Reporting directly to the Chief Information Security Officer (CISO), this position is responsible for supporting and maintaining the information technology security environment; assists with cloud security implementation. Analyze and resolve departmental and enterprise security issues, incidents, events; evaluate and identify risks and threats.
location: Atlanta, Georgia
job type: Contract
salary: $48 - 52 per hour
work hours: 9am to 5pm
- Monitor and analyze technology risk trends, conducts external and internal information security risk and vulnerability assessments
- Analyze, recommend, and implement threat and vulnerability management program by running routine information security assessments and manage the related risk acceptance workflow processes
- performs on-going review of threat data from various sources; coordinates with leadership, as well as client resources to perform investigations and recommend remediation and mitigation strategies.
- Provide oversight regarding audit, regulatory and risk management activities, such as development and maintenance of regulatory documentation (HIPAA)
- Implement and enforce an Incident Reporting and Response Program to address security incidents, responds to policy violations or complaints from external parties
- Plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized
- Investigate and recommends appropriate counter measures for IT security incidents. Manages security incidents and events to protect IT assets, including intellectual property, assets and the company reputation
- Implement strategic plans, defining short and long-range program goals to support statewide technology security objectives, policies and procedures and management priorities
- Improve network security and efficiency by leveraging existing technologies and by recommending new technologies to aid in the process
- Manage security of cloud environment
Preference will be given to applicants who in addition to meeting the minimum qualification possess the following:
- Master's degree in any of the following; data management, data sciences, information technology, computer science, business administration, or related field
- 5 or more years of professional experience in an IT-related domain (programming, network architect, security etc.)
- Experience in an IT-related domain in the Public sector
- IT-related certification in CISSP (Certified Information Systems Security Professional), or CRISC (Certified in Risk and Information Systems Control).
- 3 years of professional experience in an IT-related domain (programming, network architect, security etc.)
- Experience in managing regulatory and compliance (ex. HIPAA)
- Experience developing information security protection goals, objectives, and metrics consistent with corporate strategic plans
- Experience managing security in cloud environment
- Security monitoring experience preferred
- Knowledge of behavior and indicators of malware, virus, botnet, hacking techniques
- Knowledge of security tools including: SIEM, LogRhythm, Qualys
- Knowledge of incident response and investigation tools and techniques
- Experience with forensic analysis tools (commercial and open-source) and procedures desired
- Experience with Amazon AWS, EC2, S3 and other cloud platforms desired
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.