Sr Oracle DBA Apply
Position: IT Security Auditor REQ ID: 104551 Direct Client : State of Michigan - IT - DTMB - Cyber Security - MCS - IT Security Auditor Job Location: Lansing, MI, Top Skills & Years of Experience: • Experience in Information Technology – 10 yrs • Experience in IT Security – 3-5 yrs • Experience conducting, implementing, or using security risk assessments – 3 yrs • Experience conducting or implementing Security Awareness Training – 2 yrs • In-depth knowledge and practical application of the CIS Top 20 Security Controls or other nationally-recognized cybersecurity framework Interview Process: Virtual Interview via MS Teams video. Please use a laptop and be prepared to share a screen if asked. Duration: 1 year with possible extension. Remote or On-site: Candidates MUST be located in MI. (Local preferred) Will need to be onsite starting day 1 for hybrid work schedule Please ensure you attach the Cover Sheet (attached), Hybrid work document (attached), valid Right to Represent, and the candidate's resume with full legal first name, and last name ONLY. (Refer to Bid Submission Requirements) Withdrawn candidates will not be permitted to be replaced. If you would like to use a sub vendor, only 1 level deep, please use Formstack link: https://knowledgeservices.formstack.com/forms/msp_michigan_subvendor_usage_request_form Provide Cybersecurity consulting services in a variety of capacities across Michigan with specific focus on supporting local government and K-12 entities as part of the Michigan Cyber Partners Program within the State of Michigan's Department of Technology Management and Budget Cybersecurity & Infrastructure Protection division's External Engagements umbrella. This role will directly support the Michigan Cyber Partners Program which is a collaboration between various divisions at the State of Michigan, including Michigan Cyber Security and the Michigan State Police, and local public entities across Michigan to strengthen, improve, and promote cybersecurity resources and best practices. The role will take day to day work direction from the Cyber Partners Program lead, for Cyber Partners related assignments and deliverables. Expected assignments include, but are not limited to the following: · Assist with the development, improvement, and expansion of the Michigan Cyber Partners program. · Assist with the development of statewide cybersecurity plans to improve cyber posture of local public entities. · Facilitate working sessions to drive collaboration on various shared artifacts · Work directly with local entities (individually or in groups) to promote cybersecurity best practices and opportunities as highlighted in the Cyber Partners program and/or the statewide security plan. · Participate in and lead program outreach and promotion activities. · Work closely with state and national partners to promote their services to local entities in Michigan. · Coordinate training sessions and programs delivered by state and/or national partners. · Coordinate training programs delivered by 3rd party vendors. · Support and promote Risk Assessment projects in a vendor model. · Conduct trainings and exercises. · Participating in grant seeking and statewide grant implementation. · Develop various artifacts such as process flows, communication plans, program plans, scope documents, etc. · Lead and assist with internal capacity building projects · Participate in election security initiatives in collaboration with Michigan Bureau of Elections and Michigan's local clerks and election officials. · Contribute to content development for the external website, marketing and campaigns, etc. · Other duties as assigned Skills Requirements: Required · Experience in Information Technology – 10 yrs · Experience in IT Security – 3-5 yrs · Experience conducting, implementing, or using security risk assessments – 3 yrs · Experience conducting or implementing Security Awareness Training – 2 yrs · Experience presenting cybersecurity concepts to broad audiences. – 3-5 yrs · In-depth knowledge and practical application of the CIS Top 20 Security Controls or other nationally-recognized cybersecurity framework. – 3-5 yrs · Ability to work independently with little day to day direction · Ability to work in a collaborative environment with minimal formal authority. · Ability to work collaboratively with individuals representing broad personal and organizational diversity. · Ability to creatively develop potential solutions and run limited experiments to determine viability. · Shows necessary resourcefulness to delivery on assignments and deliverables in a complex environment Highly Desired · Experience working in a local government or k12 technology leadership role - 3 years. · Experience with federal, state or local government – 3 years · Experience in IT, security or management consulting – 3 yrs · Experience in Incident Response disciplines and practices– 3 yrs · Experience in Governance Risk and Compliance Program, Tools, Processes – 3 yrs · Familiarity with standard risk frameworks, including ISO 27000, SANS, NIST 800-53, and standard compliance frameworks – 3 yrs · Current certifications such as CISSP, CISA, and/or others as relevant – N/A Skills Years Experiences Experience working in a local government or k12 technology leadership role 3 years. Experience with federal, state or local government 3 years Experience in IT, security or management consulting 3 years Experience in Incident Response disciplines and practices 3 years Experience in Governance Risk and Compliance Program, Tools, Processes 3 years Familiarity with standard risk frameworks, including ISO 27000, SANS, NIST 800-53, and standard compliance frameworks 3 years Current certifications such as CISSP, CISA, and/or others as relevant – N/A