Job ID :
9555
Company :
Virginia Information Technology Agency
Location :
RICHMOND, VA
Type :
Contract
Duration :
6 Months
Salary :
Open
Status :
Active
Openings :
1
Posted :
16 Dec 2016
Job Seekers, Please send resumes to resumes@hireitpeople.com
Complete Description:   *local candidates strongly preferred
*ALL candidates MUST be able to attend a personal interview, NO phone interviews, NO Skype, NO exceptions.


The VDH - Office of Epidemiology (OEPI) is seeking a contractor to help provide an initial environmental assessment of their IT systems including a risk assessment. OEPI would like system and data owners documented, both general and application controls.

This position will work with end users Office of EPI to design and execute a sustainable Information Security risk assessment and security planning process for the automated applications used. Additionally, this position will work with end users of identified EPI systems to develop requirements in response to business requests for systems enhancements, modifications, and newly identified business initiatives; evaluate alternative strategies and recommend viable solutions that are compatible with current technologies and systems; develop requirements documents; interact and provide direction to developers doing work assigned to projects; provides assistance to system owners on appropriate application controls; develops methods for improving system processes; develop and present training to inform staff of system changes and enhancements; actively participate in unit testing of the applications; maintain documentation and records for assigned projects; participates in production problem resolution and makes suggestions for process improvement. 

Specific Tasks: 
1. Information Security Risk Assessment and Planning
a. Work with the Office system owners and OIM staff to determine and document general system functions
b. Collaborate with the Office to create (or update) required data classification and system inventory documents
c. Work with the Office, OIM and ISO to complete the comprehensive Sensitive IT System Risk Assessment Report and Security Plan
d. Work with the Office and OIM to prioritize information security risks and develop a remediation schedule.
e. Work with the Office to develop (or update) and implement required procedures and controls to support information security requirements.
f. Develop/update the IT Application Roadmap document to include security risks that will require application modifications.
2. Support for System enhancements, modifications and ongoing support
a. Provide assistance to the Office in generating IT project initiation requests for enhancements and modifications
b. Document requirements for enhancements and modifications (business analysis)
c. Work with OIM and the Office in developing annual MOA’s for application support and creating MOA addenda for system enhancements and modifications.


Skill
Required / Desired
Amount
of Experience
exp. in business requirement gathering using interviews, meetings/workshops, bus. process analysis, use case scenarios, gap analysis, questionnaires
Required
5
Years
requirement analysis to reconcile conflicts, information decomposition, abstract up from low-level information to a general understnading
Required
3
Years
translating business requirements into detailed requirement document, process and workflow diagrams, use-case scenarios, wireframes, prototyping
Required
3
Years
creating deliverables, traceability matrix, preliminary project plan, maintaining requirement repository and versioning
Required
3
Years
directly working and communicating with business users, technical team and multiple stakeholders on information distribution and collaboration.
Required
3
Years
MS Visio, MS Office and MS Project
Required
3
Years
Strong analytical and product management skills required, thorough understanding of how to interpret business needs and translate them into requmnts
Required
3
Years
Experience and understanding of Information Technology Security risk assessment and security procedures and control development.
Required
2
Years
excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers and SME
Required
3
Years