Job Description :
Security Analyst 3 //(561631)
Richmond, VA
Duration: 6-12 months

Short Description:
ABC IT Security Analyst 3

Complete Description:
local candidates strongly preferred
ONLY in-person interviews will be conducted, NO Skype, NO exceptions
position will be extended beyond 6/30/18 end date on req, possibly 6-12 months
Please do not submit candidates who were submitted to the previous req, 558361. We need NEW candidates only.

Will serve as lead security analyst role in a information security policy development project. Requires ability to quickly process and organize information, in both written and oral formats. Must be able to meet aggressive deadlines.

The Information Security Analyst will be the primary resource responsible for the development of information security policies and procedures. This effort will require the ability to quickly gather, process, and assimilate information from various sources, to include technical and non-technical stakeholders and information security standards. All information security policies and procedures must be clear, concise, and easily comprehended by all audiences throughout the organization.
Analyze requirements and translate into information security policy and procedures.
Ensure all proposed policy, procedures, and security controls are compliant with all applicable information security standards, laws, regulations, and executive orders.
Coordinate with SMEs to ensure technical and non-technical security controls supporting information security policy and procedures are in-place and satisfy proposed policy or procedures. Identify, analyze and provide recommendations to address any policy, procedure, and security control gaps.
Develop information security policies and procedures using clear, concise, and accurate statements.
Complete and provide all drafts and revisions in accordance with approved project schedule.


Sample work product Required (Policy Statements) Required Years
Experience creating and maintaining information security policies, procedures, standards and guidelines Required 8 Years
Identifying, developing, and evaluating effective security controls pursuant to NIST 800-53 and/or CSRM standards 501/525. Required 8 Years
Firm understanding of risk management frameworks, activities, and deliverables. Required 8 Years
Firm understanding and experience with IT governance frameworks, such as COBITS and ITIL. Required 5 Years
Professional working experience in a dedicated information security role. Required 8 Years
Excellent oral and written communication skills Required 10 Years