IT Security Specialist/Architect - REMOTE

Overview

Remote
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

Cyber Security
Computer Networking
HIPAA
ITIL
SIEM
TOGAF
Network Security
IPS
NIST 800-53
FISMA
AWS

Job Details

Job Description:

***Crop to Crop resumes are accepted
Location Requirement: The candidate will be allowed to work remotely until all staff may be required to return to site. At that point the candidate may be required to come onsite. The candidate will need to come onsite the first day to collect equipment. Do you accept this requirement?

The NCDIT-Transportation Information Security Office (NCDIT-T ISO) requires a contract information security specialist (expert) architect/analyst resource to provide information security policy, process, procedure, and program development for NCDIT-Transportation and the NCDOT business. This position will be an NCDIT-Transportation Information Security Business Architect (ISBA, working title) dedicated primarily to support the creation and update of NCDOT's security program and related policies, standards, and procedures/processes.

Required Skills:

Progressive advanced experience as an IT information security professional working within an enterprise environment.

Detailed technical experience with network security, security protocols, access control, cryptography, application security, and data protection.

Extensive experience with data classification, handling, assessment, and enforcement.

Experience implementing and supporting systems within enterprise-class data center environments.

Advanced knowledge of regulatory compliance including, but not limited to: OWASP, ISO, NIST, FISMA, PCI-DSS, HIPAA and IRS-1075.

Experience leading risk assessments using industry standard frameworks such as ISO or NIST for complex IT projects and technologies.

Experience developing, leading and executing information security incident response plans.

Experience developing and implementing information security policy, standards and procedures.

Experience providing research and evidence in support of audits.

Experience consulting on information security solutions for a state or federal agency.

Detailed expert knowledge of NIST 800-53, and performing risk assessments utilizing NIST 800-53.

Detailed expert knowledge of the NIST Cyber Security Framework (CSF), and performing risk assessments utilizing the NIST CSF.

Experience consulting on information security and IT solutions for a state motor vehicles agency or department of transportation.

Experience performing risk assessments, documenting and driving compliance with the North Carolina DIT Statewide Information Security Manual.

Desired Skills:

Current or prior role as a PCI-DSS Qualified Security Assessor (QSA) or PCI-DSS Internal Security Assessor (ISA)

Experience leading or directly supporting PCI-DSS annual assessment for a L1 or L2 merchant, familiarity with PCI-DSS 3.2 or higher.

Strong knowledge and experience architecting/designing implementations, configuring, and risk assessing AWS and/or Azure cloud computing environments.

Hands-on experience implementing, administrating and operating technologies such as firewalls, IDS/IPS, SIEM, antivirus, network traffic analyzers

CISSP information security certification.

Specific experience implementing, administrating, or operating Tenable Nessus.

Specific experience implementing, administrating, operating or utilizing IBM Qradar SIEM

Experience implementing and operating enterprise class data networking solutions

Experience implementing and operating enterprise class server and storage systems

Detailed expert knowledge of ISO 27001, and performing risk assessments utilizing ISO 27001

Familiarity and experience with the Department of Homeland Security (DHS) Cyber Security Evaluation Tool (CSET).

Experience completing NC Department of Information Technology Privacy Threshold Analysis (PTA) documentation.

Experience completing NC Department of Information Technology Vendor Readiness Assessment Report (VRAR) documentation.

Trained and experience implementing and operating with ITIL (formerly Information Technology Infrastructure Library) concepts.

ITIL (formerly Information Technology Infrastructure Library) certification.

Familiarity and practical experience with SABSA or TOGAF enterprise architecture frameworks and methodologies.

SABSA or TOGAF certification.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Chandra Technologies, Inc.