Della Infotech
GA DHS - Cybersecurity Analyst Job at Della Infotech in Nelson
Della Infotech, Nelson, GA, US
The Georgia Department of Human Services, Office of Information Technology, is seeking a qualified candidate for the temporary contractor staffing position of Cybersecurity Analyst as part of the Information Security Team. DO NOT submit candidates previously submitted to 710485 MUST BE LOCAL TO METRO ATLANTA REQUIRED CERTIFICATIONS MUST BE UPLOADED The Office of Information Technology is the office within DHS that provides computing, applications management, IT procurement, network and telecommunications services to all DHS divisions and offices. The Cybersecurity Analyst job responsibilities include: Under limited supervision: Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations. Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements. Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner. Coordinate and oversee the production of evidence to support internal and external audits. Conduct internal risk, vulnerability, and compliance assessments to: Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings. Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Georgia Technology Authority (GTA). Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance. Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives. Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation. Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths. Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs. Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations. Assist with information security awareness training activities and preparation of awareness training materials. Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency's InfoSec policies and controls. Performs other professional responsibilities as assigned. Qualifications: Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in information security or information assurance. Note: An equivalent combination of education and job specific experience that provided the knowledge, experience and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis. Required Skills/Qualifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy Required/Desired Skills SkillRequired /DesiredAmountof ExperienceBachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or universityRequired0Demonstrate knowledge of network, operating system, database and application securityRequired2YearsExperience implementing and complying with Federal and State LawsRequired2YearsKnowledge of current and emerging (Next Gen) Information Security Technologies and Practices Required2YearsWorking knowledge of NIST 800-53 and/or CMS MARS-E 2.0 Required2YearsExperience in Cloud-based solutions and environmentsRequired2YearsCertified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) (MUST UPLOAD CERTIFICATION)Required0 Information technology experienceRequired5YearsInformation security or Information assurance experienceRequired1Years Questions No.QuestionQuestion1Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement? Question2Please list candidate's email address that will be used when submitting E-RTR. Question3The maximum mark-up for this engagement's SRP rate is 35%. To be competitive on pricing, a mark-up below the 35% threshold is suggested. Do you agree to propose a mark-up at or below 35%? Question4Candidate must be paid at least BR if selected for engagement therefore The SRP rate cannot exceed BR. Do you accept this requirement? Question5This assignment is contingent upon customer renewal and availability of adequate funding. Do you accept this requirement?Question6The selected candidate will be expected to start their engagement no later than 2 weeks (10 business days) from the client's selection date. Do you accept this requirement?Question7HYBRID work option: However, the selected candidate must be available to report onsite as directed by the client. Do you accept this requirement?Question8In what city does the candidate resides?