Infosec Risk and Compliance Specialist

Tyler Technologies is looking for an Information Security Risk & Compliance Analyst to join our Corporate Security team! As an Information Security Risk & Compliance Analyst reporting to the Manager of Information Security Compliance, you'll be instrumental in ensuring Tyler's compliance with regulations, frameworks, standards, and client agreements. You'll also be vital in administering and enforcing Tyler Technologies' Enterprise Information Security Program to safeguard the company's infrastructure and critical assets. Collaborating with various teams, you'll ensure that policies and procedures are not only in place but also effectively implemented and upheld.

The Information Security Risk & Compliance Analyst holds a critical enterprise-level position, tasked with assessing if the organization meets various regulations, frameworks, standards, and client agreements consistently across all operations. They are responsible for ensuring that the organization's information security policies and procedures align with pertinent laws, regulations, and industry standards.

As a part of Tyler's corporate staff, you will make an impact on outcomes that affect various areas of the company. Your work will ultimately support our team members, clients, stakeholders, and the public sector.

Location
Plano, Texas | Yarmouth, Maine

Travel
0-5%

Responsibilities

• Support the process of standardizing and streamlining annual and ad-hoc information security audits and assessments in compliance with FedRAMP, CJIS, SSAE-18 SOC 1 and SOC2 PCI and other requirements as necessary
• Conducting comprehensive risk assessments to identify potential security threats and vulnerabilities within the organization's systems, networks, and processes.
• Develop and implement strategies to mitigate identified risks.
• Plan and execute regular compliance audits to assess adherence to security policies and procedures.
• Review and analyze audit reports, and recommend corrective actions as needed.
• Assist in the monitoring and enforcement of compliance to security policies
• Assist with contract and vendor management issues related to security requirements and projects
• Assist with oversight and execution of Enterprise Risk and Vendor management procedures
• Evaluate and monitor the security practices of third-party vendors and partners.
• Ensure that vendors comply with the organization's security requirements.
• Aid in the development, evaluation and implementation of governance and compliance processes to mitigate cybersecurity risk and ensure protection of company assets and information
• Researches and interprets current and pending laws and regulations, industry standards and client and vendor commitments to understand and communicate compliance requirements
• Consults with business and technical leadership to ensure that data, processes and technology are designed for data protection and compliance by working with IT teams to implement and maintain security controls, such as firewalls, encryption, access controls, etc., as per compliance requirements.
• Lead or assist in responding to security incidents, including investigation, containment, eradication, and recovery.

Qualifications

• Possess knowledge of common information security and privacy frameworks, such as FedRAMP, CJIS, ISO 27001, PCI-DSS, SSAE 18 SOC 2, HIPAA, CCPA, etc.
• Bachelor's degree or equivalent experience
• Desired but not required certifications include those such as (ISC)2 CGRC, ISACA CGRC or equivalent
• Excellent customer service, organizational, interpersonal and communication skills
• Ability to prioritize and complete multiple tasks in a fast-paced, technical environment
• Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.
• The InfoSec Risk and Compliance Analyst must be able to:
  • Understand information security concepts such as Information Security compliance standards and technical security risk assessment
  • Translate security control language into natural human language to aid in speed and accuracy of implementation
  • Possess knowledge of common information security and privacy frameworks, such as FedRAMP, CJIS, ISO 27001, PCI-DSS, SSAE 18 SOC 2, HIPAA, CCPA, etc.
  • Monitor and stay up-to-date with relevant laws, regulations, and industry standards related to information security.
  • Stay informed about emerging threats, technologies, and best practices in information security.
  • Recommend and implement improvements to security policies, procedures, and practices.
  • Provide seamless integration to department and company resources
  • Perform process development, consolidation and optimization at an enterprise level
  • Excellent troubleshooting and analytical skills required

Great Place to Work & Grow Your Career
Come join us as we transform the public sector! Our guide everything we do. We're also frequently recognized as a great workplace locally and nationally. See our many .

Taking Care of You & Your Family
Your health and well-being are important to us. That's why we invest in our team members by offering competitive benefits to support their health and financial wellness. .

Tyler is subject to regulations, guidelines, and/or client requirements relating to the qualifications of Tyler personnel performing certain client work. Because of the nature of this position, it is a requirement that the candidate can successfully pass a federal background check at the time an offer is extended and over the course of employment with Tyler.