Summary: The Analyst – Info Sec position is responsible for analyzing and evaluating the effectiveness of implementation of information security requirements. The analyst will collaborate with personnel from various departments and identify areas for the development of technical solutions to automate and/or improve business processes for increased compliance. The position will exhibit effective communication and technical skills to support stakeholders and project clients. This is an excellent opportunity to work with large-scale enterprise systems that demand an elevated level of performance and scalability.
Responsibilities:
Ensure compliance with Maximus Corporate Info Sec Policies and support the development, deployment, and maintenance of cybersecurity policies, procedures, and guidelines.
Assist with providing security requirements to both internal partners and external third-party providers
Assist with the identification, documentation, monitoring, and reporting on risk register items, KPI/KRI, including the monitoring of security control efficacy.
Understanding of security functions including Incident Management, Change Management, Identity and Access Management, Risk Management, Physical Security, BCP, Cloud Security, and Vendor Security Risk Management.
Detect potential security weaknesses and develop creative ways to handle challenges unique to the Maximus business and systems architecture.
Interact with Maximus IT and business stakeholders to understand risks to critical infrastructure by defining potential business impact with the responsibility to apply effective mitigation strategies.
Must stay current with industry, regulatory, and legal requirements relevant to security, compliance, and privacy.
Stay up-to-date on emerging trends and technologies in cybersecurity
Support efforts to drive innovation and creative problem-solving to meet critical business challenges and demands
Required Skills:
Implementation of information security in an IT industry and excellent knowledge across all domains of security.
Practical working experience with control frameworks such as HIPAA, ISO 27001, ISO 27701, NIST 800-53, NIST CSF, DPDPA, etc.
Frequent use and general knowledge of industry practices, techniques, and standards.
Excellent organizational skills with attention to detail and ability to multitask for project prioritization
Ability to effectively communicate with internal and external customers, executive managers, and team members or drafts such responses for supervisor or manager.
Education and Experience:
Bachelor’s degree in Computer Science, Information Systems, or related degree programme from recognized university.
Requires 3+ years of experience in information security domain in IT Industry.
