Senior Cyber Assurance Analyst

Posting Date

Application Deadline

Pay Range

Job Type

Department

About the Position

The Sr. Cyber Assurance Analyst supports the execution of the Department of Enterprise Technology & Innovation's Information Security Cyber Assurance Program.The Cyber Assurance Program is responsible for identifying, reporting, and tracking the risks and compliance requirements that stem from the use of technology. Services include: Security Risk Assessments, Vulnerability Management, System and Data Classification, End-User Awareness Training and Phishing Assessments, Compliance Reviews, and 3rd Party Risk Management. This team does not conduct incident response, penetration testing, or vulnerability remediation (e.g. patching).

About Us

Are you looking for a career in a dynamic organization that embraces a can-do spirit? Look no further than Maricopa County's Enterprise Technology & Innovation!

We are a team that prides ourselves on leveraging technology to create digital transformations. We look for ways to bring about innovative solutions while providing top-notch customer service. Apply today and become part of the team that makes a lasting impact on the future of technology at Maricopa County.

Proud to Offer

• Work with a greater purpose

• Tuition reimbursement

• Exceptional work-life balance, with hybrid and alternative work schedule options

• Opportunities for growth and development within Maricopa County

• Low-cost, high-value healthcare for you and your qualifying dependents

• Child care benefits including access to our upcoming on-site center Maricopa County Kids Club, dedicated to serving Maricopa County families exclusively

• Paid vacation, sick time, and parental leave

• Extensive wellness program, including healthcare premium discounts

• Maricopa County participates in the Arizona State Retirement System. This defined retirement benefit requires a 12.27% monthly contribution rate and includes a 100% employer match on Day 1

• Learn more at Work With Us | Maricopa County, AZ

We Require

• Five years of experience in Information Technology Security and Compliance

• Two years in one or more of the following IT Security areas:

  • Security control gap analyses

  • Implementation and evaluation of security controls in the NIST 800-53 Compliance Framework

  • Conducting IT security risk assessments

  • Creating security policies and governance documents

  • Participating in secure system lifecycle management initiatives

  • Conducting data security initiatives including data loss prevention and data classification

• Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, Information Systems, or a related STEM field

• A combination of post-secondary education and/orjob-related experience may substitute for theminimum qualifications on a year-for-year basis

We Also Value

• One or more of the following certifications:

  • CompTIA: Security+ , CySA+

  • GIAC: GISP-ISP

  • ISC2: CAP

  • ISACA: CRISC

  • ISC2: CISSP

• Experience with conducting security risk assessments against internal and vendor resources

• Experience with NIST security control framework including 800-53 and 800-60 as well as FIPS 199

• Experience with regulated data such as HIPPA, CJIS/CHRI, PII, PCI-DSS

Job Contributions

• Lead risk assessments across Maricopa County to identify cybersecurity risks and recommend treatment based on NIST 800-53 control framework and applicable governance

• Analyze identified cyber security risks and provide County and department leadership with insights on cyber risk to support risk-informed business decisions

• Support the County's structured risk management framework and continued maturation of the risk assessment methodology

• Conducts activities surrounding data protections including System Identification/Classification, Data Classification, Data Loss Prevention, and Impact Analyses for all Maricopa County Information Systems in alignment with standards such as the NIST SP 800-60

• Supports development and delivery of County training programs for Information Security awareness, policies, standards, and guidelines including phishing simulations and awareness campaigns

• Collaborates with different teams, including security architecture, security operations, engineering, and system owners to ensure security risks are properly addressed

• Plans and executes initiatives including identifying customer/business needs, identifying deliverables and resource requirements, setting goals and milestones, and organizing and leading work efforts assigned to other individuals

• Conceptualizes and expresses complex business and technical requirements into comprehensible models and templates both verbally and in writing

Working Conditions

• Must be able to pass TOC background as part of pre-hire requirements

• Exerting up to 10 lbs. occasionally or negligible weights frequently; sitting most of the time

• Position is typically office or administrative work and is not substantially exposed to adverse environmental conditions

Selection Procedure

• Only the most qualified candidates will be considered

• Consideration will only be given to candidates who submit online applications

• Candidates will be contacted primarily through email and their Workday online application profile

• Must pass a pre-employment background and/or fingerprint investigation as required by statute or policy, including drug and alcohol testing requirements for positions designated as safety-sensitive

Maricopa County is an equal opportunity employer.

Apply Now!