Previous Job
MCS Liaison
Ref No.: 18-00392
Location: Dimondale, Michigan
Start Date: 10/03/2018
 *The client plans to schedule IN PERSON ONLY interviews for this position the week of 9/17. Please confirm your candidate will be available to interview IN PERSON any of those days if selected.
Please detail your practical experience with a commercial Governance, Risk & Compliance (GRC) platform (Lockpath, Archer, SAP, etc.)
Do you have experience in training? If so, please detail here.
Detail your practical experience working with business and IT stakeholders to complete Security Risk Assessments and Security Remediation Plans.

Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

Years of Experience:
6 or more years with IT security and audit experience with extensive knowledge of national/international security standards including NIST, PCI, CJIS, CMS,  ISO, SOX, HIPAA, HITECH and other regulatory requirements .

Knowledge of security standards and progressive experience performing security assessments, and reviews.

1.    Assist the Michigan Cyber Security, Risk and Compliance Division Director with the enterprise risk management process.
2.    Assist specific agencies with State of Michigan risk assessment process, and identify gaps in security control environment and compliance requirements.  
3.    Perform gap analysis of security requirements implemented within the agency application(s) according to security statute, regulation, standards and SOM policies.
4.    Provide guidance to Agency and DTMB Agency Services staff with standard interpretation of NIST controls and other security statutory and regulatory requirements.
5.    Assist, enter information in the Keylight, complete risk assessment process within the state of Michigan.
6.    Assist with MICWRAP Risk Assessment volume of work for agencies.
7.    Assist with establishing Cyber Security Framework for the State of Michigan
8.    Work with MCS Keylight team in improving MiSAP process.
9.    Other cyber security related tasks as assigned

Required / Desired Skills
Skill Required / Desired Amount of Experience
Information Technology Experience Required 6 Years
IT Security and/or Audit Experience Required 6 Years
PCI, NIST, FISMA, HIPPA, CJIS, or related experience Required 5 Years
Experience working in large, complex business and/or IT environments Required 6 Years
Bachelors or Masters Degree in Computer Science, MIS, Business, Accounting, or Engineering (or related) Required 4 Years
Technical skills: knowledge and experience in IT security statutes, regulations, and standards, experience in GRC tool(s). Required 5 Years
CISSP/CISM certification Desired    
Practical experience with a commercial Governance, Risk & Compliance platform Required 3 Years
Practical experience working with business and IT stakeholders to complete Risk Assessments Required 3 Years