IT Compliance Business Analyst
Description:
IT Compliance Business Analyst
Quantam Solutions provides IT solutions and consulting for various clients. We offer a competitive hourly wage, health benefits, paid time off, and a 401(k) plan. We're currently seeking an IT Compliance Business Analyst. Candidates must be able to attend a second-round interview (if offered) in Lansing, MI. Candidates musts be able to work a hybrid work schedule consisting of two days onsite in Lansing, MI and three days remote. The two onsite days are Tuesday and Wednesday. Local candidates to Michigan are strongly preferred. Non-local candidates must be willing to relocate at their own expense from acceptance with no delays and follow the hybrid schedule.
LOCATION: Lansing, MI.
SCHEDULE: Hybrid, two days on-site (Tuesday/Wednesday) and three days remote.
JOB DESCRIPTION:
The IT Compliance Business Analyst will coordinate agency, our client, and vendor efforts to adhere to the State of Michigan (SOM) Governance, Risk, and Compliance (GRC) practices and policies. This position will be responsible for leading project teams through the Michigan Security Accreditation Process (MiSAP) to assist in the effort of supporting our client. MiSAP sets security requirements for software, applications, systems, or other technical products that need to connect with the State of Michigan IT infrastructure or be consumed by agencies within the State of Michigan. The Michigan Security Accreditation Process consists of several stages that include data classification, system security plan (SSP), risk assessment (RA), control task, and plan of action and milestones (POAM). The goal of the process is to achieve authority to operate (ATO) once all stages have been successfully completed. Project documentation as well as application vulnerability scanning onboarding and requests, are also artifacts that are facilitated by or created by the resource within this position.
The expectation is that the person filling this position would also assist with completing disaster recovery plans, incident response plans, and business continuity plans. This position will also be required to provide training and interpretation of the frameworks, regulations, laws, policies and GRC tool the State of Michigan must adhere to. This position will assist with compliance of audit criteria and provide process development and audit support for partner agencies’ IT systems, web sites, web applications, mobile sites, and mobile applications.
Additionally, it will provide for audit credibility and compliance. This position works and collaborates with people outside of our client’s compliance team such as auditors, project managers, analysts, vendors, development resources, and business partners.
REQUIRED SKILLS:
Required (Five Years): Exposure to Complex IT web Applications, within the past five years.
Required (Five Years): Experience in a role, as a business analyst, supporting a software development project, in the past five years.
Required (Five Years): Experience leading meeting and making oral and written reports and presentations on work assignments
Required (Five Years): Experience with MS Office to create project documentation.
Required (Five Years): Experience working as a liaison between different business and IT areas.
Highly Desired (Two Years): Knowledge and understanding of the Software Development Lifecycle.
Highly Desired (Two Years): Knowledge or experience creating supporting documentation for IT system audits.
Highly Desired (Two Years): Experience with the creation of Disaster Recover Plans, Business Continuity Plans, and Incident Response Plans.
Highly Desired (Two Years): Experience providing audit evidence to comply with security standards such as NIST, PCI, HIPAA, FERPA.