Information Security Analyst II

Montpelier, VT, US

Apply now Apply later

Overview

Under the direction of management, the incumbent will assist in building and implementing programs, policies, and practices to ensure that the State of Vermont (SoV) complies with industry and government regulatory compliance. You will work closely with internal business units, IT divisions, and other relevant departments to increase security awareness, assess compliance, and where necessary, provide support in remediating non-compliant issues. The Information Security Compliance Analyst takes a role in ensuring the security of all protected information collected, used, maintained, or released by the SoV.

 

Typical Duties and Responsibilities 

  • Participate in the drafting, updating, reviewing, and publication of security policies and other security materials.
  • Assists in the implementation of policies and procedures to adequately address and control the risk management of SoV assets
  • Supports continuous improvement by developing, operationalizing, and maintaining security compliance metrics and documentation. Also provides support for security compliance requests and incidents. 
  • Evaluates security requirements in context with other business requirements and recommends measures to manage risk and adequately secure information systems. 
  • Assist with the coordination of Federal and State-level Audit and Security Compliance Reviews.
  • Manage the accountability and responses from audit finding owners to provided needed details in a timely manner for submission of Federal remediation reports. 
  • Support the work as needed for the collection of responses and related artifacts for the reporting of security documentation to federal partners. 
  • Performs Information Security third party due diligence and ongoing assessments of vendors to assess risk.
  • Conducts reviews and risk assessments to identify weaknesses or security exposures, assess impact, and recommend solutions to mitigate risks and exposures. 
  • Assist with annual compliance requirements to include MARS-E, IRS Pub 1075, HIPAA. 
  • Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.

 

A potential candidate will be a person that is self-motivated, and a super-collaborator with technical and non-technical staff, and has superior attention to detail. There will be a level of freedom to complete the assigned tasks, but also to provide recommendations and feedback on how processes/systems can work better and more securely. The work associated with this position is driven by hard deadlines, so a potential candidate should have excellent time management skills and should be able to independently triage their workload. 

 

All candidates are required to pass a fingerprint-supported background check.

Who May Apply

This position, Information Security Analyst II (Job Requisition #51614), is open to all State employees and external applicants.


If you would like more information about this position, please contact Emily.Wivell@vermont.gov.

Resumes will not be accepted via e-mail. You must apply online to be considered.


Please note that multiple positions in the same work location may be filled from this job posting.

Environmental Factors

Work is performed in a standard office setting, but some travel may be required for which private means of transportation should be available. Work outside of regular business hours is expected.

Minimum Qualifications

Bachelor's degree in computer science, programming, or engineering AND two (2) years or more of experience in the field of information technology.

 

OR

 

Six (6) years or more of experience in the field of information technology INCLUDING (2) years where the primary role was in information security.

 

OR

 

Four (4) years or more of experience in the field of information technology where the primary role was in information security AND possession of one (1) or more of the following certifications; Certified Information Systems Security Professional (CISSP) OR Global Information Assurance Certification (GIAC).

Preferred Qualifications

Certification in:

CompTIA Network+

CompTIA Security+

International Information Systems Security Certification Consortium (ISC)

Systems Security Certified Practitioner (SSCP)

Global Information Assurance Certification (GIAC) Information Security Certification

(ISC) Certified Information Systems Security Professional (CISSP)

Total Compensation

As a State employee you are offered a great career opportunity, but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits that are worth about 30% of your total compensation, including:

  • 80% State paid medical premium and a dental plan at no cost for employees and their families
  • Work/Life balance: 11 paid holidays each year and a generous leave plan
  • State Paid Family and Medical Leave Insurance (FMLI)
  • Two ways to save for your retirement: A State defined benefit pension plan and a deferred compensation 457(b) plan
  • Tuition Reimbursement
  • Flexible spending healthcare and childcare reimbursement accounts
  • Low cost group life insurance
  • Incentive-based Wellness Program
  • Qualified Employer for Public Service Student Loan Forgiveness Program

Want the specifics? Explore the Benefits of State Employment on our website.

Equal Opportunity Employer

The State of Vermont celebrates diversity, and is committed to providing an environment of mutual respect and meaningful inclusion that represents a variety of backgrounds, perspectives, and skills. The State does not discriminate in employment on the basis of race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, membership in an employee organization, family medical history or genetic information, or family or parental status. The State’s employment decisions are merit-based. Retaliatory adverse employment actions by the State are forbidden.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0
Category: Analyst Jobs

Tags: CISSP Compliance CompTIA Computer Science GIAC HIPAA Risk assessment Risk management SSCP

Perks/benefits: Flex hours Health care Insurance Medical leave Parental leave Wellness

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.