Job Seekers, Please send resumes to resumes@hireitpeople.com
Complete Description:
*local candidates strongly preferred
**mgr will ONLY conduct in-person interviews, NO Skype, NO exceptions
***contract should be approximately one year in length
****candidates MUST be able to be hired directly by the state (in the future, if budget allows) without sponsorship
This position will provide a full range of information security risk assessment capabilities and full understanding of information security risk management in order to assist the business areas in completion of the Business Impact Analysis, Risk Assessments, and subsequent System Security Plan. This position will also be responsible for the creation of Information Security Standards.
Responsibilities include:
- Creating the OIS Security Book, including the creation of information security standards, procedures, and guidelines
- Working with business areas and Information Security staff to update Business Impact Analysis documents
- Performing Risk Analysis with business function for sensitive systems utilizing the SCC’s policies
- Developing System Security Plans with the understanding of how risk can impact a system
- Working with multiple business lines to document and maintain information security standards
- Defining appropriate controls for new and existing technologies
- Leading projects and providing overall project management support to information security team
Environment:
- Microsoft Windows Server 2003, 2008, 2012
- Microsoft Exchange Server 2010
- Microsoft Office Professional 2010
- Windows Active Directory, LDAP, WSUS
- Cisco network and VPN equipment
- VMWare
- SAN, DASD, NAS
- DS-3 Telecommunications, WAN, LAN, VLAN, SIP
- Cisco VOiP
- EMC Data Domain 2500, 4500 & Networker
- Orion SolarWinds Monitoring
- WSFTP & MoveIT FTP Server
- SOPHOS
- QualysGuard
Skills:
|
Skill |
Required / Desired |
Amount |
of Experience |
|
Advanced working knowledge of & professional experience working in Information Technology w/ focus on Information Security policy and risk management |
Required |
3 |
Years |
|
Thorough, in-depth knowledge of and experience writing risk management documentation |
Required |
2 |
Years |
|
Understanding of how to identify and document risk and risk acceptance as well as develop corrective action plans |
Required |
2 |
Years |
|
Ability to diagram complex concepts in a format that is easily understandable |
Required |
2 |
Years |
|
Understanding of information security policy and standards with the ability to create and edit documents of this type |
Required |
2 |
Years |
|
Ability to lead projects through to completion with limited supervision |
Required |
4 |
Years |
|
Experience writing, editing, and/or proofreading documents in a professional work environment |
Required |
4 |
Years |
|
Strong proficiency in both concise and detailed written communications |
Required |
4 |
Years |
|
Strong proficiency with Microsoft Office applications including Visio and PowerPoint |
Required |
5 |
Years |
|
Excellent verbal communication skills, including the ability to effectively communicate to all levels of the organization |
Required |
|
|
|
Ability to handle multiple priorities and work both independently and in a team environment |
Required |
|
|
|
Meticulous attention to detail |
Required |
|
|
|
Legally eligible to be hired as a state employee |
Required |
|
|
|
Information Security certification (ex: CISSP, CSSLP, CCFP, etc.) |
Highly desired |
|
|
|
Understanding of information security policies, networking, and security risk |
Highly desired |
|
|
|
Experience with SharePoint |
Highly desired |
|
|
