Security Risk Analyst

South Carolina

‐ Onsite

This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Configuration Management Monitoring Compliance Forecast Security Configuration Communication Documentation Excel Power Point

Title: Security Risk Analyst II

Location: Columbia, SC

Job Type: Contract

Daily Responsibilities:

Plan/perform compliance and risk assessment activities for information systems and related processes.
Analyze and trend compliance data from security scans.
Insure regulatory and policy compliance for confidentiality, integrity and availability of network assets.
Communicate and escalate compliance and risk issues to the appropriate department and/or level of management.
Interface with SSOs to gather and document security requirements.
Provide guidance to functional teams with the interpretation, development, implementation, monitoring, and reporting of control processes, documentation, and compliance routines.
Conduct procedural and operational review of processes and systems against corporate, Government, and internal compliance standards.
Act as the representative for security incident investigations, and risk assessment activities conducted by internal and external areas.
Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts.
Perform vendor security evaluations. Coordinate and validate business risk justification documents for government programs

Technical Background:

Ideal candidate will hold a security certification such as CISA, CISM, or CISSP.
Experience with compliance programs within a government agency (ie Medicare, Tricare) is preferred.
Experienced with vulnerability and configuration management and regulatory/contractual configuration items.
Knowledge of technical security controls from NIST, DISA, USGCB, etc. compliance domains across multiple platforms.
Strong knowledge of compliance programs and regulations including HIPAA, FISMA, PCI, NAIC MAR, etc.
Excel expert with the ability to analyze, trend and forecast from high volumes of data. Excellent verbal and written communication skills.
Recognizes the vital role of customer service. Proficient with MS Word.
Any experience with Visio or PowerPoint a plus. Any experience with DoD security is a plus.
An understanding of vulnerability and configuration scanning/remediation of assets using automated tools (ie Nessus, Tripwire CCM, Solarwinds, etc.) is beneficial.
Must have the ability to work on complex enterprise level projects as a security subject matter expert.
Must display excellent communication and interpersonal skills.
Proficient with Excel and able to analyze, trend and forecast high volumes of compliance data.

To apply to this project you must log in.