Governance Risk Compliance (GRC) Analyst

Job Description

PLEASE ATTACH THE ADDITIONAL REQUIREMENTS LISTED AT THE BOTTOM OF THIS PAGE

Job ID: 31407
Agency: Bureau of Information & Telecommunications
Location:Sioux Falls or Pierre, SDSalary: $72,161.28-$90,201.60 Annual Salary, depending on qualifications
Pay Grade: 07
Closing Date: Open Until Filled

This is a Full-Time 40 Hour Weekly position with the Bureau of Information & Telecommunications (BIT) - Enterprise Platforms and Infrastructure. For more information on the Information & Telecommunications, please visit https://www.sd.gov/bit .

We are seeking a Governance, Risk, and Compliance (GRC) Analyst to join the BIT Enterprise Platforms & Infrastructure team. The successful candidate will play a key role in developing and maintaining a comprehensive information security risk program and identifying potential security risks and vulnerabilities. The candidate will be required to live within the State of South Dakota.

Responsibilities include:

• Assist in the development and maintenance of an enterprise security controls framework;
• Develop and maintain enterprise security policies, standards, and procedures;
• Process, analyze, and track exemption requests;
• Periodically review security controls for effectiveness and design;
• Assist on measuring and monitoring cybersecurity risk;
• Perform risk assessments for departments as requested;
• Maintain and update a risk repository;
• Ensure vendors comply with contractual obligations and security standards;
• Provide guidance to management and business stakeholders regarding the impact of risks and vulnerabilities to state systems;
• Participate in compliance reviews as assigned by management;
• Maintain awareness of existing and proposed security standards, state and federal legislations, and regulations pertaining to information security;
• Identify regulatory changes that will affect information security policy, standards, and procedures and recommend appropriate changes.

The Ideal Candidate Will Have:

Knowledge of:

• cybersecurity industry standards;

• information security risk management frameworks and compliance practices;

• common security regulations (e.g., NIST, HIPAA, , PCI DSS, ISO2700x, FDA, etc.);

• security auditing and risk assessment processes;

• common security policy taxonomies and how they govern standards, procedures, and guidelines;

• general security concepts, including but not limited to, cryptography, DLP, Security Operations Center, Security Managed Services, Audit, Cloud Security, and Mobile Security.

Skill to:

• document risk and compliance activities;

• communicate effectively; both orally and in writing, in addition to, interpersonal and collaborative skills;

• respond to, analyze, and communicate information security audits and the impact of risks.

Ability to:

• communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and non-technical audiences at various hierarchical levels;

• work effectively in a team environment;

• work independently with minimal supervision.

Additional Requirements: To be considered, please attach your resume.

This position is eligible for Veterans' Preference per ARSD 55:10:02:08.

Successful applicant(s) will be required to undergo a background investigation. An arrest/conviction record will not necessarily bar employment.

The State of South Dakota does not sponsor work visas for new or existing employees. All persons hired will be required to verify identity and eligibility to work in the United States and complete an Employment Eligibility Verification, Form I-9. The State of South Dakota as an employer will be using E-Verify to complete employment eligibility verification upon hire.

The State of South Dakota offers $0 premium employee health insurance option plus eleven paid holidays, generous vacation and sick leave accrual, dental, vision, and other insurance options, and retirement benefits. You can view our benefits information at https://bhr.sd.gov/job-seekers/work-for-state-government/ . This position is a member of Class A retirement under SDRS.

Must apply online: https://gen-stateofsouthdako-trn.inforcloudsuite.com/hcm/xmlhttp/shorturl.do?key=1M0
You must apply online, emailed resumes or submissions will not be accepted.
South Dakota Bureau of Human Resources
Telephone: 605.773.3148 Email: careers@state.sd.us
http://bhr.sd.gov/workforus
"An Equal Opportunity Employer"

#LI-Onsite