Houston, Texas, 77002
Phone 713-274-5445
Website https://www.governmentjobs.com/careers/harriscountytx
Harris County (Tx)