• Snapboard
  • Activity
  • Reports
  • Campaign
Welcome ,

Chat with the recruiter

...Minimize

Hey I'm Online! Leave me a message.
Let me know if you have any questions.

IT Security Analyst 3

In United States

Save this job

IT Security Analyst 3   

Click on the below icons to share this job to Linkedin, Twitter!

JOB TITLE:

IT Security Analyst 3

JOB TYPE:

JOB SKILLS:

JOB LOCATION:

Lansing, MI United States

JOB DESCRIPTION:

Position: IT Security Analyst 3

 
Location: Lansing, MI 
 
Interview Process: Virtual Interview via MS Teams video. Please use laptop and be prepared so share screen if asked.
Duration: 1 year with possible extension.
Remote or On-site: Candidates MUST be located in MI. (Local preferred) Will need to be onsite starting day 1 for 2-day a week hybrid schedule. NO remote only options.
 
Job description
Position Description: IT Security Analyst II with the Department of Technology, Management, and Budget
(DTMB) Agency Services supporting the Michigan Department of Transportation (MDOT).
Detailed Job Duties:
The IT Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and
existing systems. The system security plans are documented in the Governance, Risk, Compliance (GRC) tool.
This requires close coordination with IT project teams, business and enterprise security representatives, and
product owners, to establish and maintain processes and controls for security vulnerability remediation.
Responsibilities:
 Create system security plans (SSP) for new applications in alignment with the Secure Application
Development Life Cycle (SADLC) and Michigan Security Accreditation Process (MiSAP).
 Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software
and/or hardware enhancements.
 Collaborate with business representatives to establish system registration.
 Identify security testing and system scanning requirements.
 Analyze risk assessments and provide mitigating actions and responses for technical controls.
 Continuously monitor plans of action and milestones (POAM) and corrective action plans (CAP) as they
relate to the SSPs in collaboration with the MDOT Enterprise Information Management (EIM) office.
 Validate respective SSPs to ensure NIST control requirements are met.
 Author recommendations associated with your findings on how to improve the customer's security posture
in accordance with SOM PSP & NIST controls.
 Assist team members and vendors with proper artifact collection to satisfy assessment requirements.

Client Skill Matrix

 Experience in the IT industry analyzing and applying information security principles and practices
Required: 4 Years
 Experience reviewing IT systems/applications plus basic knowledge of networking components and
various operating systems Required: 4 Years
 Experience analyzing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4
or 5, and 800-53A Revision 1. Required: 2 Years
 Experience with other Security Frameworks (ISO, PCI, NIST, COBIT, HIPAA/HITECH, etc.) and
regulatory requirements is a plus Nice to have: 2 years
 CISSP, CISA, PMP and/or Security+ certification Nice to have
 Experience working with software vendors to implement security controls Nice to have
 Experience using Lockpath or similar GRC tool Nice to have
 Experience working independently and in a team environment
 Strong written and verbal communication skills including the ability to explain technical matters to a
non-technical audience
 Ability to collaborate on multiple projects/efforts at a given time
 Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
 

 

Position Details

POSTED:

Sep 27, 2022

EMPLOYMENT:

INDUSTRY:

SNAPRECRUIT ID:

S16559136284421452

LOCATION:

United States

CITY:

Lansing, MI

Job Origin:

OORWIN_ORGANIC_FEED

A job sourcing event
In Dallas Fort Worth
Aug 19, 2017 9am-6pm
All job seekers welcome!

IT Security Analyst 3    Apply

Click on the below icons to share this job to Linkedin, Twitter!

Position: IT Security Analyst 3

 
Location: Lansing, MI 
 
Interview Process: Virtual Interview via MS Teams video. Please use laptop and be prepared so share screen if asked.
Duration: 1 year with possible extension.
Remote or On-site: Candidates MUST be located in MI. (Local preferred) Will need to be onsite starting day 1 for 2-day a week hybrid schedule. NO remote only options.
 
Job description
Position Description: IT Security Analyst II with the Department of Technology, Management, and Budget
(DTMB) Agency Services supporting the Michigan Department of Transportation (MDOT).
Detailed Job Duties:
The IT Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and
existing systems. The system security plans are documented in the Governance, Risk, Compliance (GRC) tool.
This requires close coordination with IT project teams, business and enterprise security representatives, and
product owners, to establish and maintain processes and controls for security vulnerability remediation.
Responsibilities:
 Create system security plans (SSP) for new applications in alignment with the Secure Application
Development Life Cycle (SADLC) and Michigan Security Accreditation Process (MiSAP).
 Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software
and/or hardware enhancements.
 Collaborate with business representatives to establish system registration.
 Identify security testing and system scanning requirements.
 Analyze risk assessments and provide mitigating actions and responses for technical controls.
 Continuously monitor plans of action and milestones (POAM) and corrective action plans (CAP) as they
relate to the SSPs in collaboration with the MDOT Enterprise Information Management (EIM) office.
 Validate respective SSPs to ensure NIST control requirements are met.
 Author recommendations associated with your findings on how to improve the customer's security posture
in accordance with SOM PSP & NIST controls.
 Assist team members and vendors with proper artifact collection to satisfy assessment requirements.

Client Skill Matrix

 Experience in the IT industry analyzing and applying information security principles and practices
Required: 4 Years
 Experience reviewing IT systems/applications plus basic knowledge of networking components and
various operating systems Required: 4 Years
 Experience analyzing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4
or 5, and 800-53A Revision 1. Required: 2 Years
 Experience with other Security Frameworks (ISO, PCI, NIST, COBIT, HIPAA/HITECH, etc.) and
regulatory requirements is a plus Nice to have: 2 years
 CISSP, CISA, PMP and/or Security+ certification Nice to have
 Experience working with software vendors to implement security controls Nice to have
 Experience using Lockpath or similar GRC tool Nice to have
 Experience working independently and in a team environment
 Strong written and verbal communication skills including the ability to explain technical matters to a
non-technical audience
 Ability to collaborate on multiple projects/efforts at a given time
 Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
 

 


Please wait..!!