Job Seekers, Please send resumes to resumes@hireitpeople.com

• Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.
• Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements.
• Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer - focused technology solutions in a secure, cost-effective, and efficient manner.
• Coordinate and oversee the production of evidence to support internal and external audits.
• Conduct internal risk, vulnerability, and compliance assessments to:
• Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings.
• Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Georgia Technology Authority (GTA).
• Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance.
• Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives.
• Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation.
• Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths.
• Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs.
• Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations.
• Assist with information security awareness training activities and preparation of awareness training materials.
• Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agencys InfoSec policies and controls.
• Performs other professional responsibilities as assigned.

Qualifications:

• Bachelors degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in information security or information assurance. 

Required Skills/Qualifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy