Home

Technical Writer at Des Moines, Iowa - Onsite at Iowa, Louisiana, USA
Email: [email protected]
From:

Goutham,

Integrated Technology Strategies, Inc.

[email protected]

Reply to:   [email protected]

Client is State of Iowa

Role: Technical Writer

Information Assurance Assessment and Authorization (A&A) for servers and systems.

NIST 800-53 and Risk Management Frame work NIST 800-37

Work location: Onsite in Des Moines

In Person Interview

Start and End Date 12/26/23 to 06/30/24

Short Description

DOM is seeking a Technical Writer to lead the effort, to develop new and modify existing policies and procedures, over the next 12 months. 

Complete Description

The Technical Writer will be responsible for drafting policies, procedures, and standards based on the requirements found in National Institutes of Standard Technology (NIST) 800-53 Revision 5, federal regulatory requirements, state law, State of Iowa enterprise security standards, and existing agency documentation. 

Iowa Department of Management (DOM), Division of Information Technology (DoIT), Regulatory and Security Office (REGSEC), in coordination with the business units and other divisions in the Iowa Department of Health and Human Services (HHS), is responsible for the application and continuous monitoring of all privacy, regulatory, and security requirements needed to safeguard agency data and to comply with state and federal laws and regulations. 

This individual will work independently, as well as in collaboration with DoIT teams, HHS Divisions, Business Units, and other Subject Matter Experts (SME) and must be able to communicate effectively to individuals with differing levels of familiarity with the applicable requirements and NIST 800-53 control families.  This individual will serve as a liaison to the Regulatory Product Owner. This individual will also be responsible for the following: 

 Provide technical writing, governance, and policy development/management required to develop and evaluate Information Assurance Assessment and Authorization (A&A) for servers and systems.

 Write and document high level-policies or strategies for REGSEC; write technical documentation such as user manuals, reports, documentation, presentations, proposals, outlines, and summaries, and provide weekly updates regarding assigned projects and tasks including percentage of completion, concerns/issues.

 Provide consultation, guidance and portfolio management for systems and software in compliance with federal requirements and policies.

 Review and document control requirements from the National Institutes of Standard Technology (NIST) 800-53 requirements, and applicable federal regulatory documentation including IRS Publication 1075, the Social Security Administration Technical System Security Requirements, Federal Bureau of Investigations, Criminal Justice Information Security Policy, Office for Child Support Services Security Agreements, and the Centers for Medicare and Medicaid Services, Minimum Acceptable Risk Safeguards for Exchanges.

 Provide support for activities including development and maintenance of Plans of Action & Milestones (POA&Ms); tracking status; provide scheduling for reviews; document milestones and issues; submitting metrics; and preparing presentations and final deliverable reports, as required.

 Evaluate existing documentation and business activities to assess and document gaps in controls, policies, and procedures, as applied throughout the HHS network and applications. 

 Apply general knowledge of privacy and security frameworks and basic technology security concepts to communicate requirements to staff and collaborate with staff on identifying current processes that align with control requirements. 

 Write policies and procedures using existing agency templates in a professional manner, which can be understood clearly by staff with varying degrees of business and technical knowledge.  

 Ensure the appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

A successful candidate for this role is expected to possess the following skills and experience:

 Solid understanding of privacy and security frameworks including NIST 800-53 Rev 5 controls and basic technology concepts.

 Understanding of the risk management framework, NIST 800-37 

 Experience reading and applying state and federal laws and regulations.

 Solid technical writing skills and ability to write professionally with attention to detail.

 Strong organizational skills with ability to maintain and organize a great deal of information from varying sources.

 Ability to collaborate effectively with a wide range of personalities and work styles.

 Ability to break down complex tasks into actionable work items.

 Ability to work independently and communicate effectively. 

 Ability to self-direct with initiative to learn quickly.

 Ability to maintain adherence to deadlines but allow for flexibility as needed

Keywords: microsoft
[email protected]
View all
Thu Dec 07 23:42:00 UTC 2023

To remove this job post send "job_kill 919538" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 32

Location: , Indiana