Apply on Employer Site

Lone Star College · 1 day ago

Cybersecurity Compliance Analyst

Houston, TX

Full-time

Hybrid

Mid, Senior Level

$81K/yr - $93K/yr

5+ years exp

Lone Star College is a recognized institution offering quality education to over 80,000 students. They are seeking a Cybersecurity Compliance Analyst to enhance their security posture and ensure compliance with regulatory requirements through various security operations and compliance validation tasks.

EducationTrainingUniversities

Work & Life Balance

Responsibilities

Stays abreast of current and proposed compliance-related legislation and enforcing regulations to support the department in mitigating legal challenges, recommending new procedures, current trends, best practices, and complying with legal requirements

Continuously reviews, analyzes, and evaluates the posture of cybersecurity framework and regulated security control compliance

Develops relevant statistical and narrative reporting, as needed, including data and records maintenance, retention and analysis for institutional requirements in compliance with federal, state and local laws as the College's policies and procedures

Validates and assesses compliance of security controls against frameworks such as NIST 800-53, CSF, and/or Texas RAMP requirements

Performs gap analyses and document findings, including control deficiencies, remediation plans, and timelines

Supports audit and assessment activities, including internal/external audits, by gathering and providing evidence for control effectiveness

Collaborates with internal auditors and cross-functional teams to remediate identified control deficiencies and ensure documentation for processes and procedures are aligned with audit requirements

Investigates and responds to public information requests in compliance with applicable laws while ensuring confidentiality and data protection

Monitors real-time alerts using SIEM platforms (i.e. Splunk, Microsoft Sentinel, Checkpoint) and data security platforms (i.e. Varonis) to detect, analyze, and respond to security incidents

Investigates email and data security incidents (e.g., phishing, spoofing, malicious attachments,) using email filtering tools

Performs triage of security alerts, correlate logs and data across platforms, and escalate incidents as needed

Assists in incident response activities, including containment, eradication, recovery, and root cause analysis

Maintain and improve security operations playbooks and standard operating procedures (SOPs)

Reviews and validates Standard Operating Procedures (SOPs) to ensure they align with operational requirements and effectively support the remediation of compliance security control deficiencies

Conducts threat intelligence gathering and analysis to identify emerging risks and incorporate findings into detection strategies

Participates in vulnerability management processes, ensuring findings are addressed in alignment with policy and compliance mandates

Contributes to continuous compliance monitoring initiatives and support the automation of evidence collection where possible

Track sand reports metrics related to compliance posture, incident trends, and operational performance

Responsible for other reasonably-related duties assigned

Qualification

NIST 800-53Cybersecurity frameworksSIEM toolsCompliance validationIncident responseData securityAnalytical skillsScripting knowledgeRegulatory complianceProblem-solving skillsCommunication skills