| IT Security Analyst NIST || Remote at Remote, Remote, USA |
| Email: [email protected] |
| Hi, Hope you are doing great! Please check the below requirement and send me your updated Resume IT Security Analyst NIST Remote USA Duration: 12+ months Visa: NO H1B/OPT/CPT Start: ASAP **Must be master SSP writer, very strong in NIST 800-53 The IT Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and existing systems. This requires close coordination with IT project teams, business and enterprise security representatives, and product owners, to establish and maintain processes and controls for security vulnerability remediation. Responsibilities: Create system security plans (SSP) for new applications in alignment with the Secure Application Development Life Cycle (SADLC) and Security Accreditation Process Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software and/or hardware enhancements. Continuously monitor plans of action and milestones (POA&M) and corrective action plans (CAP) as they relate to the SSPs in collaboration with the MDOT Enterprise Information Management (EIM) office. Validate respective SSPs to ensure NIST control requirements are met. Author recommendations associated with your findings on how to improve the customers security posture in accordance with PSP & NIST controls. Assist team members and vendors with proper artifact collection to satisfy assessment requirements. Skillsets Required: Experience in the IT industry analyzing and applying information security principles and practices Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems Experience analyzing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1. Experience with other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus Nice to have: 2 years CISSP, CISA, PMP and/or Security+ certification Nice to have Experience working with software vendors to implement security controls Nice to have Experience working independently and in a team environment Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience Ability to collaborate on multiple projects/efforts at a given time Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change Piyush Varshney Sr Technical Recruiter |Vyze Inc. Phone : +1 703 982 7189 E : [email protected] Hangout : Piyush.vyze36 linkedin.com/in/piyush-v- -0852a4218 Disclaimer : This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited, To remove your email address permanently from future mailings, please send REMOVE to [email protected] -- Keywords: information technology |
| [email protected] View all |
| Fri Sep 22 20:39:00 UTC 2023 |