IT Security Analyst

Job Title: IT Security Analyst

Job Location: Dimondale, MI (Hybrid – 2 days onsite, 3 days remote)

Note: Candidates must be currently local within a commutable distance not to exceed 1.5 hours. The manager is not interested in candidates who will need to relocate to accept the offer. State experience is required.

Job Description:

The State of Michigan is seeking an IT Security Analyst with experience in IT security, risk assessment, and compliance. The ideal candidate should have extensive knowledge of national and international security standards, including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH, and other regulatory requirements. This role involves performing security assessments, gap analyses, and providing guidance on security policies and risk management processes.

Responsibilities:

• Assist the Michigan Cyber Security, Risk and Compliance Division Director with enterprise risk management.
  
• Assess the effectiveness of enterprise data security policies, processes, and controls against established standards and regulations.
  
• Identify gaps in security control environments and compliance requirements.
  
• Perform gap analysis of security requirements for agency applications.
  
• Provide guidance on NIST controls and statutory/regulatory security requirements.
  
• Act as a subject matter expert (SME), mentoring others within the Risk and Compliance Division.
  
• Assist with the MiSAP Risk Assessment process and data entry in Keylight.
  
• Help establish a Cyber Security Framework for the State of Michigan.
  
• Work with the MCS Keylight team to enhance the MiSAP process.
  
• Perform additional cybersecurity-related tasks as assigned.
  
  

Skill Matrix: