Job summary:


Title:
Security/ Risk Lead

Location:
Raleigh, NC, United States

Length and terms:
Long term - W2 or C2C


Position created on 01/22/2020 03:06 am

Job description:


Interview Type: Skype *** Very long term project; initial PO for 1 year, expect to go for 4+ years *** Onsite - No Remote ***

 Privacy and Security Office (PSO) requiring services of an IT Security Team Lead to lead/ manage county assessment team to aid county offices in the identification of gaps through risk management, and assist in the development of mitigation strategies, and to establish the target security/infrastructure architecture. 


Duties include, are not limited to:

  •  Lead a security specialist team for risk management.
  •  Author corresponding requirements, including definition of dependencies on infrastructure consolidation efforts.  
  •  Define Security/Information Assurance requirements (and dependencies).  
  •  Specify key architectural aspects of the architecture view, and identify other aspects that need definition.  
  •  Research Best Practices for reuse, applying State IT Security and industry standards, and defining the transformation approach that transitions the current architecture to the target architecture.
  • The ideal candidate will have experience working with current and emerging information security technologies and development methodologies. Bachelors degree in computer science, management information systems, or related field preferred.  Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected.

Required Skills

  • 7 years Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.
  • Experience updating privacy and security policies based on gaps found through an assessment process.
  • Discover, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method.
  • Experience documenting vulnerability assessment results in a accurate, clear, actionable, and available way to appropriate personnel
  • Must be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needs
  • Must be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies.
  • Experience Performing risk assessments based on NIST 800-53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075.
  • Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.
  • Experience leading a technical team and assist the technical team


    Desired Skills

    • Public sector experience, local

Contact the recruiter working on this position:



The recruiter working on this position is Krishna Simha
His/her contact number is +(1) (202) 7381481
His/her contact email is krishna.simha@msysinc.com

Our recruiters will be more than happy to help you to get this contract.