Mid-Level Security Analyst (Risk, Compliance, & Assessment)

About the position Responsibilities • Evaluate whether security controls are correctly designed and operating as intended across the Department’s systems. • Conduct interviews, review documentation, and sample technical evidence to understand how controls work and how mature they are. • Create system-level risk categorizations based on how sensitive each system is and how it is used. • Support the development of the Department’s upcoming risk assessment by identifying risks, analyzing their impact, and helping score their severity. • Assist with improvements to security procedures, policies, user access processes, and multi-factor authentication guidelines. • Review current vulnerability management and change management practices and contribute updates to bring them up to required standards. • Work closely with the Security Architect to support security documentation, including mapping controls and building system security content. • Participate in interviews, workshops, and onsite assessment activities as needed. Requirements • Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, or Information Security. Degrees in related technical fields like Engineering (Computer/Electrical), Information Assurance, or Data Analytics are also relevant. • 5+ years in cybersecurity risk, compliance, audit, assessments, or governance. • Experience performing NIST CSF, NIST 800-53, or state-level cybersecurity assessments. • CISA, CISSP, Security+ (minimum 1 required). • At least one year applying Florida Cybersecurity Standards in assessments, policy work, or state government engagements. • Strong technical writing skills for developing deliverables such as procedures, risk reports, and policies. • All personnel reside within 50 miles of the Florida Capitol building and maintain at least 1 year of working knowledge of the Florida Cybersecurity Act (§282.318 F.S.) and Florida Cybersecurity Standards (60GG-2), as required for meeting DEP timelines and deliverables.) • All personnel meet or exceed DMS/ACS labor category requirements under SIN 54151HACS & 54151S. Apply tot his job