Sr. Compliance Analyst with Standards Expert
Candidate Must Be Local
Candidate Must be in Colorado to load the proposal. Will not accept contractors that are willing to move.
The Governor's Office of Information Technology (Client) is seeking an analytical and detail-oriented Sr. Compliance Analyst with standards development expertise primarily in SDLC and DevOps (application development & support). The analyst should have excellent communication and people skills and a curiosity for researching best practices and trends. The Analyst will be responsible for Compliance activities and for reviewing existing standards, refreshing them, and/or developing new ones primarily for application development (SDLC, DevOps) in partnership with functional areas.
The analyst will be also responsible for applying compliance expertise for accurate development of Client services for State Agencies, improving Compliance programs, and ensuring adherence to the relevant Security, State, and Federal Policies and Standards. These include but are not limited to NIST, HIPAA, IRS, CJIS, and others. The analyst will leverage their curiosity to extend their knowledge and understanding of new and changing regulations and develop requirements, controls, and compliance checklists for teams to follow and adhere to.
This position resides inside the Client Service Delivery & Support Organization. The Compliance Analyst is expected to partner closely with Client's Security Organization.
Job Duties:
Experienced in researching applicable laws and regulations as they relate to the State systems and driving compliance activities.
Develop, drive, and/or assist in tracking and delivery of Compliance activities - compliance checklist, identifying and mitigating any compliance or regulatory concerns, identifying risks and solutions to mitigate them.
Subject matter expert representation from Service Delivery organization to the State Agencies, and for Application teams (development and support).
Review application (and other departments) needs of Interpret Policies (e.g. CJIS) and standards and develop checklists and procedures for teams to use.
Develop a checklist of all compliances and standards that need to be followed by a department or a functional area in the Service Delivery & Support organization, e.g. DevOps/Applications, and ensure compliance with the applicable standards, policies, and/or controls. Leverage subject matter experts (SMEs) to develop or facilitate the development of standards. Collaborate with Client's Security organization to ensure compliance checklists and security standards have the necessary details required for the Service Delivery organization functional areas.
Develop and present reports on compliance adherence, identify gaps and risks, and collaborate with partner teams to mitigate risks and improve adherence to compliance.
Continuously improve the compliance process and improve efficiencies. Work collaboratively with impacted areas, partner groups, and vendors.
Review audit findings and work with functional areas to ensure audit findings are remediated.
Miscellaneous: Other responsibilities related to Standards and Compliance work as assigned.
ANY GRADUATE