Sr. Cyber Risk Analyst - Maverc Technologies

Join the Team solving some of the toughest IT and Cyber Security Challenges. Maverc Technologies is looking for an experienced Sr. Cyber Risk Analyst to support one of our State Agency customers. As a Sr. Cyber Risk analyst you will be responsible for the management, assessment, and mitigation of risks are fundamental components of our customers information assurance and cybersecurity program. This position leads the IT security risk and audit program for information systems security using generally accepted standards and frameworks for IT audit and risk management (e.g., NIST, ISO, PCI, and ISACA). The position is responsible for developing and implementing the IT security risk and audit strategy, performing information systems and business process risk assessments, and evaluating the effectiveness of technical, physical, and administrative controls to identify control weaknesses. This individual will interface with Security Operations, IT Operations, and various business units.

Job Duties:

• Plan and perform IT security controls effectiveness. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls.
• Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies
• Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT.
• Manage IT security vulnerabilities management program aligned with PCI and NIST standards.
• Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important.
• For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs.
• Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls.
• Coordinating, tracking, and verifying remediation of audit findings.
• Documenting the results and developing a plan of action and milestones for mitigating any identified risk.
• Produce formal audit reports based on ISACA Audit Standards.
• Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices.

Requirements

Risk Analyst Skills & Requirements:

• 7-10 years of IT Audit experience.
• 3 years of IT Risk Management lifecycle experience
• 3 years of hands-on technical experience (e.g. developer, system administrator)
• Experience working with NIST 800-30 Risk Assessment Standard
• Extensive experience with IT General Controls evaluation and design
• Advanced skill level in business process mapping and documentation as well as policy and procedure development
• Recent experience in Information Security with up-to-date knowledge of the current threat landscape.
• Solid understanding of PCI DSS standards

Education and Certifications:

Bachelor‘s Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience.

CISA and CISSP certifications (preferred).

Benefits

**Join Maverc. Be Valued.**

At Maverc, we are an inclusive community where diversity in all its forms is embraced, respected, and recognized as a true asset to the company. We are dedicated to fostering this inclusive environment, though we acknowledge that there is always room for improvement. Maverc is committed to evolving into a more inclusive and equitable organization, upholding the principles of equal employment opportunity and affirmative action.

Maverc is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment based on gender, gender identity or expression, sexual orientation, race, age, religion, physical or mental disability, veteran status, or other protected characteristics under federal, state, and local laws.

As a federal contractor, Maverc has implemented affirmative action programs to ensure non-discrimination and promote affirmative action in our policies and practices for qualified women, minorities, protected veterans, and individuals with disabilities. The narrative portion of Maverc's affirmative action plans is available for inspection at our offices during normal business hours. Employees and applicants interested in reviewing these plans should contact Human Resources at or hr@maverc.com for assistance.

If you are interested in applying for a position with Maverc and require special assistance or accommodation to apply for a posted position, please contact our Human Resources department at hr@maverc.com or by calling 888-948-1468.

Exceptional People, Outstanding Benefits

Exceptional people are the cornerstone of any successful company. To attract and retain such talent, Maverc provides fulfilling work opportunities that complement a balanced lifestyle. We achieve this by offering exceptional benefits, enabling our employees to live and work well.

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Training & Development
• Work From Home