[Remote] Information Security Analyst (ISA)

Note: The job is a remote job and is open to candidates in USA. Sharp Decisions is seeking an experienced Information Security Analyst (ISA) to join their Governance, Risk, and Compliance (GRC) Team. The role involves collaborating with business units to understand reporting and data requirements while supporting enterprise information security initiatives, including conducting risk assessments and developing training materials.

Responsibilities

• Conduct risk assessments and security audits
• Generate findings reports and provide recommendations for improvement
• Track remediation activities and outcomes for compliance reporting
• Develop reports detailing audit findings, non-compliance issues, POA&Ms, and incident reports
• Review and maintain audit plans, security plans, and risk documentation
• Investigate suspicious network activity and generate incident reports
• Prepare audit documentation and draft audit findings according to agency standards
• Research industry security standards, regulations, and best practices
• Support technical project managers with requirements gathering and project documentation
• Develop user training materials and support customer adoption initiatives

Skills

• Strong understanding of information security principles, policies, and procedures
• Knowledge of Information Security Risk Management practices
• Experience with NIST 800-53 Rev 5, IRS Publication 1075, HIPAA/HITRUST, CJIS, and MARS-E
• Expert knowledge of auditing, internal controls, and risk management frameworks
• Knowledge of Security and Privacy Control implementation and assessment
• Experience with Risk Management Framework (RMF)
• Knowledge of system authorization and approval processes
• Experience conducting technical audits and reviews
• Understanding of Windows, Unix/Linux, networking, databases, and software development
• Strong written, verbal, analytical, and interpersonal communication skills
• Ability to develop security policies, strategies, and compliance programs
• Ability to collaborate effectively across departments and organizations
• Ability to identify security risks and recommend process improvements
• Ability to create training materials and support user adoption initiatives
• Experience developing and maintaining project documentation and artifacts
• NIST 800-53 Revision 5 (Required)
• Risk Management Framework (RMF)
• Windows / Unix Administration Experience
• Project Management experience
• CISSP Certification
• CCSP Certification
• GSTRT Certification
• GSNA Certification
• CAP Certification

Benefits

• The State of Arizona promotes a flexible work culture that supports remote work opportunities. All work, including remote work, must be performed within Arizona unless otherwise authorized.

Company Overview

Company H1B Sponsorship