Apply on Employer Site

Dallas County · 2 months ago

0000002092.GOVERNANCE, RISK, AND COMPLIANCE ANALYST.INFO TECH SERVICES

Dallas, TX

Full-time

Onsite

Senior Level

5+ years exp

Dallas County is seeking a Governance, Risk, and Compliance Analyst to support their GRC program. The role involves conducting control assessments, coordinating policy management, and assisting with vendor risk and compliance processes across departments.

GovernmentInformation ServicesNon Profit

No H1B

U.S. Citizen Only

Responsibilities

Assists in the coordination and documentation of compliance activities related to NIST, CJIS, HIPAA, and other frameworks

Gathers evidence, prepares reports, and supports audit requests

Conducts control assessments and tracks remediation activities

Maintains GRC platform records and supports reporting and dashboard updates

Participates in policy and standard development, ensuring version control, stakeholder review, and publication across systems

Assists with the management, tracking and reporting of security awareness training and phishing simulation campaigns

Supports vendor risk management activities by distributing and reviewing vendor questionnaires, documenting findings, and assisting in risk decisions

Collaborates with cross-functional teams to capture risk information, assesses threats to systems and data, and documents findings in risk registers

Performs other duties as assigned

Qualification

GRC principlesIT auditCybersecurity riskCompliance requirementsNIST 800-53HIPAA complianceCJIS complianceMicrosoft 365Active DirectorySharePointJiraServiceNowAnalytical skillsCommunication skillsOrganizational skills

Required

Education and experience equivalent to a Bachelor's degree in Information Systems, Cybersecurity, Computer Science, or job-related field of study

Five (5) years of work-related experience in GRC, IT audit, cybersecurity risk, or compliance

Excellent organizational, analytical, and communication skills

Ability to work independently and manage multiple initiatives

Ability to write clear, concise policies and reports

Ability to coordinate across diverse business and technical teams

Ability to participate in an on-call rotation for after-hours security incident escalation

Knowledge of GRC principles and program operations

Knowledge of enterprise IT environments, including Windows Server, Active Directory, Azure and Microsoft 365 cloud services, and core networking concepts and configurations

Knowledge of document management systems and ticketing platforms (e.g., SharePoint, Jira, ServiceNow)

Ability to interpret and apply regulatory or policy requirements in practical IT/security environments

Knowledge of IT governance frameworks, compliance requirements, and security best practices

Knowledge of CJIS, NIST 800-53, HIPAA, or PCI-DSS compliance programs

Knowledge of internal or external IT audit process

Ability to translate technical security controls into business-impact terms

Ability to assist with third-party risk assessments, security reviews, and compliance gap analyses

Must have a valid Texas Driver's License and good driving record

Will be required to provide a copy of 10-year driving history

Must maintain a good driving record and remain in compliance with Article II, Subdivision II of Chapter 90 of the Dallas County Code

Individuals holding or considered for a position which has, or may have, access to criminal justice databases including the FBI Criminal Justice Information Systems, NCIC/TCIC and similar databases, must pass a national fingerprint-based records check prior to placement in such position and may be denied placement in such positions and/or access to such systems

Incumbents must also maintain the ability to pass the records check while in the position or until such time that the Commissioners Court and the County Civil Service Commission deem this position no longer has this requirement

Ability to lift and carry up to 25 lbs. unassisted

Work a 40-hour hybrid work week with on-call availability for two (2) days per month

Sitting for extended periods of time