| Duties & Responsibilites : | -local candidates strongly preferred
***candidates MUST be able to be hired directly by the state (in the future, if budget allows) without sponsorship
-Advanced working knowledge of and 3 or more years of professional experience working in Information Technology with a focus on information security policy and risk management
- Thorough, in-depth knowledge of and experience writing risk assessment documentation and understanding how to identify and document risk and risk acceptance as well as develop corrective action plans
- Meticulous attention to detail, excellent verbal and written communication skills, ability to handle multiple priorities, and work both independently and in a team environment
DESIRED QUALIFICATIONS:
- Information Security certification beneficial
RESPONSIBILITIES INCLUDE:
- Work with business areas and Information Security staff to update Business Impact analysis documents
- Perform risk analysis with business function for sensitive systems, utilizing the SCC’s policies
- Develop System Security Plans with the understanding of how risk can impact a system
- Define appropriate security controls for new and existing technologies
ENVIRONMENT
- Microsoft Windows Server 2003, 2008, 2012
- Microsoft Exchange Server 2010
- Microsoft Office Professional 2010
- Windows Active Directory, LDAP, WSUS
- Cisco network and VPN equipment
- VMWare
- SAN, DASD, NAS
- DS-3 Telecommunications, WAN, LAN, VLAN, SIP
- Cisco VOIP
- EMC Data Domain 2500, 4500 & Networker
- Orion SolarWinds Monitoring
- WSFTP & Move IT FTP Server
- SOPHOS
- QualysGuard
Required Skills:
-Advanced working knowledge of & professional experience working in Information Technology w/ focus on information security policy and risk management-Required-3 Years
-Experience writing risk assessment documentation & understanding how to identify/document risk & risk acceptance & developing corrective action plans
Required-3 Years
-Excellent verbal and written communication skills-Required
-Ability to work independently and in a team environment-Required
-Information Security certifications (ex: CISSP, CSSLP, CCFP, etc.) beneficial-Desired
Interview Process:
-Mgr will ONLY conduct in-person interviews, NO Skype, NO exceptions
|
