TriOptus LLC
GA DOR - IT Security Manager 1
TriOptus LLC, Tate, Georgia, United States, 30177
Manages the development and delivery of IT security standards, best practices, architecture and systems to ensure information system security across the enterprise.
*Candidate MUST be local to Metro Atlanta*
*Tax Clearance Letter, due at the time of submission* (pls review compliance tab for instruction on how the CANDIDATE must obtain this letter)
We are looking for a skilled cybersecurity professional with relevant technical experience. As the Information Technology Security Manager, reporting to the CISO, the selected candidate will perform technically and lead the hands-on technical team in managing IT security tools, automation, compliance standards, development, and delivery of best practices for security architecture and system design to ensure information and cybersecurity of all systems across the enterprise. Implement processes and methods for auditing and addressing non-compliance to information security standards, facilitates migration of non-compliant environments to compliant environments. Conduct studies within and outside the organization to ensure compliance with standards and currency with industry standards norm. Manages andparticipates in the planning and implementation of security administration for all ITprojects. Be responsible for the evaluation and selection of security applications andsystems. Make recommendations and assist in the implementation of change to workmethods and procedures to make them more effective or to strengthen securitymeasures. Manage and direct subordinate supervisors and information security analysts and large scope of responsibility within in the agency.
You will have the opportunity to learn and grow; both personally and professionallythrough our training and development programs. While your path in the Office ofInformation Security will be unique in protecting the Agency's assets, your journey willhelp the Department achieve our goal of becoming the most efficient and accessibletax administrator in the country.
Primary Duties & Job Responsibilities:
? Complete task designed to ensure security of the Agency's systems and information assets through confidentiality, integrity & availability.? Implement confidentiality measures that protects against unauthorized access, modification,or destruction and helps to develop IT security policies and standards to support the securityobjectives? Develop and enforce the organization's security policies and procedures, security awarenessprogram, the information security portion of the business continuity and disaster recoveryplans, and all industry and government compliance issues? Work with end users to determine needs of individual divisions and offices within thedepartment? Conduct Risk Management analysis to identify areas of risk and develop security measuresto prevent loss and assist in the Mitigations of those risks? Participate in training, self-study, and statewide initiatives on security standards and bestpractices to serve as a valuable go-to security subject matter expert for the Agency? Actively monitor the Agency's infrastructure and systems for security threats. Activelymanage various security programs/platforms, monitors the use of data files, and regulatesaccess to safeguard agency information in those computer files? Work with business owners, IT managers, Agency Staff, and vendors to provide timely andefficient IT coordination of security services to meet Agency business needs? Create reports on status of Agency information security programs and projects andcommunicate reports to the CISO, senior management and the leadership teams? Develop, deliver, and maintain security standards, system security plans, best security andoperations practices, architecture, and systems. Implement IT system security plans, projects,and other initiatives? Share directly with the InfoSec Team on matters concerning the Agency's security status &posture.? Assists in Information Security Investigations, Threat Assessments and Mitigations? Assists with numerous Information Security tools and programs.
Entry Qualifications:
? Bachelor's degree in computer science or information technology5 years or more of relevant professional experience in Information and Cybersecurity3 years in a specific field of IT Security,1 year of which must include management experience.? Hands on working experience with at least two or more of these security technologies (e.g.,Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls)? Possess one or more current industry certifications relevant to the job e.g., Security+, CASP,CISSP, CISM, C-RISC, CISA, SANS certifications, or equivalent experience? Experience with security tools and technology such as, i.e., FireEye (Trellix), Tenable.io,Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm? Knowledge & experience with cloud technologies: Amazon Web Services (AWS), to includeWatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure.CloudTrail, CloudWatch, Audit Manager? Technical knowledge in endpoint security, VPC, VPN, Firewall, network monitoring, intrusiondetection, web server security, and wireless security? Practical experience in systems administration, vulnerability management, endpointmanagement, and email security operations and management? Excellent analytical and critical thinking skills to identify possible threats.
Preferred Qualifications
? Familiarity with IRS Publication 1075, NIST SP 800-53 Privacy Controls, NIST SP 800-63 Digital Identity Guidelines, NIST SP 800-88 Guidelines for Media Sanitization, NIST SP 800-18 System Security Plans (SSP), NIST SP 800-52, FIPS-140, NIST SP 800-61, NIST SP 800-83, other NIST SP Guidelines, etc., knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice Information Services Policy? Progressive experience in information technology, incident response & incident reporting,technical support, cybersecurity, cryptography, and knowledge of data encryptiontechniques? Ability to work independently and prioritize multiple projects in a highly dynamic environment? Excellent communication and teamwork skills and demonstrated across broad group oftechnical and non-technical stakeholders? Assist with Office of Information Security Risk Assessments, System Security Plans, and other reports required by the IRS Office of Safeguards, state audits, and other third-party assessors.? Skills and knowledge in the areas of computer programming, software development, andcomputer network security? Knowledge and experience in Policies and procedures development, revision andmanagement.• DOR will conduct a background check on all candidates considered for the position. Individuals must be compliant with Georgia tax obligations.• Individuals having any overdue and unpaid taxes, or any felony convictions (no matter how long ago) will not be offered the position or hired.• All employees will be fingerprinted.
