• Access Management (IAM – SAP and non-SAP); • Responsible for the full access management lifecycle (Joiner, Mover, Leaver), including creation, modification and removal of users, as well as administration of profiles and roles in SAP environments (ECC / S/4HANA and SAP GRC); • Ensuring security controls such as the principle of least privilege and segregation of duties (SoD), supporting risk analyses and remediation prioritization; • Conducting periodic access reviews (recertification), managing critical accesses (generic and emergency) and identifying control gaps, proposing structural improvements and ongoing process enhancement; • Defining, documenting and standardizing processes, approval flows and integration between systems (SAP, Active Directory/Azure AD and HR systems); • Participating in profile redesign and provisioning automation initiatives, ensuring alignment between access and business processes, balancing security and operational continuity; • Supporting internal and external audits, addressing non-conformities and ensuring adherence to regulations and best practices (LGPD, NIST); • Using artificial intelligence for detection of anomalous behavior, risk analysis, process automation and documentation, including application of predictive models and NLP. Also participating in AI governance to ensure ethics, auditability and explainability.

If you have experience with Microsoft Purview, data classification, and DLP frameworks, we’d love to connect. Configure and maintain Microsoft Purview features including data classification, sensitive data types, sensitivity labels, and Data Loss Prev...

• Responsible for managing and maintaining all documentation and related tasks to attain and maintain information security standards. • Assists in the development of security architecture with the management of security architecture, frameworks, policies, principles, and standards. • Advises on the security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network appliances, and host-based security systems. • Participates in incident responses, assessments, audits, and compliance reviews. • Evaluate current information security policies, standards, and procedures and make necessary changes to ensure compliance with information security standards and frameworks. • Work with a cross-functional team of local and remote subject matter experts (product, service, QA, support, system, and sales engineers, and product managers) to plan, write, and edit technical information while meeting compliance requirements. • Manages responses to risk security requests and identifies risk within the business relationship. • Manages content creation, information architecture, and document control processes to ensure compliance with established quality and style standards. • Create and coordinate the creation of technical written content and diagrams for contract deliverables and compliance documents. • Supports current system analysis to identify and propose required technical solutions for the successful implementation of information security controls. • Collaborates with and consults SMEs to create content and validate content for technical documentation in support of auditing initiatives. • Ensures compliance with framework requirements to obtain/retain certification.

Role Description GovCIO is currently hiring for Senior Information Security Analyst with an active Secret clearance to plan and coordinate IT security programs and policies. This position will be located in Arlington, VA and will be a fully remote position. - Plan and coordinate IT security programs and policies. - Manage and control changes to systems, assessing the security impact of related changes. - Provide security testing for code changes/development, and prepare/review documentation to include: - System Security Plans (SSPs) - Risk Assessment Reports - Certification and Accreditation (C&A) packages - System Requirements Traceability Matrices (SRTMs) - Provide Subject Matter Expertise (SME) for disaster recovery (DR) contingency plans (ISCP). - Write expert IT Security evaluations of audits findings. - Assist with creating, updating and closing all Plans of Action and Milestones (POAMs). - Develop security guidelines and processes for new and existing networks as needed. - Provide IT Security analysis by reviewing all System Change Requests (SCR). - Review vulnerability scan reports and work with technical SMEs to develop and track plans to remediate findings. Qualifications - Bachelor's with 5 - 8 years system security (or commensurate experience) Requirements - Clearance Required: Active Secret with the ability to obtain and hold DEA suitability Benefits - Posted Salary Range: USD $115,000.00 - USD $115,000.00 /Yr.