Job ID: NC-582116 (98990115)
Security Analyst with vulnerability scanning, risk assessment, NIST, ISO-27001, HIPAA, IRS Pub 1075, NESSUS, NMAP, BCP, COOP, DR, access control review and IDS experience
Location: Raleigh NC (DHHS)
Duration: 12 months
Interview: In-person or webcam
Skill Required / Desired Amount of Experience
Risk Management – must be able to Identify gaps through risk management, and assist in the development of mitigation strategies. Required 7 Years
Experience updating privacy and security policies based on gaps found through an assessment process. Required 7 Years
Discover, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method. Required 7 Years
Experience documenting vulnerability assessment results in a accurate, clear, actionable, and available way to appropriate personnel Required 7 Years
Must be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needs Required 7 Years
Experience Performing risk assessments based on NIST 800-53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075. Required 7 Years
Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP. Required 7 Years
Create/update the the BCP, COOP and DR plan Required 7 Years
Perform Business Impact Analysis Required 7 Years
Conduct Access Control Reviews Required 7 Years
Monitor Employee HIPAA and Security Training Required 7 Years
Respond to privacy and security incidents Required 7 Years
Manage IDS signatures and Respond to Intrusion detection alerts Required 7 Years
Proven experience in information security Required 7 Years
Experience with North Carolina DHHS (or any Government agency) business and IT functions Required 5 Years
Review firewall change requests Required 7 Years
Experience with Tenable Security Center reports and dashboards Required 7 Years
Experience reviewing SOC2 Type 2 reports Required 7 Years
Enjoys accepting challenges and persists until goals are achieved Required 7 Years
NC DHHS – Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid county offices in the identification of gaps through risk management, and assist in the development of mitigation strategies, and to establish the target security/infrastructure architecture.
Duties include, are not limited to:
* Author corresponding requirements, including definition of dependencies on infrastructure consolidation efforts.
* Define Security/Information Assurance requirements (and dependencies).
* Specify key architectural aspects of the architecture view, and identify other aspects that need definition.
* Research Best Practices for reuse, applying State IT Security and industry standards, and defining the transformation approach that transitions the current architecture to the target architecture.
The ideal candidate will have experience working with current and emerging information security technologies and development methodologies. Bachelor’s degree in computer science, management information systems, or related field preferred. Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected.