Working Title: Cybersecurity Risk Analyst

Job Opening ID: 3020147

Close Date: November 5, 2021

Location: Telework

Status: Regular, Full-Time

Do you have a strong passion to change the world? Do you believe that you can make the lives of people better with technology? The State of North Dakota is looking for a Cybersecurity Risk Analyst to work with one of the world’s most advanced Security Operations Centers to protect a state network of over 250,000 devices including autonomous farms and smart roads designed to end world hunger, the Nation’s only research environment for beyond line of sight Unmanned Arial Vehicles, as well as the defense forces for 2/3rds of the Nation’s Nuclear Triad. This individual will help us fulfill our mission of empowering people, improving lives, and inspiring success!

The successful Cybersecurity Risk Analyst candidate will enjoy working with people in a collaborative environment, who can learn quickly in a rapidly changing technology landscape, and who embodies the core values that we follow as public servants for the State of ND: Gratitude, Humility, Curiosity, and Courage.

Scope of Work:

The successful Cybersecurity Risk Analyst will aid and support the planning and execution of engagements where they would interact with business executives and IT professionals to evaluate information and network security, change management, access control, IT infrastructure, server virtualization, software development, cloud computing and other key areas of client organizations. The Cybersecurity Risk Analyst will also have the opportunity to develop and assist with the development and implementation of client information security programs. The Cybersecurity Risk Analyst will be responsible for Business Impact assessments and Disaster recovery activities.

Minimum Qualifications:

Requires one of the following:

• Completion of a certified cybersecurity bootcamp, apprenticeship or 9+ month cybersecurity certification
• A bachelor’s degree in Business, mathematics, philosophy, computer science, computer information systems, cyber security, information technology, or related degree with knowledge in the following areas: Risk Management, Information Security, Systems Administration, Systems Architecture, Network Administration, Data Administration, Software Development, Technical Support, Risk Management, IT Audit or Consulting.
• An associate degree in Business, mathematics, philosophy, computer science, computer information systems, cyber security, information technology, or related degree and two years of current and progressive of work experience in any of the following areas: Risk Management, Information Security, Systems Administration, Systems Architecture, Network Administration, Data Administration, Software Development, Technical Support, Risk Management, IT Audit or Consulting.
• Four years of current and progressive work experience within a work experience in any of the following areas: Risk Management, Information Security, Systems Administration, Systems Architecture, Network Administration, Data Administration, Software Development, Technical Support, Risk Management, IT Audit or Consulting.

Duties and Tasks:

• Develop system documentation for information system authorization, security management, and continuous monitoring of both networked and standalone classified systems
• Conduct formal risk assessments to identify, assess, and measure information security risks for systems, facilities, networks, projects
• Examine risk registry, assessments, and action plans to schedule follow-ups and evaluates potential conflicts
• Prepare risk assessment reports, to support management action, escalation and risk acceptance processes resulting from risk assessments
• Identify opportunities to improve risk posture, proposing solutions for remediating or mitigating risk and assessing the residual risk
• Provide coordination of all disaster recovery needs and recommendations for future needs
• Prepare and distribute contingency operating procedures manuals and related instructions and coordinate and/or provide training in disaster recovery procedures
• Manage relationships with security, technology, and business stakeholders to identify and communicate security risks and mitigation approaches

Application Procedures/Comments:

Please make sure that your resume includes information to demonstrate how you meet the minimum qualifications as posted.  Your work history will not be given credit if North Dakota Information Technology cannot determine that you meet the minimum qualifications.

All application material must be received on or before the closing date by 11:59 pm and must include the following documents:

• Resume

North Dakota Information Technology does not offer or provide sponsorships. Applicants must be legally authorized to work in the United States.

For more information or if you need an accommodation, please contact: Kari Sauer, North Dakota Information Technology: Email: itdjobs@nd.gov phone: (701) 328-1436, fax: (701) 328-3000 or TTY: 1-800-366-6888 or local at (701) 328-3190.

Job Announcement Status can be viewed at: http://www.nd.gov/itd/working-itd

• Learn more about NDIT at: http://www.nd.gov/itd
• Learn more about Employment Benefits at: https://www.omb.nd.gov/team-nd-careers/team-nd-benefits
• Visit North Dakota State government: http://www.nd.gov

Equal Opportunity Employer

The State of North Dakota does not discriminate on the basis of race, color, national origin, sex, religion, age, or disability in employment or the provision of services, and complies with the provisions of the North Dakota Human Rights Act.