Description
·Document and address organization's information security, cybersecurity architecture, and systemssecurity engineering requirements throughout the acquisition life cycle.
·Employ secureconfiguration management processes.
·Perform security reviews, identify gaps in applicationsand security architectures, and develop a security risk management plan.
·Define and document how the implementation of anew system or new interfaces between systems impacts the security posture of thecurrent environment.
·Determine the protection needs (i.e., securitycontrols) for the information system(s) and network(s) and documentappropriately.
·Document the vulnerability management processincluding security impact analysis. Track vulnerabilities until remediation.
- Determines security protocols by evaluating business strategies and requirements.
- Responds to, and investigates, security incidents and provides thorough post-event analyses.
Required/Desired Skills
| Skill | Required /Desired | Amount of Experience | Consultant Experience | Consultant Last used |
|---|---|---|---|---|
| • Utilizing emerging technologies to design and implement security solutions; monitoring and improving those solutions | Required | 5 | ||
| • Consulting and engineering in the design and development of security best practices; implementation of security measures to meet business goals. | Required | 5 | ||
| • Identity and access management; tracking and creating/enforcing policies that govern access sensitive technology resources and information assets. | Required | 5 | ||
| • Demonstrated ability to identify risks associated with business processes, operations, technology projects and information security programs. | Required | 5 | ||
| • The NIST 800-53 rev 5 specifications for an information security management system and/or Criminal Justice Information System (CJIS) | Required | 5 | ||
| • 5+ years’ experience in IT risk management and information security | Required | 5 | ||
| • IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, and/or Comptia Security+) |
Key Skills
Education
Any Gradute
- Posted On: Few Days Ago
- Experience: 5+
- Category: IT Security Analyst
- Tenure: Contract - Corp-to-Corp