Need Security Analyst at Denver, CO

Hi Everyone,

Hope you are doing great, 

We have an immediate opportunity for Security Analyst at Denver, CO. Below is the job description and if you'd like to pursue this, please include a word copy of your latest resume along with a daytime phone number and rate in your response.

Job Role: Security Analyst 

Contract:  9 + Months

Location:  Denver, CO

Interview: Phone/Skype

Send resumes to sam@nytpartners.com

Summary:

  

• Address security risk assessment findings and recommendations for two key systems, Colorado Benefits Management System (JAVA, Linux, Oracle) and PEAK (force.com platform)
  
• Review application code and operating system vulnerability scans and oversee remediation
  
• Wok with vendor development staff to develop application code scanning process and to develop remediation plans.
  
• Assist the state with updating processes and procedures in support of security plans for Federal Agencies (Social Security Administration, CMS and IRS).
  
• Provide recommendations for software and hardware configurations to support security standards and setting up a HW/SW asset license management system.
  
• Assist the state with planning the migration of one major system to new hardware and implementing the required controls.
  
• Participate in the definition and implementation of projects to upgrade the systems and infrastructure to comply with revised standards for security and privacy, including MARS E v 2.0 for CMS and publication 1075 for IRS and management of FTI data.
  
• Recommend changes to the process for planning and validating the application of patches.
  

Minimum Requirements:

• Minimum of 3 years of experience in a system development environment, JAVA
  
• Minimum of 1 year of experience with application code vulnerability scanning
  
• Minimum of 3 years of experience developing and implementing technical projects
  
• Minimum of 1 year experience with secure coding with hands on use of an application code vulnerability scanning tool
  
• Clear Communicator (written and verbal)
  
• Experienced with using common business applications; such as, Google Docs, Microsoft Office (Word, Excel), Microsoft Project
  
• Strong analytical and research skills using the Internet and other tools
  
• Strong verbal communication skills and ability to facilitate a planning session or meeting
  
• Understanding of data governance, including the security requirements for PII, FTI, and PHI.
  
• Must be able to work independently and be proactive in reaching for information
  
• Must be comfortable in an environment with change and many concurrent projects
  

Desired Experience:

• Understanding of a government environment and data governance
  
• Experience in the application of commonly accepted concepts and practices specific to the secure design and development of technical documents
  
• Salesforce development
  
• Use of Veracode or other vulnerability scanning tool
  

Protected Health Information ("PHI")

• 
  
• PII is defined as a person's first name or first initial and last name in combination with one or more of the following data elements:
  
• Social security number
  
• State-issued driver's license number
  
• State-issued identification card number
  
• Financial account number in combination with a security code, access code or password that would permit access to the account Medical and/or health insurance information
  

Federal Tax Information ("FTI")

• FTI is defined as any return, return information or taxpayer return information that is entrusted to the University by the Internal Revenue Services
  

Submission Deadline

03/10/2017

Description

• Information security (IS) engineers will collect, review, evaluate and interpret data; diagnose normal and abnormal patterns; develop and implement security rules and policies; diagnose and troubleshoot problems; solve problems; and design and implement solutions based on security principals, best practice and existing technologies. Engineers may also configure, maintain and install equipment; develop or modify source code; write scripts; harden or secure applications or databases; or respond to and resolve information security incidents depending on their area of specialty. All engineering specialties may also plan, implement, evaluate, review and status projects involving information security solutions in their specialty area. They document their work or the work of others on their projects.
  
• Engineers must be able to clearly communicate and escalate problems, issues and solutions to technical and non-technical audiences alike using verbal, written and graphical communication. They must be able to work on interdisciplinary teams to develop solutions that are integrated across organizational and functional lines.
  
• Note that the need for the resource is urgent and that the state is prepared to select the first qualified candidate.
  

Summary:

• The requested resource will develop and update project plans for the many technical and security related projects that support the operation and maintenance of the infrastructure for the Colorado Benefits Management System and associated systems (CBMS).  
  
• There is a potential future opportunity to move into a permanent state position as a security engineer/analyst.
  
• Insightly Gmail Gadget
  

Thanks and Regards, 

 

Sam  

New York Technology Partners – Rochester

T1: (201) 680-0200 x 7026

sam@nytpartners.com

www.nytp.com

--
You received this message because you are subscribed to the Google Groups "Jobs for USA consultants (Citizen G.C and H1B)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jobs-for-usa-consultants-citizen-gc-and-h1b+unsubscribe@googlegroups.com.
To post to this group, send email to jobs-for-usa-consultants-citizen-gc-and-h1b@googlegroups.com.
Visit this group at https://groups.google.com/group/jobs-for-usa-consultants-citizen-gc-and-h1b.
For more options, visit https://groups.google.com/d/optout.