Information Technology Risk and Compliance Analyst (ITS-Civil Service)

Dallas is Growing. Grow With Us.

Looking for more than just a job? The City of Dallas offers careers with purpose. With competitive benefits, growth opportunities, and a culture of inclusion,

we’re committed to helping you thrive while you help our city flourish. Be part of a team that’s committed to service, innovation, and community.

Job Summary

Job Description

Overview

The Information Technology Risk and Compliance Analyst provides intermediate level analysis of potential risks, threats, risk analysis, and data science initiatives that helps protect the City of Dallas and assets from information and cyber security risks. Candidate will assist in ensuring that an organization's data is safe and protected from unauthorized access and modification.

Essential Functions

1 Performing internal and external risk assessments and audits to identify potential risks and areas for improvement in technology-related compliance issues across the organization including information security, identity management, user access, and data integrity.

2 Assist in the assessment of technology-related compliance issues across the organization including information security, identity management, user access, and data integrity.

3 Provides a recommended action plan; participates in mediation with City and stakeholders to attempt to reach equitable and timely resolutions.

• 4 Assist in developing, enforcing, monitoring life cycles of security policies and procedures.
• 5 Conduct compliance assessments/audits in line with policies and procedures and perform physical security assessments.
• 6 Apply working knowledge of encryption, network and web technology, and security administration processes.

7 Assists, supports, and helps identify and assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts.

8 Perform various types of data analysis work and prepare monthly / quarterly reporting.

9 Prepares, drafts, and compiles correspondence and reports to contractors, claims administrators, City management, and others to facilitate the efficient management of a loss control and risk reduction program.

10 Working knowledge of regulatory (including audit frameworks) standards, including but not limited to NIST 800-53, HIPAA/HITECH, HITRUST, CJIS and/or the PCI-DSS

11 Provides cyber security training and technical assistance to City personnel and stakeholders.

12 Performs any and all other work as needed or assigned.

Knowledge And Skills

• 1 Knowledge of risk management applicable to local government organization.
• 2 Knowledge of one or more computer spreadsheet, database, and word processing applications.
• 3 Knowledge and understanding of information security management.
• 4 Knowledge of data access and information systems procedures and policies.
• 5 Knowledge and understanding of auditing principles.
• 6 Knowledge of encryption, network and web technology, and security administration processes.

7 Ability to perform and evaluate vulnerability and penetration scans for internal and external cyber security risk.

• 8 Ability to use analytical thinking, problem solving techniques, and detailed oriented.
• 9 Communicating effectively verbally and in writing.
• 10 Ability to establish, collaborate, and maintaining effective working relationships across many teams.

Minimum Qualifications:Education:

• Bachelor’s Degree in Software Development, Information Security, Information Technology, Cyber Security, Computer Science.

Experience:

• Two (2) years of experience in computer systems, information technology, or technology analysis, as well as one (1) year of experience working with security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST, CJIS, and PCI-DSS.

Equivalencies:

• High school diploma or GED plus six (6) years of the required experience will meet the education and experience requirements.
• Associate degree in any field plus four (4) years of the required will meet the education and experience requirements.
• Bachelor’s degree or higher in a non-specified field plus four (4) years of the required experience will meet the education and experience requirements.
• Master’s degree or higher in a specified field will meet the education and experience requirements.

License:

• Valid driver’s license with a good driving record.

Preferences:

• Information Security certifications such as CISSP, CISM, CISA, or CRISC are highly preferred but not required.

Salary Range

$26.65 - $31.28

The salary listed on this job posting is the starting salary range; amount offered will depend upon qualifications.

City of Dallas is an Equal Opportunity Employer.