Required/Desired Skills
SkillRequired /DesiredAmountof ExperienceBachelor's degree in computer science or information technologyRequired0Professional experience in Information and CybersecurityRequired5YearsExperience in a specific field of IT SecurityRequired3YearsManagement experience.Required1YearsExperience with these security technologies (e.g., Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls) Required3YearsSecurity+, CASP, CISSP, CISM, C-RISC, CISA, SANS certifications (MUST UPLOAD CERTIFICATIONS)Required0FireEye (Trellix), Tenable.io, Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm Required0Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure. CloudTrail, CloudWatch, Audit ManRequired2YearsTechnical knowledge in endpoint security, VPC, VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless securityRequired2YearsExperience in systems administration, vulnerability management, endpoint management, and email security operations and managementRequired0Excellent analytical and critical thinking skills to identify possible threats Required0Knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice Information Services Policy Highly desired0Experience in incident response & incident reporting, technical support, cybersecurity, cryptography, and knowledge of data encryption techniques Highly desired0Skills and knowledge in the areas of computer programming, software development, and computer network securityHighly desired0Knowledge and experience in Policies and procedures development, revision and managementHighly desired0Questions
No.QuestionQuestion1Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement?Question2!!!! list candidate's email address.Question3Candidate must be paid AT LEAST 0000 if selected for engagement. Candidate can be paid more; however, the SRP rate cannot exceed 0000. Do you accept this requirement?Question4The maximum mark-up for this engagement's SRP rate is 35%. To be competitive on pricing, a mark-up below the 35% threshold is suggested. Do you agree to propose a mark-up at or below 35%?Question5This assignment is contingent upon customer renewal and availability of adequate funding. Do you accept this requirement?Question6The selected candidate will be expected to start their engagement no later than 2 weeks (10 business days) from the client's selection date. Do you accept this requirement?Question7What city does the candidate reside in?
*Candidate MUST be local to Metro Atlanta*
*Tax Clearance Letter, due at the time of submission* (pls review compliance tab for instruction on how the CANDIDATE must obtain this letter)
We are looking for a skilled cybersecurity professional with relevant technical experience. As the Information Technology Security Manager, reporting to the CISO, the selected candidate will perform technically and lead the hands-on technical team in managing IT security tools, automation, compliance standards, development, and delivery of best practices for security architecture and system design to ensure information and cybersecurity of all systems across the enterprise. Implement processes and methods for auditing and addressing non-compliance to information security standards, facilitates migration of non-compliant environments to compliant environments. Conduct studies within and outside the organization to ensure compliance with standards and currency with industry standards norm. Manages andparticipates in the planning and implementation of security administration for all ITprojects. Be responsible for the evaluation and selection of security applications andsystems. Make recommendations and assist in the implementation of change to workmethods and procedures to make them more effective or to strengthen securitymeasures. Manage and direct subordinate supervisors and information security analysts and large scope of responsibility within in the agency.
You will have the opportunity to learn and grow; both personally and professionallythrough our training and development programs. While your path in the Office ofInformation Security will be unique in protecting the Agency's assets, your journey willhelp the Department achieve our goal of becoming the most efficient and accessibletax administrator in the country.
Primary Duties & Job Responsibilities:
? Complete task designed to ensure security of the Agency's systems and information assets through confidentiality, integrity & availability.? Implement confidentiality measures that protects against unauthorized access, modification,or destruction and helps to develop IT security policies and standards to support the securityobjectives? Develop and enforce the organization's security policies and procedures, security awarenessprogram, the information security portion of the business continuity and disaster recoveryplans, and all industry and government compliance issues? Work with end users to determine needs of individual divisions and offices within thedepartment? Conduct Risk Management analysis to identify areas of risk and develop security measuresto prevent loss and assist in the Mitigations of those risks? Participate in training, self-study, and statewide initiatives on security standards and bestpractices to serve as a valuable go-to security subject matter expert for the Agency? Actively monitor the Agency's infrastructure and systems for security threats. Activelymanage various security programs/platforms, monitors the use of data files, and regulatesaccess to safeguard agency information in those computer files? Work with business owners, IT managers, Agency Staff, and vendors to provide timely andefficient IT coordination of security services to meet Agency business needs? Create reports on status of Agency information security programs and projects andcommunicate reports to the CISO, senior management and the leadership teams? Develop, deliver, and maintain security standards, system security plans, best security andoperations practices, architecture, and systems. Implement IT system security plans, projects,and other initiatives? Share directly with the InfoSec Team on matters concerning the Agency's security status &posture.? Assists in Information Security Investigations, Threat Assessments and Mitigations? Assists with numerous Information Security tools and programs.
