IT Security/Privacy Analyst
Raleigh, NC, United States
Length and terms:
Long term - W2 or C2C
Position created on 05/04/2022 07:04 pm
Interview Type: Skype *** Very long term project; initial PO for 1 year, expect to go for 4+ years *** Remote during covid then onsite
NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Specialist to assist and assess the DSOHF facilities and review PSO requirements. In addition this resource must also review the privacy, security, Business Continuity Planning, Disaster Recovery and audit requirements. This resource must identify the risks and assist in the development of mitigation strategies, and to establish the target security/infrastructure architecture.
Duties include, are not limited to:
- Expert in vulnerbility assesment using Qualys
- Author corresponding requirements, including definition of dependencies on infrastructure consolidation efforts.
- Define and review Privacy and Security/Information Assurance requirements (and dependencies).
- Specify key architectural aspects of the architecture view, and identify other aspects that need definition.
- Define and review Business Continuity Plan and Disaster Recovery Testing
- Research Best Practices for reuse, applying Federal rules, State IT Security, DHHS Privacy and Security policies and industry standards, and defining the transformation approach that transitions the current architecture to the target architecture.
The ideal candidate will have experience working with current and emerging information security technologies, privacy and development methodologies. Bachelors degree in computer science, management information systems, or related field preferred. Candidate must have knowledge in vulnerbility assessment tools like Qualys, Nessus. Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected.
7 years of
- Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.
- Experience updating privacy and security policies based on gaps found through an assessment process.
- Experience Performing risk assessments based on NIST 800-53 Rev 4. HIPAA,SSA and IRS Pub 1075.
- Experience with network mapping and vulnerability scanning tools such as Qualys, NESSUS and NMAP.
- Experience in reviewing the Business Continuity plans, Disaster Recovery Testing plans based on Federal and State requirements
Contact the recruiter working on this position:
The recruiter working on this position is Raghu
His/her contact number is +(1) ()
His/her contact email is firstname.lastname@example.org
Our recruiters will be more than happy to help you to get this contract.