14444 – Senior Security GRC Analyst (hybrid) – Austin, TX
Start Date: ASAP
Type: Temporary Project
Estimated Duration: 12 months with possible extensions
Work Setting: Hybrid - On Site and Telework. 3 days remote with 2 days (Mon & Thurs) required to be onsite at the location listed above.
Only candidates able to relocate as required should apply to avoid removal from future consideration.
Required:
• Experience with Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing, Cloud Security and hybrid environments (12 years);
• Experience owning SSP development end to end (10 years);
• Experience with CMS MARS E v2.2 or comparable federal/state security frameworks (10 years);
• Experience in Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management (10 years);
• Experience translating technical security issues into compliance aligned remediation actions (8 years);
• Strong stakeholder management skills across security, infrastructure, and application teams (8 years);
• Excellent written and verbal communication skills, particularly for executive stakeholders (8 years);
• Experience with NIST 800 53, NIST RMF, and privacy controls (8 years);
• Experience with Secure SDLC and DevSecOps practices (8 years);
Preferred:
• Experience operating in multi-vendor, multi-platform environments (5 years);
• Experience with reducing repeat audit findings and improve compliance maturity (5 years);
• Experience mentoring or guiding teams on security governance best practices (5 years);
• Experience supporting client’s systems, including SSP development and compliance (1 year);
Responsibilities include but are not limited to the following:
• Support the Legacy Analytics Modernization team in migrating legacy TIERS analytics platforms to modern solutions under the Texas Data Management Framework.
• Collaborate with IT and business stakeholders to ensure project deliverables comply with state, federal, and agency standards.
• Manage day-to-day operations and scrums for various projects within the initiative.
• Establish project timelines, resource requirements, and strategic roadmaps in coordination with vendors and federal stakeholders.
• Develop and publish project management documents in compliance with DIR Project Delivery Framework directives.
• Function as a blended partner between IT and the Office of Data Analytics & Performance.
• Assist in conducting procurement exercises to acquire vendor services for assessments or long-term outsourcing.