Remote Work - Need Cyber Security Analyst

Job Description

Skill 1 IT Acquisition Program Management

Skill 2 Policy Development and Advocacy

Skill 3 Stakeholder Engagement

Required Skill Set/Skill

Level/Experience

• Bachelor's degree in a technology or writing-intensive discipline.
• Demonstrated experience in technical writing, editing, and presenting information security-related documents.
• Proficiency in information security concepts, NIST Framework (especially NIST SP 800-53), and information systems design.
• Strong written and oral communication skills.
• Ability to analyze laws, rules, and regulations to articulate policy guidance effectively.
• Familiarity with Industry Compliance Standards (SOC 2, IRS Pub 1075, CMS MARS-E 2.2, PCI, CJIS, etc.).
• Aptitude for developing plans, policies, and procedures meeting regulatory compliance requirements.
  
  

Description Of Duties Summary

The Cybersecurity Acquisition Program Manager and Technical Writer within the State's Information Security Office is a multifaceted role combining expertise in information security, program management, acquisitions, policy development, and technical writing. The position involves spearheading acquisition programs, ensuring information technology compliance, drafting policies, and producing comprehensive documentation related to information security practices.

Key Responsibilities

• Acquisition Program Management:
• Oversee hardware, software, and information system acquisition
  
  

programs adhering to IT-related laws and policies.

• Ensure information security requirements are integrated into acquisitions,
  
  

procurements, and outsourcing efforts.

• Develop contract language to enforce supply chain, system, network, and
  
  

operational security.

• Policy Development and Advocacy:
• Formulate and advocate for policies supporting organizational cyberspace
  
  

initiatives.

• Resolve conflicts in laws, regulations, and standards pertaining to
  
  

cybersecurity.

• Technical Writing:
• Create comprehensive, easily understandable documentation on
  
  

information security topics for diverse audiences.

• Collaborate with subject-matter experts to accurately capture specialized
  
  

information.

• Review, edit, and finalize content ensuring alignment with NIST standards
  
  

and state policies.

• Stakeholder Engagement:
• Communicate effectively with program managers, contractors, and
  
  

stakeholders regarding business problems and corrective actions related to

information security.