Job Details

Home

IT Security Analyst 2 (Hybrid Onsite) at Lansing, Michigan, USA

http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=2153723&uid=

From:

Sameer,

GSK Solutions Inc

[email protected]

Reply to: [email protected]

Job Title: IT Security Analyst 2 (Hybrid Onsite)
Location: Lansing, MI
Duration: 1 year with possible extension
Pay Rate: $50/hr on C2C / 1099 all inclusive (OR) $45/hr on W2

Interviews: Virtual Interview via MS Teams video. Please use laptop and be prepared so share screen if asked. Use of headphones is strongly discouraged. A screenshot photo of candidate will be required for any Teams interviews as well as a vendor present at beginning of interview to validate candidate.

Remote or On-site: Candidates MUST be local at time of submission. Hiring manager is not currently interested in candidates who will need to relocate to accept offer. NO REMOTE ONLY OPTION. Position will be hybrid work schedule onsite 2 days a week (Tuesdays and Wednesdays) and WFH the remaining 3 days.

Top Skills & Years of Experience Required:
1+ Years experience in the IT industry analysing and applying information security principles and practices
1+ Years experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems
1+ Years experience analysing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1.
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
CISSP, CISA, PMP and/or Security+ Certification is highly desired.

Job Description:
The Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and existing systems. The system security plans are documented in the Governance, Risk, Compliance tool. This requires close coordination with IT project teams, tech leads, business and enterprise security representatives, and product owners, to establish and maintain processes and security controls for systems, and to identify security vulnerabilities and coordinate remediation plans. Security Analysts are assigned resources for DTMB development projects. Security Analysts are typically not assigned resources and are available for consult, if needed, for Commercial off the Shelf (COTS) procurement phase projects. For COTS implementation phase projects, Security Analysts are typically listed resources to navigate SSP/Authority to Operate (ATO) activities with Michigan Cyber Security (MCS) to support security requirements to Go Live.

Responsibilities:
Create SSPs via collaboration with MDOT Automation Managers, System Owners, System Security Administrators, and project team for new applications in alignment with the Secure Application Development Life Cycle and Michigan Security Accreditation Process.
Maintain SSPs for existing applications requiring ATO and those facing software and/or hardware enhancements.
Collaborate with business representatives to establish system registration.
Identify security testing and system scanning requirements.
Perform risk assessments and provide responses for security controls.
Continuously monitor plans of action and milestones and corrective action plans as they relate to the SSPs in collaboration with the MDOT Enterprise Information Management office.
Validate respective SSPs to ensure NIST control requirements are met.
Author recommendations associated with findings on how to improve the customers security posture in accordance with SOM Policies, Standards, and Procedures, and NIST (National Institute of Standards and Technology) controls.
Assist team members and vendors with proper artifact collection to satisfy assessment requirements.
Coordination of scanning activities/enterprise activities with MCS, tech leads, and business areas.
Assist with performing system Data Classifications part of the SSP/ATO process.
Required Skills:
Experience analysing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1.
Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems.
Experience in the IT industry analysing and applying information security principles and practices.
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.
Preferred Skills:
Certification
CISSP, CISA, PMP and/or Security+ certification.
Experience with other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements.

Keywords: information technology golang wtwo microsoft Michigan
IT Security Analyst 2 (Hybrid Onsite)
[email protected]
http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=2153723&uid=

[email protected]
View All

04:26 AM 07-Feb-25

To remove this job post send "job_kill 2153723" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

sameer@gsksolutions.com wrote:
From:

Sameer,

GSK Solutions Inc

sameer@gsksolutions.com

Reply to:   sameer@gsksolutions.com

Job Title:  IT Security Analyst 2 (Hybrid Onsite)
Location: Lansing, MI
Duration: 1 year with possible extension
Pay Rate: $50/hr on C2C / 1099 all inclusive (OR) $45/hr on W2

Interviews: Virtual Interview via MS Teams video. Please use laptop and be prepared so share screen if asked. Use of headphones is strongly discouraged. A screenshot photo of candidate will be required for any Teams interviews as well as a vendor present at beginning of interview to validate candidate.

Remote or On-site: Candidates MUST be local at time of submission. Hiring manager is not currently interested in candidates who will need to relocate to accept offer. NO REMOTE ONLY OPTION. Position will be hybrid work schedule onsite 2 days a week (Tuesdays and Wednesdays) and WFH the remaining 3 days.

Top Skills & Years of Experience Required:
1+ Years experience in the IT industry analysing and applying information security principles and practices
1+ Years experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems
1+ Years experience analysing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1.
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
CISSP, CISA, PMP and/or Security+ Certification is highly desired.

Job Description:
The Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and existing systems. The system security plans are documented in the Governance, Risk, Compliance tool. This requires close coordination with IT project teams, tech leads, business and enterprise security representatives, and product owners, to establish and maintain processes and security controls for systems, and to identify security vulnerabilities and coordinate remediation plans. Security Analysts are assigned resources for DTMB development projects. Security Analysts are typically not assigned resources and are available for consult, if needed, for Commercial off the Shelf (COTS) procurement phase projects. For COTS implementation phase projects, Security Analysts are typically listed resources to navigate SSP/Authority to Operate (ATO) activities with Michigan Cyber Security (MCS) to support security requirements to Go Live.

Responsibilities:
Create SSPs via collaboration with MDOT Automation Managers, System Owners, System Security Administrators, and project team for new applications in alignment with the Secure Application Development Life Cycle and Michigan Security Accreditation Process.
Maintain SSPs for existing applications requiring ATO and those facing software and/or hardware enhancements.
Collaborate with business representatives to establish system registration.
Identify security testing and system scanning requirements.
Perform risk assessments and provide responses for security controls.
Continuously monitor plans of action and milestones and corrective action plans as they relate to the SSPs in collaboration with the MDOT Enterprise Information Management office.
Validate respective SSPs to ensure NIST control requirements are met.
Author recommendations associated with findings on how to improve the customers security posture in accordance with SOM Policies, Standards, and Procedures, and NIST (National Institute of Standards and Technology) controls.
Assist team members and vendors with proper artifact collection to satisfy assessment requirements.
Coordination of scanning activities/enterprise activities with MCS, tech leads, and business areas.
Assist with performing system Data Classifications part of the SSP/ATO process.
Required Skills:
Experience analysing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1.
Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems.
Experience in the IT industry analysing and applying information security principles and practices.
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.
Preferred Skills:
Certification
CISSP, CISA, PMP and/or Security+ certification.
Experience with other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements.

Keywords: information technology golang wtwo microsoft Michigan 
IT Security Analyst 2 (Hybrid Onsite)
sameer@gsksolutions.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 6

Location: Lansing, Michigan