CyberSecurity Analyst (CISM/ CISSP/CRISC) with  COBIT, NICE, ITIL , IT security governance/compliance, risk management,  security controls, system audits, incident response and mitigation, risk assessments, vulnerability scanning and NIST 800-37 experience

Job ID: VA-652533 (98690603)

CyberSecurity Analyst (CISM/ CISSP/CRISC) with  COBIT, NICE, ITIL , IT security governance/compliance, risk management,  security controls, system audits, incident response and mitigation, risk assessments, vulnerability scanning and NIST 800-37 experience

Location: Richmond, VA (VDH) local candidates Only
Duration: 12 months
Interview: Web Cam Interview Only

Skill Required :
• BS or BA degree in a Computer Science or a related technical discipline, five (5) or more years of relative experience or training. Required 5 Years
• Considerable experience and knowledge in IT security governance/compliance, risk management. Required 5 Years
• Familiarity with the Commonwealth’s Security policies, National Institute of Standards and Technology (NIST 800-53), ISO 27001,   Required 5 Years
• Knowledge of security controls, system audits, incident response and mitigation, risk assessments, vulnerability scanning, or pen tests. Required 5 Years
Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor, CRISC Required 5 Years
Considerable experience with the NIST Risk Management Framework NIST 800-37 Desired 5 Years

*local candidates strongly preferred

The Cyber Security Analyst will work with agency ISOs to ensure that VDH systems are appropriately configured and meet commonwealth security requirements.

Responsibilities:
• Develop and maintain security documents such as business impact analysis, data classification, security architecture and security plan, disaster recovery, risk assessment, and corrective actions.
• Ensure applications and infrastructure meet the CIS Benchmark Hardening Guidelines.
• Ensure cloud-hosted system meet the security requirements to include SOC 2 reports, assessments provided by third parties.
• Develop executive dashboards and security metrics.
• Other duties as assigned by Information Security Officer.
VA_ERTR-652533
VA-Resume_Template-652533