Job Description :
Job Description



The Security Analyst (SA) is responsible for ensuring the technology resources associated with the project adhere to agency standards. The SA works under general supervision, with moderate latitude for the use of initiative and independent judgment, yet follows all policies and procedures required by the office of the HHS IT Chief Information Security Officer (CISO

· Confers with IT management, program, vendor, and office of the HHS IT CISO to discuss issues such as computer data access needs, security and programming changes.

· Manages, and monitors the daily activities and effectiveness of the information security of the project.

· Implements new technology solutions to secure agency information security assets and/or confidential data as directed by CISO.

· Meets regularly with IT management, program, vendor, CISO team, to ensure to-be implemented or implemented security protocols are meeting expectations.

· Ensures timely and appropriate reports are provided to the Project Manager as input to project status reports.

· Provides technical and non-technical audits, risk analyses, and documents compliance and/or noncompliance based on findings.

· Writes reports for CISO and other IT related needs as required by Law, Rule, or Direction. This includes effectively collaborating with and communicating with stakeholders.

· As needed or as directed, assists CISO team to investigate and addresses security incidents related to the project promptly, documents the results of the investigation, including advising management of issues, and implementing risk mitigation strategies.


II. CANDIDATE SKILLS AND QUALIFICATIONS

Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will not be considered for this opportunity and the resume will not be submitted to the customer.
Years Required/Preferred Experience
6 Required Best practices; training, and incident management.
6 Required Progressive experience in information technology which includes direct responsibility for service delivery; systems or network configuration; service management and/or risk management; policy and compliance; procedures and standards
6 Required Progressive experience administering secure network infrastructure and associated systems: Experience in information security either on IT Projects or as staff for a state agency or private sector employer.
6 Required Establishing and implementing/executing information security protocols and adhering to policies procedures and guidelines as directed by Information Security executive management.
4 Preferred Bachelor’s Degree from an accredited four-year college/university in Computer Science, Computer Engineering, Management of Information Systems, Communications, or a related field.
3 Preferred Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Project Management Professional (PMP

Client : State Client