Job Seekers, Please send resumes to resumes@hireitpeople.com

Job Responsibilities:

• Create system security plans (SSP) for new applications in alignment with the Secure Application
• Development Life Cycle (SADLC) and Michigan Security Accreditation Process (MiSAP).
• Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software and/or hardware enhancements.
• Continuously monitor plans of action and milestones (POA&M) and corrective action plans (CAP) as they relate to the SSPs in collaboration with the MDOT Enterprise Information Management (EIM) office.
• Validate respective SSPs to ensure NIST control requirements are met.
• Author recommendations associated with your findings on how to improve the customers security posture in accordance with SOM PSP & NIST controls.
• Assist team members and vendors with proper artifact collection to satisfy assessment requirements.

Skillsets Required:

• Experience in the IT industry analyzing and applying information security principles and practices
• Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems
• Experience analyzing the applicable NIST Special Publications 800 - 37 Revision 1, 800-53 Revision 3,4 r 5, and 800-53A Revision 1.
• Experience with other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus
• CISSP, CISA, PMP and/or Security+ certification Nice to have
• Experience working with software vendors to implement security controls Nice to have
• Experience working independently and in a team environment
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Ability to collaborate on multiple projects/efforts at a given time
• Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change