Provide essential support for the Florida Department of Environmental Protection (DEP) cybersecurity initiatives, including system risk categorization, the triennial risk assessment, development and refinement of user access procedures, enhancements to multi-factor authentication, updates to the vulnerability management plan, and creation or revision of security policies and procedures. 

Expanded Responsibilities 

• Evaluate whether security controls are correctly designed and operating as intended across the Department’s systems. 

• Conduct interviews, review documentation, and sample technical evidence to understand how controls work and how mature they are. 

• Create system-level risk categorizations based on how sensitive each system is and how it is used. 

• Support the development of the Department’s upcoming risk assessment by identifying risks, analyzing their impact, and helping score their severity. 

• Assist with improvements to security procedures, policies, user access processes, and multi-factor authentication guidelines. 

• Review current vulnerability management and change management practices and contribute updates to bring them up to required standards. 

• Work closely with the Security Architect to support security documentation, including mapping controls and building system security content. 

• Participate in interviews, workshops, and onsite assessment activities as needed. 

Required & Preferred Qualifications 

• Experience: 

• Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, or Information Security. Degrees in related technical fields like Engineering (Computer/Electrical), Information Assurance, or Data Analytics are also relevant. 

• 5+ years in cybersecurity risk, compliance, audit, assessments, or governance. 

• Experience performing NIST CSF, NIST 800-53, or state-level cybersecurity assessments. 

• Certifications: CISA, CISSP, Security+ (minimum 1 required). 

• Other Requirements: 

• At least one year applying Florida Cybersecurity Standards in assessments, policy work, or state government engagements. 

• Strong technical writing skills for developing deliverables such as procedures, risk reports, and policies. 

Note: 

(All personnel reside within 50 miles of the Florida Capitol building and maintain at least 1 year of working knowledge of the Florida Cybersecurity Act (§282.318 F.S.) and Florida Cybersecurity Standards (60GG-2), as required for meeting DEP timelines and deliverables.) 

All personnel meet or exceed DMS/ACS labor category requirements under SIN 54151HACS & 54151S. 

Work arrangement: 80% remote / 20% onsite for scheduled syncs, workshops, interviews, and deliverable reviews.