Jobs · Information Technology · Texas

Lead Information Security Analyst - Governance, Risk, & Compliance (GRC)

Harris County · Houston, TX · 3 days ago
Information TechnologyFull-time

Duties and Responsibilities

  • Conduct information security risk assessments and facilitate reviews of cloud, hybrid cloud, and on-premises IT solutions and infrastructure.
  • Perform third-party vendor security risk assessments to support governance efforts.
  • Serve as a subject matter expert (SME) on Cloud Security, with an emphasis on Microsoft Azure.
  • Stay updated on cybersecurity threats and vulnerabilities and provide recommendations for mitigation, particularly within Microsoft Azure cloud security.
  • Utilize security controls to enhance security posture and research emerging threats relevant to cloud and hybrid cloud operations.
  • Assess and prioritize information security risks, ensuring compliance with regulatory requirements and information security policies.
  • Oversee assigned project activities to ensure timely completion.
  • Develop remediation plans and proactively track progress, presenting cybersecurity risks and gaps to stakeholders.
  • Provide design input, implementation, and maintenance of enterprise-wide security solutions to address cybersecurity needs.
  • Communicate security vulnerabilities and risks to key stakeholders and consult on remediation efforts.
  • Develop documentation to support cybersecurity operations, including: Communications, Job aids, Educational/training materials, Architecture diagrams, Technical reference guides, Procedures, Strategy/technology roadmaps, Request for Proposal/Offers (RFP/RFOs), Statement of Work (SOW), Metrics and reports, Project plans, Executive presentations.
  • Coach and mentor junior-level technical staff.
  • Participate in Cybersecurity Incident Response Team (CIRT) investigations and response activities.

Requirements

  • Education: High school diploma or GED equivalency from an accredited educational institution. Five (5) years of experience in Information Security, IT, Computer Science, or IT Risk Management.
  • Experience: Strong understanding of IT infrastructure and network security principles. Experience with cloud security (AWS, Azure, or GCP). Knowledge of scripting languages (Python, PowerShell, etc.) for automation.

Preferences

  • Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent work experience).
  • Certifications: Industry certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or GIAC Certified Incident Handler (GCIH) credentials.

Similar jobs