*Position -: Security Analyst* *Duration -: long term* *Location: Fort Collins, CO*
*NEED GC AND USC* *This Security Analyst role requires a very strong understanding of NIST and FISMA (which are US-based security guidelines), so our ideal candidate will probably have years of experience in the US.* * Additionally, this person needs to be familiar both with network security but also application, database and computer security in general. * *A Network Engineer who focuses on security won’t be sufficient, this person needs to be 100% Security focused, with a history of job titles on their resume like “Security Analyst”, “Security Engineer”, “IT Security”, etc.”* *This is a very technical candidate, with strong, hands-on IT exp. and understanding of relational databases* *Security Analyst* *Job Description:* *- Analyze business, functional, and non-functional requirements to create technical design and unit test strategy documents.* *- Design, test, and implement solutions based on requirements provided from the Enterprise Application Services, Office of the Chief Information Officer (OCIO), USDA* *- Design artifacts that follow the technical standards and guidelines * *- Work with staff to define solutions and implement those solutions according to the agreed upon design.* *- Control deployment of HP Fortify and future planned security services * *- Review monthly and quarterly Retina and WebInspect scans and recommend technical solutions to mitigate vulnerabilities* *- Actively transfer knowledge and mentor staff members on various aspects of system specific administration, configuration, and development* *Required Skills:* *- Experience collaboratively establishing secure configuration baselines for technologies such as Windows Server 2008 R2, Exchange 2010, or Red Hat Enterprise Linux Server 6.* *- Experience securing Oracle database suites or MS SQL databases (not looking for someone who only has network skills).* *- Experience performing IT product security specification reviews.* *- Experience designing/reviewing architectures for adequate security such as secure authentication methods.* *- Ability to use collaborative communication skills and establish productive working relationships.* *- Experience with documentation reviews, including A&A packages* *- Awareness of the diagnostic and mitigation aspects of Information Security Continuous Monitoring.* *- Assists Information Systems Security Managers (ISSMs) in generating ATO package and continuous monitoring artifacts. * *- Assists in documenting and managing artifacts in online SharePoint and CSAM security repositories.* *- Knowledge of Risk Management Framework* *- Knowledge of NIST, FISMA and other applicable guidance* *Desired Skills: * *- Implement security controls in appropriate information systems.* *- Assess the effectiveness of the security controls once they have been implemented.* *- Determine agency-level risk to the mission or business case.* *- Authorize the information system for processing.* *- Monitor the security controls on a continuous basis* *- Implement security controls in appropriate information systems.* *Thanks and Regards* *[image: cid:image001.jpg@01D0A762.A6EA2220]* *Chad* IT RECRUITER *Email*: *c...@technocraftsol.com* <c...@technocraftsol.com> *Contact*: *614-664-7632* *Yahoo ID / Gmail ID*: *chad.technocraft* *Website*: www.technocraftsol.com *Note: Technocraft Solutions LLC works with Direct Client’s and Preferred Vendors Nationwide. * *Your confirmation would means that you understand the level of Technocraft Solutions LLC association for the mentioned project and will not approach Technocraft Solutions LLC Client directly* -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. Visit this group at http://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/d/optout.