Security Analyst
InfojiniJob Description
Scope of the project:
The division of information security is tasked with ensuring compliance with state guidelines. This position will be performing those services including:
• Supporting agencies during their development of the information security program with direct tactical implementation assistance.
• Developing and tracking agency information security implementation plans
• Interviewing administrators, managers, and third parties to aid in development of program artifacts
• Ensuring high-level assessments of agencies infosec work to ensure progress is made
• Providing high-level analysis of process and procedures work to ensure compliance with state standards
Daily duties / responsibilities:
This implementation assistance would include, but is not limited to:
• Interviewing business and technical owners to determine policies and procedures used for each agency process
• Developing and tracking infosec implementation plan progress
• Documenting information gathered during both interviews and document reviews to assist with developing formal process and procedures
• Assessing agency documentation to ensure adequate approaches are used to comply with controls
• Facilitating agency status reporting
• Collaborating with agencies to provide recommendations for compliance
required education/certifications:
10+ years of experience in information security and compliance experience
certifications: CISA or CISSP or CISM or GSLC or equivalent
Required skills (rank in order of importance):
• Have completed an information security plan or system security plan workbook
• Prior experience working with fisma standards
• Must have a strong working knowledge of NIST 800-53
• Prior experience POA&M or CAP
• Strong communication experience
Preferred skills (rank in order of importance):
• Simultaneously manage multiple Infosec work efforts
• Strong schedule management and resource planning skills
• Ability to work at a high-volume and fast pace
• Strong collaborator and strong ability to meet deadlines
• Knowledge of IRS 1075, HIPAA, CJIS, MARS-E, and/or PCI-DSS
• Ability to identify, map, and re-engineer business processes
Additional Information
All your information will be kept confidential according to EEO guidelines.