Request ID:BL-10025-1 (910891021)
Work Location: Columbia,SC
Qty: 1
Duration: 12+ Months
Hrs/Wk: 40.00
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. WINDOWS SERVER
2. SECURITY TOOLS – ABILITY TO INSTALL AND USER VARIOUS SECURITY TOOLS
3. CONFIGURATION MANAGEMENT
4. MICROSOFT ACTIVE DIRECTORY
5. UNDERSTANDING OF COMPUTER AND NETWORK OPERATING SYSTEM FUNDAMENTALS (E.G. OPERATING SYSTEMS, APPLICATIONS, STORAGE, NETWORKING)
6. EXPERIENCE IN PROJECT INVOLVING PCI/NSIT SECURITY IMPLEMENTATIONS AND/OR AUDITS
7. RISK/VULNERABILITY ASSESSMENTS
8. POWERSHELL
9. ITIL
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Experience with security and data classification related to CDC, HIPAA, and PCI.
2. GPO
3. Knowledge of Information Technology Field, best practices, organization, and operations
4. Experience with SolarWinds
5. Ability to integrate technical systems with agency goals and objectives.
6. Ability to establish positive working relationships with technical staff, customers and others involved in data-centric management.
7. Excellent written, oral, and interpersonal communication skills
8. Experience working with PCI environments.
REQUIRED EDUCATION:
Bachelor’s or Master’s Degree in a relevant field of work or equivalent work experience.
Experience
Miscellaneous Configuration management Yes 3 Expert Currently Using 4 – 6 Years
Network Security Experience in projects involving PCI/NIST security implementations and/or audits. Yes 6 Expert Currently Using 4 – 6 Years
Network Security risk/vulnerability assessments Yes 7 Advanced Currently Using 2 – 4 Years
Network Security SECURITY TOOLS – Ability to install and use various security tools Yes 2 Advanced Currently Using 4 – 6 Years
Networking & Directories Understanding of computer and network operating system fundamentals (e.g. operating systems, applications, storage, networking) Yes 5 Expert Currently Using 4 – 6 Years
Operating Systems/APIs PowerShell Yes 8 Advanced Currently Using 2 – 4 Years
Operating Systems/APIs Windows Server Yes 1 Expert Currently Using 4 – 6 Years
Software Framwork ITIL Yes 9 Advanced Currently Using 2 – 4 Years
Specialties Microsoft Active Directory Yes 4 Expert Currently Using 4 – 6 Years
Additional Skills: PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Experience with security and data classification related to CDC, HIPAA, and PCI.
2. GP
3. Knowledge of Information Technology Field, best practices, organization, and operations
4. Experience with SolarWinds
5. Ability to integrate technical systems with agency goals and objectives.
6. Ability to establish positive working relationships with technical staff, customers and others involved in data-centric management.
7. Excellent written, oral, and interpersonal communication skills
8. Experience working with PCI environments
SCOPE OF THE PROJECT:
Client actively strives to remediate vulnerabilities within its array of Microsoft Windows Servers. An additional server engineer is needed to help support the Server Hosting Team and their efforts to lower the agency’s risk profile. This position will work closely with the Security Operations Center (SOC), Server Hosting, and the Change Management Board to review vulnerability reports, investigate solutions, test solutions and their impacts to other environments, follow the agency’s Change Management process, implement solutions, track, and document remediation.
This position will be a part of the team responsible for the implementation of this project. They will also be involved with supporting the day-to-day operations of the Agency’s Server Hosting environment.
Candidates should be self-motivated, team-oriented, work under limited supervision, and respond to priority tasks as needed.
DAILY DUTIES / RESPONSIBILITIES:
The system engineer will coordinate with assigned IT Section Manager and Team Lead on daily assignments, tasks and coordinate and collaborate with Client Enterprise Computing Services and Security staff and other IT professionals within the Office of Information Technology. Ensure assignments are completed accurately and on-time, assist with problem resolution, mitigate issues, provide solutions, communicate, and escalate as needed to management, and report progress to manager. The system engineer will be responsible for managing the discovery, analysis, tracking, and remediation of vulnerabilities across the agency’s technology systems.
Specific duties and responsibilities will include but are not limited to the following:
• Monitor Systems to ensure maximum uptime using SolarWinds and other tools
• Monitor and identify server issues and remediate.
• Support of systems running on Microsoft server, AIX, and Linux
• Create and maintain supporting GPO and PowerShell scripts
• Maintain and improve the vulnerability management process.
• Monitor and identify server issues and remediate.
• Assist with application and server firewall rules.
• Monitor agency ticketing system and complete assigned tickets.
• Assist staff in resolving system-related problems.
• Assist with System user account permissions and security.
• Coordinate and assist with system testing and production validation.
• Adhere to State and Agency Security and IT policies and standards.
• Develop solutions and automated methods to reduce manual and repetitive tasks.
• Work closely with key stakeholder groups, including the SOC, to ensure appropriate levels of engagement and focus are maintained.
• Assist with server side application and system installations, upgrades, and configuration
• Plan and implement technical changes without unexpected disruption to the service and with minimal oversight.
• Create, maintain, and review operational processes and support documentation.
• Adheres to Information Technology application development standards and security requirements.
• Prepare and maintain system documentation and architecture diagrams as assigned.
• Ability to plan, organize, review, implement associated project milestones to completion.
• Requires mastery technical and business knowledge in multiple disciplines/processes.
• Create supporting project and system documentation.
• Provide updates to the Project Team.
• Assist with development of policies and procedures to conform and comply with agency standard cyber security policy design related to information risk management, designation of data as to criticality, confidentiality, and protection. (NIST 800-53, FISMA, SC InfoSec Requirements http://admin.sc.gov/
The position will be utilized for 40 hours per week for the duration of this project. The selected candidate should be able to work flexible hours where it may be necessary for work to be completed outside traditional business hours.
The candidate will work closely with the Enterprise Computing Services Team Lead and Section Manager to identify, prioritize, and schedule workload and implementation to IT standards and procedures. The candidate will work closely with customer and subject matter experts for the system design, migration to the new framework, and testing.
This will also include compliance to Client security policy/procedures as well as integrating systems when possible to streamline staff workflows, user security, and data correction.
Module support of the project.
• Client will require that selected personnel sign the Client confidentially agreement and/or Business Associate (BA) agreement if applicable. All web services must be secure.
• Client will not accept any offers including an “up-lift” charge. The rate paid per consultant must not exceed the maximum rate established for this position described in the State contract terms.
• Contractors must be onsite during each week throughout the term of the contract.
• Follow agency IT Standards, policies, and procedures to include documentation.
• All source code (compiled and un-compiled) will become the sole property of the South Carolina Department of Health and Environmental Control. Any source code, data, product, or functionality resulting from this SOW or previously owned/developed by Client will remain the sole property of Client and is not to be incorporated into the core product of any vendor’s application. Any modifications and interfaces developed under said contract will be not be used by the contractor for any independent project of the contractor or published or publicized by the contractor without written permission of Client.
• Client has the final say on all programming choices.
Payment Schedule:
All timesheets shall be entered and approved in a timely manner per State contract terms. The State will not pay any extra costs (i.e. Travel, employee benefits, insurance, room and board, etc.) for temporary employees under this contract.
Client Support:
Client will provide:
• All required information including formulas, data, and mechanisms to check output.
• Staff to assist with any application or data questions.
• Conference rooms and scheduling for any application demos.
• Workstation and required software.
Remote Work Availability: 0%
Leave a Reply