This site uses cookies. To find out more, see our Cookies Policy

USPS-Technology Consultant: Fellow, No Clearance|Tier II in San Diego, CA at GDH

Date Posted: 11/28/2018

Job Snapshot

Job Description

No Security Clearance Required

ISSOs Security Analyst

Works with other Security and Compliance personnel and matrixd teams to ensure risk management services are provided, infrastructure and applications comply with customer security policies and standards.

Conduct Cloud vendor security evaluations, third party vendor risk evaluations, and risk assessments as required.

Process and approve Firewall Rule Change Requests, following established procedures.

Process and approve Offsite Data Transfer Requests, following established procedures.

Ensure that all systems are assessed using the NIST Risk Management Framework.

Analyze and approve Security Compliance Surveys

Conduct Security Solution Assessments

Initiate, manage, validate and review risk assessments

Ensure that risk mitigation activities are taking place and appropriate documentation is provided from the project team(s), or customer.

Participate in a security governance program steering committee to provide centralized governance of security services, policies, processes and procedures.

Work with matrixd teams to support the design, development, implementation, maintenance and publishing of up-to-date information security policies, procedures, training, standards and guidelines to the Service Portal.

Work with CISO on annual update and deliver the Security Management Services Management plan and post it on the Service Portal.

Review new or modified infrastructure and application services to verify compliance, identify exceptions and work with requestor/architect to identify mitigations if necessary.

Manage exceptions and potential mitigations for deviation in customer standards.

Work with team leaders to maintain compliance with customer Standards and any applicable customer program, application or other Service.

Support annual policy update efforts

Experienced professional with a wealth of professional engagements preferably with state and local government as well as Federal regulations.

Knowledgeable in governance, NIST 800 series, ISO 27001 compliance, risk assessment, HIPPA, PCI-DSS, and other standards.

Conversant with best industry practices, vertical experience, and end-to-end security portfolio and capabilities

Excellent communication skills Candidates must have all required skills/experience to be considered.

Qualifications
EDUCATION: Bachelors degree or six years of experience with increasing responsibility in an Information Security or Compliance role, or CISSP/CISA certification and four years of relevant Information Security and/or Compliance experience.

PREFERRED CERTIFICATIONS: CISSP and/or CISA required to start or you must complete certification in each within one year of assignment as a contractor or full time employee.