Data Security Consultant

Overview

Hybrid
$65 - $75
Accepts corp to corp applications
Contract - W2
Contract - 2 Year(s)

Skills

Identity Access Management (IAM)
PCI Compliance
Policy Auditing
Security Architect
Network Engineering/Security
Firewall Management
CJIS
CISSP/GIAC certification
Web-based technologies
Deputy Registrar Security

Job Details

IO Datasphere, Inc. has been providing project management, software development and IT staff augmentation services to our clients in the Midwest and throughout the U.S. since 1996. We are an approved vendor on contract to provide software development and IT staff augmentation services for the States of Illinois, Michigan, Minnesota, Iowa, and Wisconsin. We also provide these services to businesses, as well as local and county governments, in the Midwest and nationwide.

 

Our client is seeking a Data Security Consultant to be responsible for conducting comprehensive audits of data systems including its infrastructure, policies and procedures.  Candidate will actively represent the Agency in all matters pertaining to information security, disseminate information security alerts and other material to constituents, and maintain information security documentation to include system configuration files. Candidate will assist with information security audits or hardware and procedures, and keep the CSA informed as to any information security needs and problems.

 

Tasks
  • Assist with evaluation of architecture interfacing with other state/federal/local systems.
  • Assist with assessing the security of any equipment needed.
  • Assist with the evaluation of data integrity and data security.
  • Assist with ensuring all background check compliance is met for all project team members.
  • Assist with creating procedures to ensure the proper access rights are granted.
  • Assist in building User Acceptance Testing (UAT) scenarios to ensure security requirements are properly tested and documented.
  • Assist with architecture reviews of all environments.
  • Assist with the evaluation and testing of disaster recovery plans.
  • Assist with the development of change management processes and procedure projects.
  • Provide written documentation and recommendations.
  • Work with staff, review IT security audit documentation from local agencies which access systems and data to determine compliance with Security Policy requirements.
  • Provide technical guidance, principles, standards, and best practices to guide criminal justice agency infrastructure design and system implementations to comply.
  • Perform technical analysis of vendor solutions to assess compliance with Security Policy.
  • Audit identity and access management to assure they are properly managed and maintained for all systems utilized to access driver’s license and motor vehicle registration data; and recommend remedial action when required.
  • Audit the driver’s license and motor vehicle systems for PCI compliance; and recommend remedial action when required.
  • Work with client agencies and other government entities to ensure driver and vehicle data is accessible for utilization for mission critical functions while maintaining all security requirements.
  • Access public government data to the extent allowable by law, including data in the State’s possession that would otherwise be classified as not public under State’s statutes.
  • Analyze security needs for all projects, systems, and systems that interface with systems.
  • Transition and train new security staff for duties including Deputy Registrar Security, Identity Access Management (IAM), PCI Compliance, Policy Auditing.
  • Responsible for physical Security of Facilities.
  • Monitor Fraud and Investigations.
  • Responsible ADLMV Management.
  • Act as Technical Review/Architect.
  • Identify who is using the CSA approved hardware, software, and firmware and ensure no unauthorized individuals or processes have access to the same.
  • Identify and document how the equipment is connected to the state system.
  • Ensure that personnel security screening procedures are being followed as stated in Security Policy and the State’s current policy.
  • Ensure the approved and appropriate security measures are in place and working as expected.
  • Support policy compliance and ensure the CSA ISO is promptly informed of security incidents.
  • Conduct an annual audit of compliance and track remediation efforts on any items found
  • Maintaining compliant network architecture.
  • Properly vetting all individuals with access to physical and logical resources through the access control systems and best IAM practices.
  • Properly vetting all software and hardware vendors for compliance.
  • Working to utilize enterprise resources when possible and involving State on all technical projects
  • Active involvement in all data access requests that may contain to ensure CJI is protected accordingly.
  • Work through vendor agreements to ensure all security requirements are met or exceeded.
  • Reviewing scans of resources and monitoring identified vulnerabilities and remediation efforts.
  • Provide knowledge transfer.

 

Knowledge, Skills and Abilities Required (Soft Skills):
  • Ability to see how parts interact with the whole (“big picture” thinking).
  • Interpersonal and leadership skills – servant leadership, collaboration, facilitation, and negotiation skills.
  • Communication skills – both written and verbal.
  • Time management and prioritization.
  • Experience explaining complex technical issues in a way that non-technical people may understand.

 

 

NOTE:  Schedule is hybrid. On-site location may vary in the Saint Paul/ Metro area. The resource is expected to work 20-30 hours a week. Hours may vary per week dependent upon the urgency of their current project. The resource will be on-site 10-days a month. Days on-site may vary per month dependent upon the urgency of their current project; days may not be contiguous. The resource must be available for short notice/sporadic appointments which will physically bring them on-site and into the Saint Paul/ Metro area.  Resource will be working a part-time schedule

 

Location: St Paul, MN (Hybrid – 20-30 hours per week)

Contract: 2 years (Part Time)

 

Skills Required:
  • 6 years - Experience in a security architect or engineer role
  • 3 years - Experience in network engineering, including firewall management.
  • Four (4) or more engagements, within the last ten (10) years, in a security architect or engineer role where the engagement was longer than three months each.
  • Experience with the design and implementation of information systems, in organizations with more than 50 people, with an emphasis on data, network, and infrastructure security
  • Experience with hardware, software, application, and systems engineering.
  • Experience with database systems, web-based technologies, and network security.
  • Knowledge of IT governance and operations.
  • CISSP or GIAC certification

 

*** Rate depends on experience

*** Candidates authorized to work in the US are encouraged to apply.  We are not sponsoring H1B candidates at this time.

*** Companies submitting candidates should only submit direct W2 employees for this position.

 

Please submit your resume by using the "URL" below