Title: IT Security Analyst
Location: Richmond, VA
HYBRID
Duration: 12 months
Interview: Webcam
Job Description:
Participate as a security analyst assigned to IT projects tasked with gathering and reviewing artifacts as part of the controls assessment process related to Commonwealth SEC530 and IRS PUB1075 security standards.
Will participate as a member of the project team reviewing user stories to identify the necessary security controls to be included for success criteria. Will assist the project team in identifying the necessary deliverables and artifacts which demonstrate control implementation for the user stories.
Coordinate artifact approval with agency Information Security and Risk Management (ISRM) team. Support the identification and documentation of Plan of Actions and Milestones for controls not met with Technology Service Cyber Security division and project team.
Required Skills::
- Work experience with information security programs in regulated industries such as government, healthcare, and/or financial services Required 6 Years
- Work experience with analyzing and supporting the implementation of information security and privacy controls based on NIST 800-53 Required 6 Years
- Experience working with agile-based methodologies Required 6 Years
- Experience in consulting and supporting technical staff in implementing security controls based on NIST 800-53 Required 6 Years
- Experience in supporting system integration for payment processing requiring an understanding of NACHA, EFT, PCI, and similar security requirements Required 6 Years
SKILL MATRIX
Skill
Required
Years Used
Last Used
Work experience with information security programs in regulated industries such as government, healthcare, and/or financial services
Required
Work experience with analyzing and supporting the implementation of information security and privacy controls based on NIST 800-53
Required
Experience working with agile-based methodologies
Required
Experience in consulting and supporting technical staff in implementing security controls based on NIST 800-53
Required
Experience in supporting system integration for payment processing requiring an understanding of NACHA, EFT, PCI, and similar security requirements