Hello, Hope you’re doing great. Please find the below requirement. Thanks.!!!
*Job Title: 6168-1: Security Analyst* *Location: Columbia, SC Duration: 12 months* *SCOPE OF THE PROJECT:* The Enterprise Architect is tasked with ensuring compliance with federal guidelines. This position will be performing those services including: • Creation of System Security Plans under MARS-E • Working within the agency eGRC system to incorporate elements of the SSP and other artifacts • Interviewing administrators, managers, and third parties to aid in development of SSP artifacts • Ensuring that responses are in accordance with the federal requirements • Performing internal audits of the agency and third parties against the established SSP responses • Coordinating system assessments with agency and third parties • Facilitating external auditors in performing required compliance audits *Role Summary/Purpose* The Consultant will report to the Office of Information Assurance and will be a dedicated resource for the Enterprise Architect and related project teams. The responsibilities include all tasks related to maintaining CMS compliance for Medicaid entities. System Security Plans, Interconnection Security Agreements, Computer Matching Agreements, and related interviews and audits to complete and verify these artifacts are required of this position. A good working knowledge of related technologies such as IBM System 390, Linux and Windows servers, firewalls, IPS solutions, switching and routing infrastructure, and data types and data classifications is mandatory. Experience with CMS is strongly desired and will be given the highest weight. Essential Responsibilities 1. Interviewing system business and technical owners to determine policies and procedures used for each agency system. 2. Documenting information gathered in both interviews and audits within the eGRC system, Bizagi, Visio and Atlassian products. 3. Auditing internal agency systems as well as partner systems against controls. 4. Facilitating third-party audits within the agency. 5. Collaborating with third parties to provide recommendations for compliance. Required Knowledge/Skills: 1. Have completed a System Security Plan and System Security Plan Workbook for a Medicaid entity or Federal entity utilizing NIST 800-53 based controls. 2. 10+ years of experience in I.T. working with or auditing Windows, Linux, and web-based applications. 3. CISSP and/or CISA certification. 4. Must have a strong working knowledge of MARS-E, CMS ARS, or NIST 800-53. 5. Minimum of 5 years working with auditing and compliance processes. 6. Must have hands-on experience and training with eGRC solutions. 7. Ability to communicate effectively, verbally and in writing, to interact effectively with internal and external vendors, project team members, management, and agency departments to build relationships and use facilitation skills with both technical and non-technical personnel. 8. Ability to write, edit, and prepare graphic presentations of technical information for both technical and business personnel. 9. Experience in organizing information in a way that is appropriate for technical explanations without losing sight of the needs and aptitude of the audience. 10. Ability to collaborate and coordinate with multiple teams and vendors. 11. Ability to work independently and as a member of a team. 12. Ability to multitask and prioritize tasks effectively in order to meet deadlines. 13. Must have intermediate to advanced skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency. 14. Keen attention to detail while maintaining the ability to see the big picture. 15. Ability to absorb and retain complex processes. 16. Strong English language skills. 17. Demonstrable understanding of the rules of English grammar and usage. 18. Ability to accept changes and constructive criticism in a fast turn-around environment. CISSP and/or CISA certification is required. Preferred Requirements/Skills: 1. BS degree in computer science or similar discipline. 2. Prior experience auditing against FISMA standards. 3. Prior experience in working with any other eGRC systems. PUBLIC SECTOR/GOVERNMENT EXPERIENCE REQUIRED? Yes, required. *Skills:* *Category * *Name * *Required * *Importance * *Level * *Last Used * *Experience * Administrative Verbal Communication Skills Yes 1 Expert Currently Using 4 - 6 Years Administrative Written Communication Skills Yes 1 Expert Currently Using 4 - 6 Years Documentation/Language Ability to write, edit, and prepare graphic presentations of technical information for both technical and business personnel Yes 1 Expert Currently Using 4 - 6 Years MMIS - Medicaid Management Informaiton System CMS No 2 Intermediate Within 1 Year < 1 Year Network Security Federal Information Security Management Act (FISMA) Yes 1 Expert Within 1 Year 1 - 2 Years Network Security MARS-E Yes 1 Intermediate Within 1 Year < 1 Year Network Security SSP Yes 1 Expert Within 1 Year 1 - 2 Years Network Security Writing Plan of action and Milestones (POA&M) Yes 1 Expert Within 1 Year 1 - 2 Years Packaged Applications MS Office (Word, Excel, PowerPoint, Visio) Yes 1 Advanced Currently Using 4 - 6 Years Packaged Applications Visio Yes 1 Advanced Currently Using 2 - 4 Years Specialties Public Sector Yes 1 Expert Within 2 Years 4 - 6 Years Specialties eGRC solutions No 1 Intermediate Within 5 Years < 1 Year *Additional Skills:* ----- CISSP and/or CISA certification is required. ● Minimum of 5 years working with auditing and compliance processes. ● Ability to communicate effectively, verbally and in writing, to interact effectively with internal and external vendors, project team members, management, and agency departments to build relationships and use facilitation skills with both technical and non-technical personnel. ● Experience in organizing information in a way that is appropriate for technical explanations without losing sight of the needs and aptitude of the audience. ● Ability to collaborate and coordinate with multiple teams and vendors. ● Ability to work independently and as a member of a team. ● Keen attention to detail while maintaining the ability to see the big picture. ● Ability to absorb and retain complex processes. ● Strong English language skills. ● Demonstrable understanding of the rules of English grammar and usage. ● Ability to accept changes and constructive criticism in a fast turn-around environment. ● Prior experience in working with eGRC systems. Acha Integrated Technology Services Inc., Direct: 703-246-1570 || Email: a...@its-incorp.com ------------------------------------------------------------------------------------------------- 1033 Sterling Road, Suite 205, Herndon VA 20170-3838|| www.its-incorp.com ------------------------------------------------------------------------------------------------- E-Mail is the best way to reach me. <http://www.linkedin.com/in/achaayyappavarma/> -- You received this message because you are subscribed to the Google Groups "Citrix and Sap problems" group. To unsubscribe from this group and stop receiving emails from it, send an email to citrix-and-sap-problems+unsubscr...@googlegroups.com. To post to this group, send email to citrix-and-sap-problems@googlegroups.com. Visit this group at http://groups.google.com/group/citrix-and-sap-problems. For more options, visit https://groups.google.com/d/optout.
