IT Security and Compliance Engineer - Polk County, IA

Greetings of the Day...!!

We have an excellent requirement for you. Please go through the job description and let me know your level of interest in this position. Feel free to mail me at ************* or call me at .

Job Title: IT Security and Compliance Engineer

Location: Polk County, IA

Job Description:

• The IT Security and Compliance Engineer creates or updates security and privacy documentation according to NIST SP 800-53 Rev 4 requirements, including system security plans, security reports, and privacy assessments.
• The engineer works with department subject matter experts (SMEs) to develop and document control implementation descriptions that meet or exceed the security-control compliance requirements.
• The engineer develops policies and procedures based on security-control implementations for each business unit and system component in scope of the system boundary.
• The engineer inputs and maintains security-controls and associated artifacts in the organization s Governance, Risk and Compliance (GRC) system.
• The IT Security and Compliance Engineer performs other tasks as assigned, such as updating diagrams, taking screen captures for insertion into documentation, and planning documentation schedules to meet defined project milestones.
• The engineer should be comfortable working independently with guidance from a project manager and amongst a team.

Responsibilities:

• Create or update the System Security Plan (SSP), System Security Plan (SSP) Workbook, IRS Safeguard Security Report (SSR), Privacy Impact Assessment (PIA), Information Security Risk Assessment (ISRA), Computer Matching Agreement (CMA), Information Exchange Agreement (IEA), and Interconnection Security Agreement (ISA)
• Develop new or update current policies and procedures to meet federal requirements
• Coordinate with department subject matter experts on all aspects of policies and procedures
• Consider risk mitigation and remediation when drafting policies and procedures
• Maintain security controls catalog and associated artifacts in department GRC
• Gather documentation and evidence to support new and revised policy and procedures for independent security controls assessments, and third party penetration tests
• Adhere to documentation plans and schedules
• Achieve and maintain relevant knowledge on organization s mission and information system structure
• Maintain consistency in tone and style.
• Manage updates and revisions to existing documentation.
• Resolve reported documentation issues.
• Identify new documentation needs or opportunities.
• Collaborate with team on meeting security and privacy requirements
• Participate in other security and compliance projects as needed.
  

Needed Soft Skills:

• Time management skills with the ability to operate under short deadlines
• Self-starter with minimal management supervision
• Ability to work under pressure and manage fluctuating workloads
• Work in a team setting
• Ability to gain consensus
• Maintain confidentiality
• Excellent written and verbal communication skills.

Required/Desired Skills: