Risk Mitigation Specialist

State of Oklahoma

Date: 15 hours ago
City: Oklahoma City, Oklahoma
Contract type: Full time
If applicable, please upload a copy of your two most recent performance reviews along with your resume.

Job Type/Salary/Location

  • Full-time
  • Vacancies: One
  • Salary: Commensurate with education or experience
  • Primary Working Hours: M-F; 8:00am – 5:00pm
  • FLSA Status: Exempt
  • Location: Statewide
  • Supervisory: No
  • Travel: Applicants must be willing and able to fulfill all job-related travel normally associated with this position.

Benefits

  • The State of Oklahoma offers a comprehensive Benefits Packet, including a generous benefit allowance to offset the cost of insurance premiums for employees and their eligible dependents.

Position Essential Functions

  • Identify strategic risk through collaborative working effort with the SSA, IRS, State Auditors, Cyber Command, NIST and FISMA auditors and business area/system owners, along with other applicable teams to gather data to be used by the risk management team for the creation of a full picture of the strategic cyber risks.
  • Must be able to assist with the prioritization of risks, create risk profiles for all information systems, identify common gaps in the information system compliance to focus holistic funding in support of remediating security findings for multiple systems.
  • Will assist the State in conducting reviews and recommendations to aid in the remediation of security findings for multiple systems.
  • Where appropriate will assist the team in facilitating the upgrades and hardening of systems and solutions to mitigate security risks

These job functions, responsibilities and activities may change at any time with or without notice.

Valued Knowledge, Skills, Abilities And Competencies

Knowledge of

  • NIST SP 800-53 security controls and required documentation
  • The management, operational, and technical aspects of IT Security in a complex enterprise environment.

Skill and Competencies

  • Excellent verbal and written communication skills.

Ability to

  • Conduct Risk Assessments
  • Facilitate risk mitigation and improve agency’s cyber security posture
  • Use the Enterprise Logging System to conduct regular reviews of audit logs (operating systems, applications, database etc.)
  • Review and write security policies and procedures
  • Establish and maintain effective working relationships with others

Physical Demands/Work Environment

  • Work is typically performed in an office setting with climate-controlled settings and exposure to moderate noise level. While performing the duties of the job, employee is required to talk, stand, walk, and reach with hands and arms. This position requires regular periods of sitting or standing and daily use of computer and phone. It also requires the occasional use of the office machinery in accordance with safety and security protocols.

Minimum Qualifications

  • Bachelor’s degree in computer science, Engineering, Information Technology, Cyber Security, or related field and 3 to 8 years of related experience. Additional years of experience and cyber certifications may be considered in lieu of degree.

Special Skills/Requirements

  • Computer Skills – Employee must be capable of proficiently using the OESC’s standard software (Microsoft Office - Word, Outlook, Excel, Access, and Teams), and the Internet, as well as proficiency to learn other software as needed.
  • Employee must be capable of lifting, carrying and moving objects of up to 25 pounds.
  • Should have at least one of the following certifications: SSCP, CAP, CISM, CISSP, CISA, CASP, CEH, GCED, CRISC

Accommodation Statement

  • OESC is an Equal Opportunity Employer. Reasonable accommodation to individuals with disabilities may be provided upon request.
Post a CV

See more jobs in Oklahoma City, OK