Information Systems Security Compliance Manager 4
Company: Novalink Solutions
Location: Carson City
Posted on: May 8, 2024
Job Description:
Job Description
Position Description
Information Technology (IT) Professionals analyze, develop,
implement, maintain, and modify computer operations, systems,
networks, databases, applications, and/or information security.
Incumbents may perform duties in one or more IT specialization
areas depending on the needs of the agency. Incumbents perform
supervisory duties and manage projects of varying size, scope, and
impact to agency operations to include serving as the project
leader; planning, organizing, and directing project activities;
resolving design conflicts; data administration; resource
allocation; contract negotiation; timeline development; critical
path tracking; justifying the need for additional resources; and
coordination with other work units within and outside the
organization as assigned.
Primary responsibilities will be performing the duties of an
Information Security Officer. Security functions include but are
not limited to:
- Conduct comprehensive assessments of the management in
accordance with NIST Risk Management Framework (RFM), operational,
and technical security controls employed within or inherited by a
system to determine the overall effectiveness of the security
controls using NIST 800-53 and Center for Internet Security (CIS)
Controls for DMV ON-PREM and Cloud environments including AWS,
Salesforce, and Mulesoft CSPs.
- Generate and maintain required IS security documentation
including Systems Security Plans (SSP), Information Assurance
Standard Operating Procedures (IA SOP), Continuous Monitoring
Plans, Security Control Traceability Matrices, Risk Assessments,
Plan of Action & Milestones (POA&M), equipment specifications,
practices, and procedures.
- The position will perform security audits and support external
agency audits to ensure compliance with state and federal rules in
the following areas: investigations, security awareness training
administration, security access control recommendations, badge
access administration, risk assessments, approval authorization,
anomalous activity detection alert notifications and incident
response, and evaluation of software and hardware recommendations
with related cost estimates.
- Maintain day-to-day security posture and continuous monitoring
of DMV networks and systems utilizing tools such as Tenable,
Symantec, Alteris, Anomali, and Solarwinds in accordance with
security policies and procedures.
- Schedule, perform and maintain records of required IS auditing,
patching, maintenance, software/hardware changes, and scanning
based on evolving threat/vulnerabilities and customer compliance
requirements.
- Assess changes to an IS by performing periodic self-inspections
for compliance with PCI-DSS, CJIS, and state and federal data
privacy requirements, tests, and reviews of the IS program to
ensure that systems are operating as authorized/accredited and that
conditions have not changed; ensure corrective actions are taken
for identified findings and vulnerabilities.
Minimum Qualifications
- Bachelor's degree from an accredited college or university with
major course work in computer science, management information
systems, or closely related field and five years of progressively
responsible professional IT experience relevant to the duties of
the position which may include systems administration, network
administration, database administration, applications analysis and
development, and/or information security, two years of which were
at the advanced journey level or in a supervisory or project
management capacity; OR Bachelor's degree from an accredited
college or university with major course work in computer science,
management information systems, or closely related field and five
years of progressively responsible professional IT experience which
may include systems administration, network administration,
database administration, applications analysis and development,
and/or information security, relevant to the duties of the
position, two years of which were at the journey level in
information security; OR two years of relevant experience as an IT
Professional III in Nevada State service; OR an equivalent
combination of education and experience as described above.
Requirements
Special Requirements
- Current CISSP and PCI-DSS ISA certifications
- A pre-employment criminal history check and fingerprinting are
required. Persons offered employment in this position will be
required to pay for these items.
- Current AWS Certified Security, Salesforce Cloud Security
Engineer (desired)
- Work is with Confidential information and requires ONSITE
duties and functions.
Keywords: Novalink Solutions, Sparks , Information Systems Security Compliance Manager 4, IT / Software / Systems , Carson City, Nevada
Didn't find what you're looking for? Search again!
Loading more jobs...