Cyber Security Analyst

Job Description: The Cyber Security Analyst III (CSA3) within the States Information Security Office (ISO) will be responsible for evaluating, analyzing, and assessing cybersecurity risks associated with new technologies, proposed solutions, and third-party vendors. This includes reviewing vendor security attestations, assessing architectural designs, validating security controls, and supporting statewide procurement decisions through structured risk assessments. This role will also support the development and maturation of the States Third-Party Risk Management (TPRM) program, including the enhancement and operation of tools such as Black Kite. Additionally, the CSA3 will assist with evaluating cybersecurity waiver submissions requiring deeper technical analysis and will help maintain the statewide risk register to ensure tracking and remediation of risks that exceed the States risk tolerance. KEY RESPONSIBILITIES: New Technology & Solution Security Reviews: Conduct security reviews f...