Home

Security Governance Consultant (Senior) - Immediate Interview at Remote, Remote, USA
Email: [email protected]
Hi,

I hope you are doing well.

Kindly find the job details below & revert back to me with your updated resume if you are Interested.

Client Name: State of Maryland

 Role: Security Governance Consultant (Senior)

 Duration: Long Term

Duties:

As a key participant within a Security Governance Team, will share responsibilities for conducting ISSO and Assessor duties in the System Assessments and authorization (SA&A) process and maintaining continuous Approval to Operate(ATO) for various environments and applications.
Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF)   system and application accreditation.
Prepare vulnerability scanning test plans, coordinate testing, and conduct scans using Nessus, WebInspect and other scan applications.
Analyze vulnerability scan results for validation and root cause.
Perform security system event analysis, investigation, and validation.
Provide incident response to classification spills, malware infection, misconfiguration exposure, internal inappropriate behavior and technical issues.
Participate in Lifecycle Management (LCM) Technical Change Control Boards (TCCB) providing technical guidance for security control compliance.
Perform Federal Information Security Management Act (FISMA) assessments and annual reporting.
Perform Security control assessments as part of Continuous Monitoring NIST SP800-53 V4 compliance sustainment for application, infrastructure, and network.
Task, track and mitigate Plan of Action & Milestones (POA&M) vulnerability scan and security assessment findings requiring mitigation.
Perform Privileged User Account Management and Role Based Access assignment.
Perform Privacy Threshold Assessment (PTA) and Privacy Impact Assessment (PIA) as part of Personal Identifiable Information (PII) Management.
Maintain Change Management Plans (CMP), Incident Response Plans (IRP) Information System Contingency Plans (ISCP), and System Security Plans (SSP).
Prepare and conduct training, exercises, and functional testing of IRP and ISCP.
Develop Disaster Recovery plans and Business Continuity Plans, manage testing exercises.

Education:

Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related technical discipline is required.
CISSP, CISA is a plus

Experience:

At least seven (7) years of experience in system and application Certification & Accreditation (C&A, System Assessment & Authorization (SA&A, and Independent Validation and Verification (IV&V).
At least seven (7) years of experience in security system monitoring, syslog and traffic analysis, and incident response.
At least five (5) years of experience in developing and maintaining standard operating procedures and work instructions.
At least three (3) years of experience in fulfilling the role of Information System Security Officer (ISSO).
AWS Cloud Certification is preferred.
Cloud Security Knowledge is a plus.

Keywords:
[email protected]
View all
Mon Nov 20 22:50:00 UTC 2023

To remove this job post send "job_kill 872181" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,