Home       |     Overview      |     Candidate Login      |     Post Resume       |     Contact us
 
  
     
     
Search Jobs
     
Keywords,Title,Skills,Company  Location,City,State,Zip  
  Advanced Search
     
Implementation NIST Business Impact Analysis System Security Analyst
(Jobs in R
 
Requirement id 112621
Job title Analyst
Job location in Richmond, VA
Skills required Enviroment Support, Risk Assessment, IT Security, Implementation NIST Business Impact Anal
Open Date 30-Dec-2020
Close Date
Job type Contract
Duration 8 Months
Compensation DOE
Status requirement ---
Job interview type ---
   Email Recruiter: coolsoft
Job Description Analyst: Enviroment Support, Risk Assessment, IT Security, Implementation NIST Business Impact Anal

Start Date : 01/18/2021

End Date : 09/30/2021

Submission Deadline : 1/5/2021

* Client Info : TAX

* Note : Web Cam Interview Only

MUST be able to pick up equipment IN PERSON and log in on site (initially) to engage COV ID. No laptop will be shipped, no exceptions.

Will work remotely until offices safely reopen. Reminder: parking is NOT included for contractors.

Virginia is looking for an experienced IT Risk Assessment Analyst to conduct IT security Risk Assessment for IT systems. Assess risk of the VATAX IT system based on confidentiality, integrity, and availability. The IT System includes but not limited to applications, servers, and databases. The Risk Assessment shall be performed in compliance with Commonwealth of Virginia SEC501-11 and 520-02 standards.

The analyst must be a self starter and have experience completing IT security risk assessments.

Assess risk of the IT system based on confidentiality, integrity, and availability. The IT System includes but is not limited to applications, servers and databases. The Risk Assessment shall be performed in compliance with SEC501-11 and 520-02 standards. TAX will provide training on using the IT Security Risk Assessment materials to conduct the IT Security Risk Assessments

Responsibilities

- Conduct the risk assessment according to the project timeline

- Schedule Risk assessment meeting with system owners and administrators.

- Interview Subject Matter Experts based on a set of predefined questions and document information collected.

- Analyze system documentations and the results, follow up by email or meeting as necessary.

- Assess the risk and document risk findings in the Risk Assessment Template.

- Schedule meeting and review risk finding with system owner and administrator.

- Draft system risk assessment report and Risk Treatment Plan.

- Review results with the ISRM team and finalize the report.

- Disseminate report to system owner and administrator.

- Update risk register with risk findings.

The risk assessor must complete each IT system with a risk assessment questionnaire, Risk Assessment Template, Risk Assessment Report, and Risk Treatment Plan.

Required Experience:

3 to 5 years experience of Risk Assessment

5 to 10 years of IT experience. CISA, CRISC, CISSP or similar certification preferred

**Professional references from the reporting mgr will be required if candidate has prior state agency experience.

Perform comprehensive IT security risk assessment, including the evaluation of security controls implemented within a complex information system.

Review and analyze IT system documentation, including Business Impact Assessments, previous Risk Assessments, System Security Plans, Network Vulnerability Assessment results, Continuity Plans, and Disaster Recovery Plans.

An in-depth understanding of National Institute of Standards and Technology (NIST) Special Publication 800-53 is required. Preferred is familiarity with Commonwealth of Virginia (COV) Information Security Standards requirements including:

- Information Security Standard (SEC501-11)

- Hosted Environment Information Security Standard (SEC525-04.1)

- IT Security Audit Standard (SEC502-3)

- IT Risk Management Standard (SEC520-02)

- IRS Publication 1075

Previous experience conducting risk assessments for information technology security with Commonwealth Information Technology Security Standards at COV agencies preferred.

Preference given to those with COV IT Risk Assessment experience or similar.

To be best fit for this role:

- Ability to learn quickly and be a self-starter with a strong team
 
Call 502-379-4456 Ext 100 for more details. Please provide Requirement id: 112621 while calling.
 
