DTS - Analyst - GOVERNANCE, RISK, AND COMPLIANCE ANALYST

Expert Technology Services

PHOENIX, AZ

JOB DETAILS
SKILLS
Analysis Skills, CAP - Certification Authorization Professional, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Security, Customer Acquisition, Customer Support/Service, Customer Training, Data Encryption Standard (DES), Data Modeling, Data Quality, Documentation, Establish Priorities, GSNA - GIAC System & Network Auditor, ISA Standards, Industry Standards, Information Technology & Information Systems, Information/Data Security (InfoSec), Interviewing Skills, Maintain Compliance, Microsoft Windows Operating System, Operations Planning, Organizational Development/Management, People Management, Presentation/Verbal Skills, Project Development, Project Planning, Project/Program Management, Regulations, Regulatory Compliance, Reporting Skills, Requirements Management, Risk, Risk Analysis, Risk Management Framework (RMF), Security Analysis, Security Compliance, Security Monitoring, Team Player, Technical Leadership, Technical Support, U.S. National Institute of Standards and Technology (NIST), Unix Operating Systems, Writing Skills
LOCATION
PHOENIX, AZ
POSTED
16 days ago
Job Summary (List Format) Governance, Risk, and Compliance Analyst

- Serve as an Information Security Analyst (ISA) contractor within the Governance, Risk, and Compliance (GRC) team at the Arizona Department of Economic Security, Division of Technology Services.
- Engage and communicate with business units to understand and document their reporting, data, and product needs.
- Collaborate across departments to define project requirements, identify data dependencies, and develop logical and physical data models, data flows, and system activity diagrams.
- Write specifications and documentation for managing enterprise information policies and ensure compliance with security standards.
- Develop plans and materials to support user adoption, training, and customer service efforts.
- Work directly with users from various divisions to provide guidance and prioritize system enhancements.
- Support technical project managers by ensuring high-quality information analysis and requirements gathering, and develop key project artifacts.
- Perform risk assessments, audit reviews, and generate comprehensive reports on findings, compliance gaps, and recommendations for improvement.
- Track and report outcomes of risk and audit activities for DES reporting requirements.
- Investigate suspicious activity and generate incident reports as required.
- Research and ensure compliance with agency and industry IT security standards, laws, and regulations (including NIST 800-53 R5, IRS Pub1075, IPAA/HITRUST, CJIS, and MARS-E).
- Review, update, and maintain security-related documentation, audit, and risk plans.
- Identify and suggest improvements for information systems and processes.
- Collaborate with teams, build strong relationships, and work effectively across organizations.
- Ensure integration of information security management with organizational planning and operations.
- Produce high-quality deliverables for IT teams and senior management.
- Local candidates only; must be available for in-person interviews and able to start within 2 weeks of offer.

Required Skills:
- Experience with NIST 800-53 R5 and Risk Management Framework (RMF)
- Knowledge of Windows/Unix systems
- Strong written and verbal communication skills
- Ability to work collaboratively and manage multiple stakeholders
- Ability to synthesize feedback and adjust project plans accordingly

Preferred Skills:
- Project management experience
- CISSP, CCSP, GSTRT, GSNA, or CAP certification

---

Let me know if you need this list tailored further or shortened!

About the Company

E

Expert Technology Services