Previous Job
Previous
Security Analyst
Ref No.: 15-00235
Location: Columbia, South Carolina
Revenue and Fiscal Affairs Office (RFAO)
Columbia, SC
3 Months


Funding approved for this fiscal year. Seeking additional funding for after 7/1/2015. 
 
Job Description: SCOPE OF THE PROJECT:
This Security Analyst InfoSec Policy position has been funded for 18 weeks (end of current fiscal year) with intention to acquire funding in coming fiscal year for the remainder of time to make it a total of 1 year.
Some work may allow for telecommuting but a majority of the work will be done on site and requires a 40 hour work week. Security Analyst will develop processes and controls within the environment, addressing gaps and implementing policies.

Develops and manages security for more than one IT functional area (e.g., data, systems, network and/or Web) across the enterprise. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Responsible for the tracking and monitoring of software viruses. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Must have extensive knowledge in networking, databases, systems and/or Web operations. More junior level position primarily focuses on security administration; a more senior level position is involved in developing enterprise security strategies, management of security projects and the most complicated security issues.

DAILY DUTIES / RESPONSIBILITIES:
PROVIDE PROJECT MANAGEMENT OF INFOSEC POLICIES, IMPLEMENTATION PLANS, PROCESSES AND BEST PRACTICES, PROVIDE EXPERTISE AND ASSISTANCE IN ALL IT PROJECTS WITH REGARDS TO SECURITY ISSUES, AND PROVIDE GUIDANCE AND TRAINING TO STAFF. IDENTIFY NECESSARY IMPROVEMENTS TO EXISTING TECHNICAL IMPLEMENTATIONS OF SECURITY CONTROLS AND PRACTICES TO ENSURE COMPLIANCE WITH SECURITY POLICY AND TO LIMIT THE PROBABILITY AND RISK OF SECURITY INCIDENTS.

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): PROJECT MANAGEMENT, EXCELLENT ORAL AND WRITTEN COMMUNICATION SKILLS, INFORMATION SECURITY CONCEPTS AND PRINCIPLES. KNOWLEDGE & UNDERSTANDING OF SECURITY, PRIVACY AND PRINCIPLES (NIST, HIPAA)

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): LINUX, WINDOWS, OS X, FIREWALLS.

BACHELOR'S DEGREE PREFERRED.

CISSP IS A PLUS
 
SkillsSkills  
Skills:
Category
Name
Required
Importance
Level
Last Used
Experience
Network Security HIPAA Security Yes 1      
Network Security information security principles and practices Yes 1 Lead Currently Using 6 + Years
Network Security IT Security Yes 1 Lead Currently Using 6 + Years
Network Security risk/vulnerability assessments No 1 Lead Currently Using 6 + Years
Network Security Security Information Architecture No 2 Expert Currently Using 6 + Years
Specialties NIST Security Yes 1      
Specialties Project Management Yes 1      
Additional Skills: EXCELLENT ORAL AND WRITTEN COMMUNICATION SKILLS
LINUX, WINDOWS, OS X, FIREWALLS