Job ID: VA-657952 (97390811)
ISO/Security Analyst with IT governance/compliance/risk management, VA ITRM standards, SEC501/SEC525/NIST800-53, eGRCS/Archer experience
Location: Chester VA (VITA)
Duration: 12 months
*local candidates strongly preferred
*candidate will work remotely until restrictions are lifted. Then they will be required to work onsite 100% in Chester, VA.
Skill Required / Desired Amount of Experience Expertise Rating Move
Considerable experience and knowledge in IT security governance/compliance, risk management Required 8 Years
Specifically commonwealth ITRM security standards, policies (ITRM SEC501, SEC525, NIST800-53), procedures and controls. Desired 5 Years
Working experience using analytical tools, developing spreadsheets, documentation, and security reports Required 8 Years
Individual shall work directly with CISS Director and Team to support ongoing Risk Assessment, Business Impact Analysis, governance, and reporting metrics as they relate to the information security program. Must be able to work independently on multiple tasks performing complex analysis of risk/governance data. Individual will be generating final work products using information from agency personnel, eGRCS (Archer), security architects and must perform this within the CSRM environment. Development of risk assessments / system security plans and analysis of governance data will be a primary function.
Performing and documenting business impact analysis, risk assessments, risk treatment plans working with client team.
Development of security documentation such as System Security Plans from artifacts and assessments provided by third parties.