Other jobs in VA: Alexandria (1), Ashburn (3), Cardinal (1), Charllottesville (1), Charlottesville (6), Chesapeake (2), Chester (2), Dulles (3), Fredericksburg (1), Fremont (1), Glen Allen (2), Reston (4), Richmond (45), Roanoke (14), Virginia Beach (14),
 
 Enviroment Support job openings in other states
Jobs List

RFP 24-085 Materials Management Plan Consultant - NSPO
Create date: 19-Sep-2024
Bid URL :https://www.bidnetdirect.com/private/solicitations/4274751306/abstract

Note : Online Submission

Submission deadline : 10/17/2024 12:00 PM MDT

Start date : 11/4/2024

End Date : 11/4/2025

Client : County of Ottawa

Description :

The County of Ottawa, on behalf of the.... (This job is for - Healthcare Management Jobs in MI WestOlive Consultant - (in West Olive, MI))

NCAOC - Senior Technical Writer - Senior (713603)
Create date: 21-Jun-2023
Remote

Start date :08/01/2023
End Date :12/31/2023

Submission deadline :06/27/2023

Client Info :NCAOC

Note:
* Remote

Description :

Candidate must come onsite the first day to collect equipment then can work remotely.

The North Carolina Administrative Office of th.... (This job is for - job Jobs in NC Raleigh Consultant - (in Raleigh, NC))

NCAOC - Senior Technical Writer - Senior (713602)
Create date: 21-Jun-2023
Remote

Start date :08/01/2023
End Date :12/31/2023

Submission deadline :06/27/2023

Client Info :NCAOC

Description :

Candidate must come onsite the first day to collect equipment then can work remotely.

The North Carolina Administrative Office of the Courts seeks qualified Senior.... (This job is for - job Jobs in NC Raleigh Consultant - (in Raleigh, NC))

NJDOE Senior Consultant 1 (Salesforce Technical 1) (709554)
Create date: 21-Jun-2023
Hybrid

Start date : 05/07/2023
End Date :06/30/2023

Submission deadline :6/26/2023

Client Info :DOE

Description :

Note: This is a Hybrid position - 3 Days On-Site, 2 Days Remote
Position will be extended

Under the direction of a supervisor in the Office of Information Techn.... (This job is for - SOAP Jobs in NJ Trenton Consultant - (in Trenton, NJ))

Business Analyst/Consultant IV- 118583 - SP
Create date: 01-Jun-2023
Start date : 07/01/2023
End Date : 06/30/2024

Submission deadline :6/2/23 at 4:00PM CST.

Client Info : DOC

Note:
* Interview Process: Microsoft Teams
* Duration: 6/30/24 with possibility of extension.
* Onsite or Remote: Candidates must be a WI residents or willing to
relocate to WI a.... (This job is for - job Jobs in WI Madison Analyst - (in Madison, WI))
 
 Enviroment Support job openings in VA
Jobs List

ABC - Applications / Systems Analyst (709102)
Create date: 18-Apr-2023
Start date :04/24/2023
End Date :06/30/2023

Submission deadline :4/21/2023

Client Info : ABC

Note:
* Hybrid

Description :

Actual Duration Expected: Do not go by the 6/30 date in Vector (that is based on POs fiscal yr end). This engagement is expected to go 12 months.

Park.... (This job is for - Troubleshooting Jobs in VA Mechanicsville Analyst - (in Mechanicsville, VA))

ABC - Software Tester/QA Analyst 4 (706777)
Create date: 20-Mar-2023
Hybrid

Start date :04/03/2023
End Date :06/30/2023

Submission deadline :3/23/2023

Client Info :ABC

Description :

Pls note: This is the second of two roles from prev req# 703740. If your candidate interviewed for the SW Tester Role/QA Analyst at ABC prev on 703740 and was NOT chosen, please.... (This job is for - job Jobs in VA Mechanicsville Analyst - (in Mechanicsville, VA))
(Analyst: Enviroment Support, Risk Assessment, IT Security, Implementation NIST Business Impact Anal in Richmond, VA)
     
Search Jobs
     
Keywords,Title,Skills,Company  Location,City,State,Zip  
  Advanced Search
     

    About Us     Services    Privacy policy    Legal     Contact us