Security Analyst

Job Description

Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

Job Duties

• Assist the Michigan Cyber Security, Risk and Compliance Division Director with the enterprise risk management process.
• Assess the effectiveness of enterprise data security policies, processes, procedures and controls against established standards, guidelines and requirements and identify improvement actions required to maintain the appropriate level of data protection and suggest changes where appropriate.
• Assist specific agencies with State of Michigan risk assessment process and identify gaps in security control environment and compliance requirements.
• Perform gap analysis of security requirements implemented within the agency application(s) according to security statute, regulation, standards, and SOM policies.
• Provide guidance to Agency and DTMB Agency Services staff with standard interpretation of NIST controls and other security statutory and regulatory requirements.
• Subject matter expert leading and mentoring others within the Risk and Compliance Division.
• Assist, enter information in the Keylight, complete risk assessment process within the state of Michigan.
• Assist with MiSAP Risk Assessment volume of work for agencies.
• Assist with establishing Cyber Security Framework for the State of Michigan
• Work with MCS Keylight team in improving MiSAP process.
• Other cyber security related tasks as assigned.

Requirements

6 years :

Minimum Education

Location

Additional Requirements

Employment Terms

About Zenfreed

At Zenfreed, we are more than an IT company. We bridge the gap between people wanting to do the work they were meant to do and organizations needing the right talent.

We are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

Benefits

We understand a comprehensive benefits package is crucial to employment satisfaction. We offer medical, dental and vision coverage options for all employees.

Requirements

6 years : Experience with IT security and audit experience. Extensive knowledge of national / international security standards including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH, and other regulatory requirements. Knowledge of security standards and progressive experience performing security assessments, and reviews. Must have excellent communication skills. Position will be customer facing and will include collaboration with other teams. Minimum Education None Location Accepting local candidates and non-local candidates willing to relocate at their own expenses with no delays. Position is a hybrid schedule in office 2 days a week upon start and there is NO REMOTE ONLY option. Working hours Monday-Friday, approximately 8 : 00 a.m. to 5 : 00 p.m. Additional Requirements Must be authorized to work in the United States; We are unable to offer sponsorships at this time Must undergo a background check and drug screening for employment. Employment Terms This is a W2 position 40 hrs per week HYBRID schedule - in office 2 days a week upon start and there is NO REMOTE ONLY option. About Zenfreed At Zenfreed, we are more than an IT company. We bridge the gap between people wanting to do the work they were meant to do and organizations needing the right talent. We are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.