Part-time Security Architect (CISSP) with MFA, DLP, DC, PKI, Project Management and federal/state experience

Job ID: NY-SA (90090106)

Part-time Security Architect (CISSP) with MFA, DLP, DC, PKI, Project Management and federal/state experience

Contract term: 18 Months (16-24 hours/week)
Location: 110 State Street, Albany, NY

MINIMUM QUALIFICATIONS
A Bachelor’s of Science Degree, or equivalent four-year degree, in Computer Science or related IT field. A Master’s Degree or Doctorate in Computer Science or related IT field may be used to satisfy this requirement;
Valid Certified Information Systems Security Professional (“CISSP”) Certification;
Five years of experience as a Security Enterprise Architect working in a federal or state organization;
Five years of experience architecting and implementing MFA;
Five years of experience implementing information security DLP;
Five years of experience implementing DC;
Five years of experience architecting and implementing PKI;
Five years of experience performing information security program work.

PREFFERRED QUALIFICATIONS
Ten years of experience as a Security Architect in a federal or state organization;
Strong communication skills, working with both technical and non-technical people, including:
Strong presentation and verbal skills demonstrating the ability to communicate complex security architectures to a non-technical audience;
Strong written skills with proven ability to document security and network architectures, procedures, and reports for a non-technical audience; and
Strong instructional skills for mentoring and knowledge transfer.
Five years of project management methodology experience with information technology projects. Experience may include serving as the point of contact for project status, meetings, reporting requirements, scope changes/extensions, scope issues, and concerns raised by staff or project stakeholders;
Five years of experience architecting and implementing MFA in a federal or state organization ;
Five years of experience implementing information security DLP in a federal or state organization ;
Five years of experience implementing DC in a federal or state organization ;
Five years of experience architecting and implementing PKI in a federal or state organization;
Five years of experience performing information security program work in a federal or state organization.

STATEMENT OF WORK
Assist OSC with Multifactor Authentication ("MFA") by:
Determining MFA security requirements;
Documenting MFA security requirements;
Identifying systems or applications that will require MFA;
Providing guidance with MFA implementation;
Determining methods to verify MFA is working as required;
Documenting required MFA verification processes; and
Providing guidance implementing MFA verification methods.

Assist OSC with Data Loss Prevention ("DLP") by:
Determining DLP security requirements;
Documenting DLP security requirements;
Developing DLP training for users;
Providing guidance with DLP implementation;
Determining methods to verify DLP is working as required;
Documenting DLP verification processes; and
Providing guidance implementing DLP verification methods.

Assist OSC with a Data Classification (“DC”) initiative by:
Reviewing current DC processes and procedures;
Documenting DC improvement opportunities;
Developing DC training for users; and
Assisting the ISO and business units with classifying the agency data.

Assist OSC with a Cloud Access Security Broker (“CASB”) initiative by:
Determining CASB security requirements;
Documenting required CASB security requirements;
Providing guidance with CASB implementation;
Determining methods to verify CASB is working as required;
Documenting CASB verification processes; and
Providing guidance implementing CASB verification methods.

Assist OSC with security requirements for Cloud Security (“CS”) services by:
Reviewing current CS security requirements;
Determining CS security requirements; and
Documenting CS security requirements.

Assist OSC with Public Key Infrastructure (“PKI”) services by:
Reviewing the current state of the PKI infrastructure;
Determining PKI security requirements;
Documenting recommendations and guidance for OSC’s PKI infrastructure; and
Providing guidance implementing PKI recommendations.

Assist the OSC ISO with the Information Security Program by:
Conducting security-related research;
Assisting with security awareness training;
Determining security requirements for new systems or applications;
Reviewing compliance issues;
Assessing security risk;
Creating, reviewing, and updating security policies and standards;
Mapping the internal network;
Evaluating firewall rules;
Determining best security practices for Office 365; and
Performing other security program-related work.

Leave a Reply