IT Security Analyst
Hire IT People, LLC
Job Seekers, Please send resumes to resumes@hireitpeople.com Short Description: Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.
Complete Description: Years of Experience:4-7 years of experience in the field or in a related area.
Responsibilities:• Facilitate Security Control Assessment (SCA) and Continuous Monitoring Activities (Plans of Action and Milestones (POA&M) , Corrective Action Plans (CAP) with State of Michigan Applications.• To be considered for this position, the candidate must be available to work in Lansing Michigan • Examine, interview, and test procedures in accordance with NIST SP 800-53A Revision 4.• Ensure State of Michigan & Agency policies are adhered to and that required controls are implemented.• Validate respective information system security plans to ensure NIST control requirements are met.• Execute SCA (DTMB-170) documentation, including but not limited to POA&M & CAP.• Familiarity with NIST requirements, particularly 800-53 revision 3 and revision 4.• Author recommendations associated with your findings on how to improve the customer’s security posture in accordance with SOM PSP & NIST controls.• Ability to lead small, less complex system assessments independently• Ability to assist team members & Vendors with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
Qualifications:• Candidate must have solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols and standards.• Candidate must have at (1-3) years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1.• Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems in including UNIX and Microsoft.• Candidate must have the ability to work independently and as part of a team• Preferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification, but it is not required• Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience• Collaborate on multiple projects at a given time and experience with Vendors is a plus• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
SkillRequired / DesiredAmountof ExperienceCandidate must have solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols andRequired2YearsCandidate must have at (1-3) years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-53 Revision 4Required2YearsExperience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems in including UNIX and MicRequired2YearsCandidate must have the ability to work independently and as part of a teamRequired2YearsPreferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification, but it is not requiredDesired1YearsExpertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plusDesired1YearsStrong written and verbal communication skills including the ability to explain technical matters to a non-technical audienceRequired2YearsCollaborate on multiple projects at a given time and experience with Vendors is a plusDesired2YearsFlexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid changeDesired2Years
Complete Description: Years of Experience:4-7 years of experience in the field or in a related area.
Responsibilities:• Facilitate Security Control Assessment (SCA) and Continuous Monitoring Activities (Plans of Action and Milestones (POA&M) , Corrective Action Plans (CAP) with State of Michigan Applications.• To be considered for this position, the candidate must be available to work in Lansing Michigan • Examine, interview, and test procedures in accordance with NIST SP 800-53A Revision 4.• Ensure State of Michigan & Agency policies are adhered to and that required controls are implemented.• Validate respective information system security plans to ensure NIST control requirements are met.• Execute SCA (DTMB-170) documentation, including but not limited to POA&M & CAP.• Familiarity with NIST requirements, particularly 800-53 revision 3 and revision 4.• Author recommendations associated with your findings on how to improve the customer’s security posture in accordance with SOM PSP & NIST controls.• Ability to lead small, less complex system assessments independently• Ability to assist team members & Vendors with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
Qualifications:• Candidate must have solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols and standards.• Candidate must have at (1-3) years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1.• Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems in including UNIX and Microsoft.• Candidate must have the ability to work independently and as part of a team• Preferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification, but it is not required• Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience• Collaborate on multiple projects at a given time and experience with Vendors is a plus• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
SkillRequired / DesiredAmountof ExperienceCandidate must have solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols andRequired2YearsCandidate must have at (1-3) years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-53 Revision 4Required2YearsExperience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems in including UNIX and MicRequired2YearsCandidate must have the ability to work independently and as part of a teamRequired2YearsPreferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification, but it is not requiredDesired1YearsExpertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plusDesired1YearsStrong written and verbal communication skills including the ability to explain technical matters to a non-technical audienceRequired2YearsCollaborate on multiple projects at a given time and experience with Vendors is a plusDesired2YearsFlexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid changeDesired2Years
Confirm your E-mail: Send Email
All Jobs from Hire IT People, LLC