"Alerted.org

Cybersecurity Splunk PCI DSS NIST Communication Skills Analytical Skills Analyst

Requirement id 154425

Job title Analyst

Job location in Madison, WI

Skills required Cyber Security, Risk Management, Splunk, PCI DSS NIST Communication Skills Analyt

Open Date 24-Jul-2025

Close Date

Job type Contract

Duration 11 Months

Compensation DOE

Status requirement ---

Job interview type ---

Email Recruiter:coolsoft

Job Description Analyst: Cyber Security, Risk Management, Splunk, PCI DSS NIST Communication Skills Analyt

Start date : 08/11/2025

End Date : 06/30/2026

Submission deadline : 7/31/2025 4:00:00 PM

Client Info : WHS

Note:

* Interview Process: Microsoft Teams with Video

* Duration: 6/30/26 with possibility of extensions

* Onsite or Remote? Candidates MUST be WI residents or willing to relocate to WI prior to starting the role at their own expense. This is a hybrid position, so on-site work is required some days (likely 2-3 days) based on project and operational demands, but WHS is a great place to work right in the heart of downtown Madison and the UW-Madison Campus. Remote work is allowed and encouraged when possible.

* Public parking options are available nearby, public transportation is a half-block away, bike racks are available just outside of our doors. Commuting expenses are not covered by WHS.

Description :

The Bureau of Information Technology Services (BITS) at the Wisconsin Historical Society (WHS) manages the technology and computer infrastructure that drives the Agencys business systems. The IT department manages infrastructure and software that supports the WHS Headquarters building, the State Archives Preservation Facility (SAPF), and twelve Historic Sites around the State. This position reports to the Deputy IT Director and works closely with IT team members,key internal stakeholders across all WHS divisions, and external partners such as the Department of Administrations (DOA) Division of Enterprise Technology (DET),providingexpertise and support for a variety of complexcybersecuritytechnologies, IT risks, and compliance requirements.

The IT Security, Compliance, & Risk Coordinator serves as the lead facilitator for agency cybersecurity compliance, audit readiness, andrisk oversight ensuring alignment with state IT policies and standards, PCI DSS, and industry recognized frameworks. This role helps to guide agency IT security policy and procedure development, oversee audit responses, coordinates IT solution security review intake processes, manages the agency IT vulnerability management program, triages IT security exception requests and initiates review workflows,and maintains systems documentation such as risk registers and security review assessments.

Regularly performing complexrisk assessments related tocloud-hosted solutions (e.g., SaaS, PaaS, IaaS),Artificial Intelligence (AI) technology and AI use cases,agency data governance and privacy protections, andapplication security governance; the IT Security, Compliance, & Risk Coordinator acts as a key liaison to external partners and collaborates closely with internal IT teams,division leadership, program staff, regulatory agencies, and vendors to strengthen the agencys security and compliance posture.

This IT Security, Compliance, & Risk Coordinator champions a security and compliance minded culture daily and plays an integral role in promoting agency-wide IT security and risk awareness.

Responsibilities

IT Compliance & Risk Assessment Management:

• Develop, implement, maintain, and monitor adherence to IT security or compliance policies and procedures,including data protection regulations or internal security policies, ensuringalignment with industry standards and regulatory requirements.

• Conduct regular scans and coordinaterisk assessments to identify potential security threats and vulnerabilities within IT systems, including those related to use of cloud-hosted solutions, AI use cases, and emerging technology integrations.

• Develop and implement risk mitigation strategies while collaborating with partner agencies or managed service providers and internal technical teams to identify and address identified vulnerabilities, security, and compliance gaps.

• Maintain a risk register and ensure that all identified risks are documented, assessed, and addressed promptly.

• Oversee data governanc

Call502-379-4456 Ext 100for more details. Please provide Requirement id: 154425 while calling.

Executive Order 11246, Section 503 & VEVRAA EOE, including disability/vets