Kindly share some matching resume to *ami...@idctechnologies.com <ami...@idctechnologies.com>*
*Role - Cyber Security Analyst * *Location - Fort Collins, Colorado Duration – 6+ Months Max Rate - $50/hr Any visa is fine. * *Responsibilities* This role will provide oversight, expertise, technical security strategy, standards, and best practices for multiple programs with various security categorizations (low, moderate and high). Ensures preventive, auditing, testing, and reactive measures are being adequately implemented for systems with an active Authorization to Operate (ATO). Provides oversight and recommendations for best business practice based on Federal and ISO guidelines. Providing technical support, testing teams, and documentation generation, reviews and updates. Ensures new and updated security requirements are reviewed, tested and implemented within the project plan timelines. Controls and tracks the preparation of security standards, policies, and procedures. The qualified candidate is expected to be a subject matter expert on enterprise security topics, federal standards, covering web applications, databases and software development. *Duties* - Review and verify policies and procedures are developed in line with all applicable federal and LOC security standards and regulations. - Maintain, track, and communicate detailed project tasks. - Manage initial and reauthorization System Assessment and Authorization (SAA)/ Security Controls Assessment (SCA) task and milestone, task dependencies for low, moderate, and high security systems. - Ensure document deliverables are created, reviewed, and/or updated to include, by not limited to, Privacy Threshold Assessment (PTA)/ Privacy Impact Analysis (PIA), Business Impact Assessment (BIA), Contingency Plans (CP), Configuration Management Plan (CMP), Change Management Plans, Incident Response Plans (IRP), Plan of Action and Milestones (POA&Ms), Security Assessment Reports (SAR), Memorandum of Understanding / Interconnection Security Agreement (ISA) and other documents as necessary. - Categorize and determine baseline IT security requirements in accordance with FIPS 199. - Identify and visually demonstrate system boundaries, select security controls, and ensure implemented controls are adequate for COTS or proprietary web applications. Provide recommendations as necessary to meet or improve controls. - Ensure security policies are developed, maintained and updated to meet IT security best business practices and standards, which may include ISO 27001, Federal Info Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) 800-53 – ITL and FIPS federal info processing standard; plus, ITIL – Information Technology Infrastructure Library – practices for IT service management . - Be able to review security scans, triage vulnerabilities, and be able to provide recommendations on mitigating security risks. - Review hosting, security, and audit compliance to current LOC policies, provide quality assurance (QA) reviews. - Assist testing teams as necessary with coordinating with developers and operations staff to provide evidence as necessary. - Assists in documenting and managing artifacts in SharePoint and CSAM security repositories. - Assists Information Systems Security Managers (ISSMs) in generating ATO package and continuous monitoring artifacts. - Must evaluate business strategies and requirements to develop security strategies, assess risk, research standards, and determine security requirements as necessary. * Required Skills:* - 3+ years’ experience in an enterprise security role. - Extensive experience with Web Application Security – able to identify, confirm, and remediate vulnerabilities. - Broad knowledge of security best practices and compliance requirements o Knowledge of Risk Management Framework. o Knowledge of NIST, FISMA, and other applicable guidance. - Knowledge of Intrusion Detection concepts and applications. - Experience with cloud architecture and security. - Knowledge of various network technologies (routing, switching, load balancing, etc.). - Excellent organizational and communication skills are mandatory for various stakeholder audiences. - Experience collaboratively establishing secure configuration baselines for technologies. - Experience securing Oracle database suites or MS SQL databases. - Experience designing/reviewing architectures for adequate security such as secure authentication methods. - Knowledge or experience with conducting Assessment and Authorization (A&A) following NIST guidelines. - Knowledge or experience developing security documentation and conducting reviews for A&A packages, including but not limited to writing implementation statements. - Awareness of the diagnostic and mitigation aspects of Information Security Continuous Monitoring. *Desired Skills: * - Technical and user experience with Atlassian suite of products, including, but not limited to, JIRA, Confluence, or Bamboo. - Experience with secure coding best practices. - Experience implementing and assessing security controls in appropriate information systems. - Determine agency-level risk to the mission or business case. - Experience with enterprise Identity Management technologies and implementation. *Educational & Certification Requirements* · Bachelor degree in computer science, or 8 years of equivalent job experience in IT or computer science. * Regards,* AMIT KUMAR *Sr. Recruiter* *IDC Technologies Inc.*| *1851 McCarthy Boulevard, Suite 116, Milpitas, CA , USA, 95035* *408 668 8348 **I **ami...@idctechnologies.com* <ami...@idctechnologies.com>* I Gtalk: Recruiter.amitk | Skype: Amitiilm* *Web: **www.idctechnologies.com* <http://www.idctechnologies.com/> "Under Bill s. 1618 Title III passed by the 105th U.S. Congress this mail can not be considered spam as long as we include a way to be removed from our mailing list. Simply send us an e-mail with REMOVE in the subject and we will gladly REMOVE you from our mailing list." -- You received this message because you are subscribed to the Google Groups "SAP BASIS" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-basis+unsubscr...@googlegroups.com. To post to this group, send email to sap-basis@googlegroups.com. Visit this group at https://groups.google.com/group/sap-basis. For more options, visit https://groups.google.com/d/optout.
