$33.71 – $53.94 Hourly
$70,124 – $112,198 Annually
This position is a Pay Band IE
Posting Details
This posting will be used for ongoing recruitment and may close at any time. Applicant lists may be screened more than once.
Why does the job exist?
The New Mexico Department of Aging and Long-Term Services Department, IT Security & Compliance Administrator position will be assigned to the Deputy Chief Information Officer. This position will be integral in the day-to-day communication and support of the technology platforms that ALTSD provides to both internal and external consumers. This position will perform day to day operations on all ALTSD firewalls and firewall management systems. Additionally, performs all procedures necessary to ensure the
safety of information systems assets and data and to protect systems from intentional or inadvertent access or destruction. As ALTSD continues to deploy technology to aid in the social isolation, as well as provide access to resources, to the population it serves, this position will be key in ensuring that these technologies are operational, effective, and efficient.
How does it get done?
Administration of ALTSD risk management, mitigation and response, compliance, control assurance, and user awareness
– Perform audits to ensure that users are adhering to the necessary procedures and processes to maintain IT security and compliance. Monitors compliance with security policies, standards, guidelines and procedures.
– Conduct impact analysis to ensure resources are adequately protected with proper security measures, analyze security analysis reports for security vulnerabilities and recommends feasible and appropriate options. Create, disseminate and update documentation of identified information security risks and controls. Follow up on deficiencies identified in monitoring reviews,
self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
– Check existing accounts and data access permission requests against documented authorizations. Assists in the data classification process. Reports on significant trends and vulnerabilities.
– Participate with internal and external IT team(s) to gather a full understanding of new and current project scopes and business requirements, participate in designing secure infrastructure solutions and applications. Work directly with the clients, third parties and other internal groups to facilitate information security risk analysis and risk management processes and to identify
acceptable levels of residual risk.
Administration of security strategies, policies/standards
– Coordinate and collaborate with compliance/regulatory auditors during formal audits as well as third-party security agencies or companies in performing security assessments.
– Provide input into the development, review and implementation of enterprise-wide security policies, procedures, and standards to meet compliance responsibilities.
– Assist in preparing and/or updating disaster recovery plans.
Post-incident response
– Review, document, and discuss violations of computer security procedures with the Chief Information Officer to report incidents.
– Monitor reports of computer security threats to determine changes in security stance. Assist in the development of plans to safeguard computer configurations against accidental or unauthorized modification, destruction, or disclosure.
– Provide guidelines and expertise for creating security awareness training for users to ensure IT system security and compliance.
Develop reports as required, on any security deficiencies identified as Corrective Action Plans (CAPs) resulting from an audit and maintain Plans of Actions and Milestones (POAMs).
Other key assignments of the are as follows:
– Work with the ALTSD ITD team to ensure the ALTSD enterprise infrastructure and resources are available and meet optimum performance, when applicable.
– Responsible for keeping current with IT industry standards, security, evolving technologies, and methodologies.
– Serve as a go-to person on complex issues with regard to the technology platforms they manage.
Who are the customers?
ALTSD programs provide vital care and solutions to our most vulnerable populations, the aging and disabled, and their families. Technology helps address the social isolation issues that are being experienced in a greater respect, due to the COVID-19
Pandemic. They are also key in allowing access to resources provided by ALTSD in a safe and efficient manner, to protect those we serve.
Ideal Candidate
Problem-solving skills
Analytical and critical thinking capabilities
Interpersonal and collaborative skills
Written and verbal communication skills
Minimum Qualification
Bachelor’s degree in Computer Science, Management Information Systems (MIS), Information Technology, Engineering or similar technical degree and two (2) years of experience in IT security or compliance validation (e.g. HIPAA, PCI). Substitutions Apply. See Substitution Table below. A certificate in IT security/forensics (e.g. CISSP, CEH, CCFP, CCSP, HCISPP, SSCP) or regulated compliance (e.g. PCIP, ASV, ISA, QSA) can be used to substitute one year of experience.
Substitution Table
These combinations of education and experience qualify you for the position:
Education Experience Education Experience 1 High School Diploma or Equivalent AND 6 years of experience OR High School Diploma or Equivalent AND 6 years of experience 2 Associate’s degree in the field(s) specified in the minimum qualification AND 4 years of experience Associate’s degree or higher in any field AND 6 years of experience 3 Bachelor’s degree in the field(s) specified in the minimum qualification AND 2 years of experience 4 Master’s degree or higher in the field(s) specified in the minimum qualification AND 0 years of experience
• Education and years of experience must be related to the purpose of the position.
• If Minimum Qualification requires a specific number of “semester hours” in a field (e.g. 6 semester hours in Accounting), applicants MUST have those semester hours in order to meet the minimum qualifications. No substitutions apply for semester hours.
Employment Requirements
Must possess and maintain a valid Driver’s License. Must possess and maintain a current Defensive Driving Course Certificate from the State of New Mexico or must pass and receive Defensive Driving Course Certification within 90 days of employment.
Pre-employment background investigation is required and is conditional pending results.
Working Conditions
Work is performed in an office setting with exposure to Visual/Video Display Terminal (VDT) and extensive phone and personal computer usage. Direct client interaction and some travel may be required. Ability to lift/carry up to 50 lbs.
Supplemental Information
Benefits:
Do you know what Total Compensation is? Click here
Agency Contact Information: Sonia Abeyta (505) 709-8656 Email
For information on Statutory Requirements for this position, click the Classification Description link on the job advertisement.
Bargaining Unit Position
This position is not covered by a collective bargaining agreement.