Entry Qualifications:
? Bachelor's degree in computer science or information technology5 years or more of relevant professional experience in Information and Cybersecurity3 years in a specific field of IT Security,1 year of which must include management experience.? Hands on working experience with at least two or more of these security technologies (e.g.,Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls)? Possess one or more current industry certifications relevant to the job e.g., Security+, CASP,CISSP, CISM, C-RISC, CISA, SANS certifications, or equivalent experience? Experience with security tools and technology such as, i.e., FireEye (Trellix), Tenable.io,Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm? Knowledge & experience with cloud technologies: Amazon Web Services (AWS), to includeWatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure.CloudTrail, CloudWatch, Audit Manager? Technical knowledge in endpoint security, VPC, VPN, Firewall, network monitoring, intrusiondetection, web server security, and wireless security? Practical experience in systems administration, vulnerability management, endpointmanagement, and email security operations and management? Excellent analytical and critical thinking skills to identify possible threats.
Preferred Qualifications
? Familiarity with IRS Publication 1075, NIST SP 800-53 Privacy Controls, NIST SP 800-63 Digital Identity Guidelines, NIST SP 800-88 Guidelines for Media Sanitization, NIST SP 800-18 System Security Plans (SSP), NIST SP 800-52, FIPS-140, NIST SP 800-61, NIST SP 800-83, other NIST SP Guidelines, etc., knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice Information Services Policy? Progressive experience in information technology, incident response & incident reporting,technical support, cybersecurity, cryptography, and knowledge of data encryptiontechniques? Ability to work independently and prioritize multiple projects in a highly dynamic environment? Excellent communication and teamwork skills and demonstrated across broad group oftechnical and non-technical stakeholders? Assist with Office of Information Security Risk Assessments, System Security Plans, and other reports required by the IRS Office of Safeguards, state audits, and other third-party assessors.? Skills and knowledge in the areas of computer programming, software development, andcomputer network security? Knowledge and experience in Policies and procedures development, revision andmanagement.• DOR will conduct a background check on all candidates considered for the position. Individuals must be compliant with Georgia tax obligations.• Individuals having any overdue and unpaid taxes, or any felony convictions (no matter how long ago) will not be offered the position or hired.• All employees will be fingerprinted.
Required/Desired Skills
SkillRequired /DesiredAmountof ExperienceBachelor's degree in computer science or information technologyRequired0Professional experience in Information and CybersecurityRequired5YearsExperience in a specific field of IT SecurityRequired3YearsManagement experience.Required1YearsExperience with these security technologies (e.g., Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls) Required3YearsSecurity+, CASP, CISSP, CISM, C-RISC, CISA, SANS certifications (MUST UPLOAD CERTIFICATIONS)Required0FireEye (Trellix), Tenable.io, Nessus, Splunk, SolarWinds, Varonis, GRC tools, CrowdStrike Falcon, and LogRhythm Required0Amazon Web Services (AWS), to include WatchGuard, Guard Duty, Identity & Access Management (IAM), Microsoft Azure. CloudTrail, CloudWatch, Audit ManRequired2YearsTechnical knowledge in endpoint security, VPC, VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless securityRequired2YearsExperience in systems administration, vulnerability management, endpoint management, and email security operations and managementRequired0Excellent analytical and critical thinking skills to identify possible threats Required0Knowledge of NIST Frameworks, FISMA, CIS Controls, and the Criminal Justice Information Services Policy Highly desired0Experience in incident response & incident reporting, technical support, cybersecurity, cryptography, and knowledge of data encryption techniques Highly desired0Skills and knowledge in the areas of computer programming, software development, and computer network securityHighly desired0Knowledge and experience in Policies and procedures development, revision and managementHighly desired0Questions
No.QuestionQuestion1Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement?Question2!!!! list candidate's email address.Question3Candidate must be paid AT LEAST 0000 if selected for engagement. Candidate can be paid more; however, the SRP rate cannot exceed 0000. Do you accept this requirement?Question4The maximum mark-up for this engagement's SRP rate is 35%. To be competitive on pricing, a mark-up below the 35% threshold is suggested. Do you agree to propose a mark-up at or below 35%?Question5This assignment is contingent upon customer renewal and availability of adequate funding. Do you accept this requirement?Question6The selected candidate will be expected to start their engagement no later than 2 weeks (10 business days) from the client's selection date. Do you accept this requirement?Question7What city does the candidate reside in?