Job Description :
Title: Sr. Information Security Engineer/Analyst
Location: Denver CO
Duration: 4 Months
Job Description
A Senior Information Security Engineer does the same technical work as an information security engineer, but has more experience and certification in their field. Engineers at this level will take on information security work that involves a high level of management and communications skill as well as a high level of skill in their specialty. They must be able to work effectively with broad direction in situations that may not be well defined. People at this level may work with technical, administrative or physical security controls or investigations, or may be involved in developing and implementing security projects, policies, standards or business processes.
Summary:
The Office of Information Technology is seeking an experienced security, risk and compliance professional to identify and define technical and security related projects that support the operation and maintenance of the Colorado Benefits Management System, PEAK and associated systems. There is a potential opportunity to move into a permanent state position as a security engineer/analyst.
Duties:
Primary job duties include the following:
Address security risk assessment findings and recommendations for two key systems, Colorado Benefits Management System (hosted in AWS and Salesforce) and PEAK (Salesforce)
Work with the state security team on addressing compliance as well as building the on-going security program to govern risk and compliance.
Work with vendor security and development staff on controls and procedures to align with policies.
Interact with the agency program staff on security reporting and security plan maintenance.
Additional Secondary Duties include the following:
Assist the state with updating processes and procedures in support of security plans for Federal Agencies (Social Security Administration, CMS and IRS)
Provide recommendations for software and hardware configurations to support security standards and setting up a HW/SW asset license management system.
Participate in the definition and implementation of projects to upgrade the systems and infrastructure to comply with revised standards for security and privacy, including MARS E v 2.0 for CMS and publication 1075 for IRS and management of FTI data
Recommend changes to the process for planning and validating the application of patches
Minimum Requirements:
Clear Communicator (written and verbal)
Experienced with using common business applications; such as, Google Docs, Microsoft Office (Word, Excel), Microsoft Project
Strong analytical and research skills using the Internet and other tools
Strong verbal communication skills & ability to facilitate a planning session or meeting
Understanding of data governance, including the security requirements for PII, FTI, and PHI.
Must be able to work independently and be proactive in reaching for information
Must be comfortable in an environment with change and many concurrent projects
Desired Experience:
Understanding of a government environment and data governance
Experience in the application of commonly accepted concepts and practices specific to the secure design and development of technical documents
Salesforce and AWS hosting
Secure code scanning tool
If Interested please provide me below information:
Full Name:
Email ID:
Contact:
Address:
Availability:
Availability for Interview:
Visa Status:
Visa Expiry date (MM/DD/YYYY):
Relocation:
Rate:
Professional Reference
Name
Company
Title
Telephone
Email