Southwest Research Institute
IT SPECIALIST - SR. IT SPECIALIST - IT Governance, Risk, and Compliance Analyst
Southwest Research Institute, San Antonio, Texas, United States, 78208
IT SPECIALIST - SR. IT SPECIALIST - IT Governance, Risk, and Compliance Analyst
32-00669 Who We Are:
SwRI’s cybersecurity mission is to secure the enterprise by evaluating, implementing, and operating a full suite of cybersecurity tools, services, and processes. Objectives of this Role:
Compliantly pursue selection, acquisition, and maintenance of technologies Apply cybersecurity frameworks and policies across the Institute and provide opportunities for remediations. Raise awareness of cyber risks to the Institute through the application of the risk assessment process and report to leadership for risk mitigation. Propose, generate, and review security metrics to demonstrate security progress and opportunities for improvement. Assist in contract review and third-party risk. Daily and Monthly Responsibilities:
Evaluating the Institute’s compliance with cybersecurity internal controls and industry frameworks. Authoring and tracking Plans of Actions and Milestones to bring security controls into compliance. Support risk management activities by operating the Institute’s IT risk management process. Assist in developing training, standards, and guidance to support cyber governance processes. Evaluating policy exception requests and make recommendations to the CISO regarding risk reduction and approval. Requirements:
Requires a Bachelors degree in Cybersecurity and Information Assurance. 3 years: Experience auditing IT controls environments or conducting compliance assessments. 3 years: Experience in any of various IT and security functions (E.g., IT audit, cybersecurity, IT administration, programming, contracts management, IT GRC) is desirable. 3 years: Knowledge of information security standards, E.g., NIST 800-171 or 800-53, CIS Critical Security Controls. 3 years: Exposure to/understanding of the fundamentals of network and systems administration (e.g., Windows Server and desktop, Linux, TCP/IP, network subnetting). A valid/clear driver's license is required. Special Requirements:
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen. Job Locations: San Antonio, Texas
For benefits information at our San Antonio location, click here . For benefits information at all other locations, click here . An Equal Employment Opportunity Employer: race, color, religion, sex, national origin, disability, and veteran status.
#J-18808-Ljbffr
32-00669 Who We Are:
SwRI’s cybersecurity mission is to secure the enterprise by evaluating, implementing, and operating a full suite of cybersecurity tools, services, and processes. Objectives of this Role:
Compliantly pursue selection, acquisition, and maintenance of technologies Apply cybersecurity frameworks and policies across the Institute and provide opportunities for remediations. Raise awareness of cyber risks to the Institute through the application of the risk assessment process and report to leadership for risk mitigation. Propose, generate, and review security metrics to demonstrate security progress and opportunities for improvement. Assist in contract review and third-party risk. Daily and Monthly Responsibilities:
Evaluating the Institute’s compliance with cybersecurity internal controls and industry frameworks. Authoring and tracking Plans of Actions and Milestones to bring security controls into compliance. Support risk management activities by operating the Institute’s IT risk management process. Assist in developing training, standards, and guidance to support cyber governance processes. Evaluating policy exception requests and make recommendations to the CISO regarding risk reduction and approval. Requirements:
Requires a Bachelors degree in Cybersecurity and Information Assurance. 3 years: Experience auditing IT controls environments or conducting compliance assessments. 3 years: Experience in any of various IT and security functions (E.g., IT audit, cybersecurity, IT administration, programming, contracts management, IT GRC) is desirable. 3 years: Knowledge of information security standards, E.g., NIST 800-171 or 800-53, CIS Critical Security Controls. 3 years: Exposure to/understanding of the fundamentals of network and systems administration (e.g., Windows Server and desktop, Linux, TCP/IP, network subnetting). A valid/clear driver's license is required. Special Requirements:
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Applicant must be a U.S. citizen. Job Locations: San Antonio, Texas
For benefits information at our San Antonio location, click here . For benefits information at all other locations, click here . An Equal Employment Opportunity Employer: race, color, religion, sex, national origin, disability, and veteran status.
#J-18808-Ljbffr