Job Details

Home

Program Analyst || Local to Florida at Florida, New York, USA

Email: [email protected]

Program Analyst

Worksite flexibility

Onsite

Job Summary

Client: State of Florida Dept of Transportation

Duration: Through 6/30/2025 - may extend

Hybrid/Onsite/Remote: Onsite

Required skills: Bachelors degree in computer science, Information Systems,

Business Administration or other related field and/or equivalent work experience

7-10 years of IT Audit experience

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and design

Advanced skill level in business process mapping and documentation as well as policy and procedure development

Recent experience in Information Security with up-to-date knowledge of the current threat landscape

Solid understanding of PCI DSS standards

Job Description

We are looking for a Program Analyst
to responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify
control weakness.

What Youll Do

Perform PCI, SOC2, ISO, and applicable cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Departments
security policies

Plan and perform IT security controls effectiveness

Manage remediation efforts for the

Identified gaps including assessment of new or enhanced implemented controls

Maintain IT security risk and compliance matrix and performs management reporting including IT systems controls, and business process risks to meet compliance requirements

Provide risk mitigation strategies

Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT

Manage IT security vulnerabilities management program aligned with PCI and NIST standards

Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize to determine which operations and assets
are the most important

For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs

Identifying cost-effective actions to mitigate and reduce risk including implementing new organizational policies and procedures as well as the design of technical or physical controls

Coordinating, tracking, and verifying remediation of audit findings

Documenting the results and developing a plan of action and milestones for mitigating any identified risk

Produce formal audit reports based on ISACA Audit Standards

Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices

What You'll Need

Required:

Bachelors degree in computer science, Information Systems, Business Administration or other related field and/or equivalent work experience

7-10 years of IT Audit experience

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and design

Advanced skill level in business process mapping and documentation as well as policy and procedure development

Recent experience in Information Security with up-to-date knowledge of th current threat landscape

Solid understanding of PCI DSS standards

Preferred:

CISA and CISSP certifications

Physical Demands

Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state and local standards

Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.

Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor

Thanks & Regards,

Gaurav Jangid

Technical Recruiter

Email-

[email protected]

LinkedIn

-
https://www.linkedin.com/in/gaurav-jangid-97a5241ab/

806, New Castle
,
Wilmington, DE,

US, 19801

--

Keywords: information technology Delaware
Program Analyst || Local to Florida
[email protected]

[email protected]
View all

Fri Aug 02 20:03:00 UTC 2024

To remove this job post send "job_kill 1623177" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

gaurav@sourceinfotechs.com wrote:
Program Analyst

Worksite flexibility

Onsite

Job Summary

Client: State of Florida Dept of Transportation

Duration: Through 6/30/2025 - may extend

Hybrid/Onsite/Remote: Onsite

Required skills: Bachelors degree in computer science, Information Systems,

Business Administration or other related field and/or equivalent work experience

7-10 years of IT Audit experience

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and design

Advanced skill level in business process mapping and documentation as well as policy and procedure development

Recent experience in Information Security with up-to-date knowledge of the current threat landscape

Solid understanding of PCI DSS standards

Job Description

We are looking for a Program Analyst 
to responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify
 control weakness.

What Youll Do

Perform PCI, SOC2, ISO, and applicable cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Departments
 security policies

Plan and perform IT security controls effectiveness

Manage remediation efforts for the

Identified gaps including assessment of new or enhanced implemented controls

Maintain IT security risk and compliance matrix and performs management reporting  including IT systems controls, and business process risks to meet compliance requirements

Provide risk mitigation strategies

Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT

Manage IT security vulnerabilities management program aligned with PCI and NIST standards

Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize to determine which operations and assets
 are the most important

For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs

Identifying cost-effective actions to mitigate and reduce risk  including implementing new organizational policies and procedures as well as the design of technical or physical controls

Coordinating, tracking, and verifying remediation of audit findings

Documenting the results and developing a plan of action and milestones for mitigating any identified risk

Produce formal audit reports based on ISACA Audit Standards

Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices

What You'll Need

Required:

Bachelors degree in computer science, Information Systems, Business Administration or other related field and/or equivalent work experience

7-10 years of IT Audit experience

3 years of IT Risk Management lifecycle experience

3 years of hands-on technical experience (e.g. developer, system administrator)

Experience working with NIST 800-30 Risk Assessment Standard

Extensive experience with IT General Controls evaluation and design

Advanced skill level in business process mapping and documentation as well as policy and procedure development

Recent experience in Information Security with up-to-date knowledge of th current threat landscape

Solid understanding of PCI DSS standards

Preferred:

CISA and CISSP certifications

Physical Demands

Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state and local standards

Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.

Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor

Thanks & Regards,

Gaurav Jangid

Technical Recruiter

Email-

gaurav@sourceinfotechs.com

- 
https://www.linkedin.com/in/gaurav-jangid-97a5241ab/

806, New Castle
,
 Wilmington, DE,

US, 19801

Keywords: information technology Delaware 
Program Analyst || Local to Florida
gaurav@sourceinfotechs.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,