Risk Assessor
Hire IT People, LLC
Job Seekers, Please send resumes to resumes@hireitpeople.com Short Description: Risk Assessor**LOCAL candidates STRONGLY preferred**
Complete Description: The qualified candidate will join a team that is responsible for the assessment of information systems that are supported by multiple operating systems, databases, and software development technologies.
TAX seeks an experienced risk assessor in Richmond, VA. The qualified candidate will join a team that is responsible for the assessment of information systems that are supported by multiple operating systems, databases, and software development technologies. The candidate will assist agency personnel in performing risk assessments in accordance with Commonwealth and Agency procedures as well as identify opportunities for improvement. The underlying information infrastructure includes Linux, UNIX, and Windows operating systems; Oracle and Microsoft SQL Server databases, and multiple software development languages that include PowerBuilder, Java, .NET, etc. to name a few.
The IT Risk Assessor is responsible for assisting with meeting security and compliance requirements per state and federal standards. The risk assessor will review information system security controls and evaluate their efficacy in mitigating associated risk. The risk assessor will work closely with system owners, data owners, and system administrators to conduct interviews and review technical information. The assessor will provide an executive summary of the assessment along with a completed VITA Risk Assessment Template for each system evaluated.
An information system security risk assessment should also be performed in compliance with SEC501.09 and SEC520.00 using the risk assessment template:(http://vita.virginia.gov/uploadedFiles/VITA_Main_Public/Library/PSGs/Word_versions/Risk_Assessment_Template.xlsx)
Required: •2+ years of experience conducting IT risk assessments•Apply strong knowledge of analyzing system security controls implementation and efficacy •Demonstrated experience working as a member of a core team as well as an individual with minimal supervision•Possess strong attention to detail and ability to communicate effectively written and verbally•Work with tools to support the IT Security program as well as provide assistance to the corporate information security governance & risk teams as needed. Core tools supported by this role will be Vulnerability scanning and analysis, Intrusion Detection/Prevention System (IPS/IDS), Security Event Logging, Firewalls and other network security technologies, as well as additional security tools added to augment TAX’s IT Security program.•Evaluate the day-to-day operations implemented to protect the integrity, confidentiality, and availability of information assets and technology infrastructures of the organization.•Requires the ability to lift no more than 50 lbs
SkillRequired / DesiredAmountof ExperiencePerform risk assessmentRequired2YearsKnowledge of SEC501 security standardRequired2YearsKnowledge of IRS Pub 1075 and CIS benchmarksNice to have2YearsExperience creating technical documentation and reportsHighly desired2YearsFamiliar with various technologies such as: programming languages - Java, .NET; infrastructure - Windows, Linux, UNIX, MS SQL, and Oracle,Desired3YearsPossess strong attention to detail and ability to communicate effectively written and verballyRequired2YearsApply knowledge of analyzing system security controls implementation and efficacy in evaluating riskRequired2YearsDemonstrated experience working as a member of a core team as well as an individual with minimal supervisionHighly desired2Years
Complete Description: The qualified candidate will join a team that is responsible for the assessment of information systems that are supported by multiple operating systems, databases, and software development technologies.
TAX seeks an experienced risk assessor in Richmond, VA. The qualified candidate will join a team that is responsible for the assessment of information systems that are supported by multiple operating systems, databases, and software development technologies. The candidate will assist agency personnel in performing risk assessments in accordance with Commonwealth and Agency procedures as well as identify opportunities for improvement. The underlying information infrastructure includes Linux, UNIX, and Windows operating systems; Oracle and Microsoft SQL Server databases, and multiple software development languages that include PowerBuilder, Java, .NET, etc. to name a few.
The IT Risk Assessor is responsible for assisting with meeting security and compliance requirements per state and federal standards. The risk assessor will review information system security controls and evaluate their efficacy in mitigating associated risk. The risk assessor will work closely with system owners, data owners, and system administrators to conduct interviews and review technical information. The assessor will provide an executive summary of the assessment along with a completed VITA Risk Assessment Template for each system evaluated.
An information system security risk assessment should also be performed in compliance with SEC501.09 and SEC520.00 using the risk assessment template:(http://vita.virginia.gov/uploadedFiles/VITA_Main_Public/Library/PSGs/Word_versions/Risk_Assessment_Template.xlsx)
Required: •2+ years of experience conducting IT risk assessments•Apply strong knowledge of analyzing system security controls implementation and efficacy •Demonstrated experience working as a member of a core team as well as an individual with minimal supervision•Possess strong attention to detail and ability to communicate effectively written and verbally•Work with tools to support the IT Security program as well as provide assistance to the corporate information security governance & risk teams as needed. Core tools supported by this role will be Vulnerability scanning and analysis, Intrusion Detection/Prevention System (IPS/IDS), Security Event Logging, Firewalls and other network security technologies, as well as additional security tools added to augment TAX’s IT Security program.•Evaluate the day-to-day operations implemented to protect the integrity, confidentiality, and availability of information assets and technology infrastructures of the organization.•Requires the ability to lift no more than 50 lbs
SkillRequired / DesiredAmountof ExperiencePerform risk assessmentRequired2YearsKnowledge of SEC501 security standardRequired2YearsKnowledge of IRS Pub 1075 and CIS benchmarksNice to have2YearsExperience creating technical documentation and reportsHighly desired2YearsFamiliar with various technologies such as: programming languages - Java, .NET; infrastructure - Windows, Linux, UNIX, MS SQL, and Oracle,Desired3YearsPossess strong attention to detail and ability to communicate effectively written and verballyRequired2YearsApply knowledge of analyzing system security controls implementation and efficacy in evaluating riskRequired2YearsDemonstrated experience working as a member of a core team as well as an individual with minimal supervisionHighly desired2Years
Confirmar seu email: Enviar Email
Todos os Empregos de Hire IT People, LLC