CISSP Certified Security Analyst (HYBRID WORK SCHEDULE)

at Chandra Technologies, Inc.
Published May 4, 2022
Location Lansing, MI
Category Default  
Job Type Full-time  

Description

We are considering the highest possible rate for consultants on CTC 1099 with State of Michigan experience Local consultants to Lansing MI Closer locations with all matching skills in the skillset. We deduct only 2.50hour for any billable work as our margin from the client max rate. This will ensure maximum possible rate to the consultants. Hourly Rate 53 W2 61 CTC1099 Job Description The IT Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and existing systems. The system security plans are documented in the Governance, Risk, Compliance (GRC) tool. This requires close coordination with IT project teams, business and enterprise security representatives, and product owners, to establish and maintain processes and controls for security vulnerability remediation. Responsibilities Create system security plans (SSP) for new applications in alignment with the Secure Application Development Life Cycle (SADLC) and Michigan Security Accreditation Process (MiSAP). Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software andor hardware enhancements. Collaborate with business representatives to establish system registration. Identify security testing and system scanning requirements. Analyze risk assessments and provide mitigating actions and responses for technical controls. Continuously monitor plans of action and milestones (POAM) and corrective action plans (CAP) as they relate to the SSPs in collaboration with the MDOT Enterprise Information Management (EIM) office. Validate respective SSPs to ensure NIST control requirements are met. Author recommendations associated with your findings on how to improve the customer's security posture in accordance with SOM PSP NIST controls. Assist team members and vendors with proper artifact collection to satisfy assessment requirements. Required Skills Experience in the IT industry analyzing and applying information security principles and practices (4 years) Experience reviewing IT systemsapplications plus basic knowledge of networking components and various operating systems (4 years) Experience analyzing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1. (2 years) Experience working independently and in a team environment (5 years) Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience (5 years) Ability to collaborate on multiple projectsefforts at a given time (5 years) Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change (5 years) Preferred Skills Experience with other Security Frameworks (ISO, PCI, NIST, COBIT, HIPAAHITECH, etc.) and regulatory requirements is a plus (2 years) CISSP, CISA, PMP andor Security+ certification (5 years) Experience working with software vendors to implement security controls (5 years) Experience using Lockpath or similar GRC tool (5 years) CISSP Certified Security Analyst Analyzing NIST Special Publications, Security Principles, Networking Components Higher Competitive Rates will be considered for consultants with advanced skill set Corp to Corp Resumes are welcome Consultants may need a criminal background check

Drop files here browse files ...