Kindly share some matching resume to *ami...@idctechnologies.com
<ami...@idctechnologies.com>*


*Role - Cyber Security Analyst *




*Location - Fort Collins, Colorado Duration – 6+ Months Max Rate - $50/hr
Any visa is fine. *

*Responsibilities*

This role will provide oversight, expertise, technical security strategy,
standards, and best practices for multiple programs with various security
categorizations (low, moderate and high). Ensures preventive, auditing,
testing, and reactive measures are being adequately implemented for systems
with an active Authorization to Operate (ATO). Provides oversight and
recommendations for best business practice based on Federal and ISO
guidelines. Providing technical support, testing teams, and documentation
generation, reviews and updates. Ensures new and updated security
requirements are reviewed, tested and implemented within the project plan
timelines. Controls and tracks the preparation of security standards,
policies, and procedures. The qualified candidate is expected to be a
subject matter expert on enterprise security topics, federal standards,
covering web applications, databases and software development.

*Duties*

-          Review and verify policies and procedures are developed in line
with all applicable federal and LOC security standards and regulations.

-          Maintain, track, and communicate detailed project tasks.

-          Manage initial and reauthorization System Assessment and
Authorization (SAA)/ Security Controls Assessment (SCA) task and milestone,
task dependencies for low, moderate, and high security systems.

-          Ensure document deliverables are created, reviewed, and/or
updated to include, by not limited to, Privacy Threshold Assessment (PTA)/
Privacy Impact Analysis (PIA), Business Impact Assessment (BIA),
Contingency Plans (CP), Configuration Management Plan (CMP), Change
Management Plans, Incident Response Plans (IRP), Plan of Action and
Milestones (POA&Ms), Security Assessment Reports (SAR), Memorandum of
Understanding / Interconnection Security Agreement (ISA) and other
documents as necessary.

-          Categorize and determine baseline IT security requirements in
accordance with FIPS 199.

-          Identify and visually demonstrate system boundaries, select
security controls, and ensure implemented controls are adequate for COTS or
proprietary web applications. Provide recommendations as necessary to meet
or improve controls.

-          Ensure security policies are developed, maintained and updated
to meet IT security best business practices and standards, which may
include ISO 27001, Federal Info Security Management Act (FISMA), and
National Institute of Standards and Technology (NIST) 800-53 – ITL and FIPS
federal info processing standard; plus, ITIL – Information Technology
Infrastructure Library – practices for IT service management .

-          Be able to review security scans, triage vulnerabilities, and be
able to provide recommendations on mitigating security risks.

-          Review hosting, security, and audit compliance to current LOC
policies, provide quality assurance (QA) reviews.

-          Assist testing teams as necessary with coordinating with
developers and operations staff to provide evidence as necessary.

-          Assists in documenting and managing artifacts in SharePoint and
CSAM security repositories.

-          Assists Information Systems Security Managers (ISSMs) in
generating ATO package and continuous monitoring artifacts.

-          Must evaluate business strategies and requirements to develop
security strategies, assess risk, research standards, and determine
security requirements as necessary.


* Required Skills:*

-          3+ years’ experience in an enterprise security role.

-          Extensive experience with Web Application Security – able to
identify, confirm, and remediate vulnerabilities.

-          Broad knowledge of security best practices and compliance
requirements

o   Knowledge of Risk Management Framework.

o   Knowledge of NIST, FISMA, and other applicable guidance.

-          Knowledge of Intrusion Detection concepts and applications.

-          Experience with cloud architecture and security.

-          Knowledge of various network technologies (routing, switching,
load balancing, etc.).

-          Excellent organizational and communication skills are mandatory
for various stakeholder audiences.

-          Experience collaboratively establishing secure configuration
baselines for technologies.

-          Experience securing Oracle database suites or MS SQL databases.

-          Experience designing/reviewing architectures for adequate
security such as secure authentication methods.

-          Knowledge or experience with conducting Assessment and
Authorization (A&A) following NIST guidelines.

-          Knowledge or experience developing security documentation and
conducting reviews for A&A packages, including but not limited to writing
implementation statements.

-          Awareness of the diagnostic and mitigation aspects of
Information Security Continuous Monitoring.

*Desired Skills: *

-          Technical and user experience with Atlassian suite of products,
including, but not limited to, JIRA, Confluence, or Bamboo.

-          Experience with secure coding best practices.

-          Experience implementing and assessing security controls in
appropriate information systems.

-          Determine agency-level risk to the mission or business case.

-          Experience with enterprise Identity Management technologies and
implementation.

*Educational & Certification Requirements*

·         Bachelor degree in computer science, or 8 years of equivalent job
experience in IT or computer science.





* Regards,*

AMIT KUMAR  *Sr. Recruiter*

*IDC Technologies Inc.*| *1851 McCarthy Boulevard, Suite 116, Milpitas, CA
, USA, 95035*

*408 668 8348 **I **ami...@idctechnologies.com* <ami...@idctechnologies.com>*
I Gtalk: Recruiter.amitk | Skype: Amitiilm*

*Web: **www.idctechnologies.com* <http://www.idctechnologies.com/>

"Under Bill s. 1618 Title III passed by the 105th U.S. Congress this mail
can not be considered spam as long as we include a way to be removed from
our mailing list. Simply send us an e-mail with REMOVE in the subject and
we will gladly REMOVE you from our mailing list."

-- 
You received this message because you are subscribed to the Google Groups "IT 
RECURITER" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to it-recuriter+unsubscr...@googlegroups.com.
To post to this group, send email to it-recuriter@googlegroups.com.
Visit this group at https://groups.google.com/group/it-recuriter.
For more options, visit https://groups.google.com/d/optout.

Reply via email to