Immediate Need IT Security Architect@ SC for Long Term
Please send the matching profiles to mohit@nytpartners.com
(Please add my id in your yahoo or G talk to be in touch with you.)
YIM: mohitstaffing
G-Talk: mohit.staffing
Hi All,
I have a IT Security Architect position with my Client. Please check the below positions and if you have any consultants do share their RESUME along with the contact and mailing information.
Job Title: IT Security Architect
Location: Columbia, SC, US
Max Hourly Rate: USD $OPEN (Market)
Duration: Long Term
Qualifications:
Immediately Address Serious Security Vulnerabilities
· - Perform activities necessary to assess, at a high level, the State's current security position and identify the State's most serious security vulnerabilities.
· - Complete three (3) agency-level information security risk assessments. The agencies to be assessed will be determined by client.
· - Provide strategies and recommendations to immediately address the State's most serious security vulnerabilities.
· - Recommend an appropriate structure to manage information security on a State government enterprise basis.
· - Provide guidance and assistance to the State in developing FY 14 budget estimates (July 1, 2013 – June 30, 2014) for implementing proposed strategies and recommendations.
· - Deliver an initial report to be distributed to the State Budget and Control Board and the General Assembly outlining the State's most serious security vulnerabilities, strategies and recommendations along with cost estimates to address those vulnerabilities.
Develop and Implement and Information Security Program
Organization and Planning
Develop a comprehensive project plan for the implementation of the requirements.
· Develop a reporting and communication plan to keep State leaders and stakeholders aware of INFOSEC plans and progress toward plan objectives.
· Using appropriate risk assessment/risk management methods:
· - Determine the State's current information security position, including personnel,processes and technology.
· - Define the State's "to-be" or future INFOSEC position, including personnel, processes and technology.
· - Identify gaps between the current and the "to-be" INFOSEC positions and develop an implementation plan to reach the "to-be" position, including associated cost estimates for work to be done and technology to be procured through subsequent procurements. In the implementation plan, place a priority on those solutions and preventative
· measures with higher payoff in terms of higher risks which can be easily achievable with minimal effort and expense.
· - Provide guidance and assistance to the State in developing annual funding estimates for the creation and ongoing operation of the enterprise INFOSEC program, including personnel costs, hardware/software costs, and costs associated with training, including end user training (cost estimates to include costs attributable at both the agency and central office levels).
Governance
Propose and assist the State in implementing an appropriate governance model for the creation of the INFOSEC program and to direct the ongoing management and operation of the INFOSEC function.
Create and assist the State in adopting a data classification schema that categorizes data based on its level of sensitivity, legal and regulatory compliance requirements, and the impact to the State or any of its agencies should that data be accessed, lost, altered or destroyed without authorization. An initial high level version of this schema may need to be completed first in order to meet the State's May 1, 2013 requirements.
· Conduct agency-level information security risk assessments. The State has approximately seventy (70) agencies and requires the following:
· - The initial 3 agency-level information security risk assessments required in the above section entitled "Immediately Address Serious Security Vulnerabilities".
· - Fifteen (15) additional agency-level information security risk assessments must be proposed and completed within 2 years.
· - A complete information security agency self-assessment procedure which the State may use in the future as a part of any ongoing risk assessment process.
· - Assist the State in implementing an ongoing data classification audit policy and procedure to ensure that appropriate controls are put in place and monitored for continuing operation.
· Develop Statewide Security Framework
· - Develop and recommend an appropriate operating model for the management of information security for the State that can be effective within the State's information technology and agency environment. The model must outline roles and responsibilities for security professionals at the State and agency levels and define lines of authority and reporting channels.
· - Develop enterprise security policies, procedures and best practices to guide State agencies in the development, management, and operation of a security program at the agency level.
· - Develop and recommend procedures and practices to ensure that State agencies are complying with requirements of the enterprise INFOSEC program.
· - Develop models and strategies that can be used to monitor the performance and success of the State's INFOSEC program.
· - Define cyber security professional positions needed at the State and agency level.
· - Develop a training program for the State's use to raise awareness of cyber security policies, procedures, strategies and best practices.
· - Assist the State in efforts to develop the capacity to support and manage any new technology or solutions implemented throughout the course of this project.
· - Develop standards for hardware, software and solutions that will need to be procured to address identified security gaps. Standards must be defined in terms of service levels and performance measures rather than by manufacturer or vendor.
· Required Skills:
· Minimum of 6 years' experience in IT Security Assessment
· Minimum of 6 years' experience developing and implementing IT Security Programs
· Minimum of 5 years' experience fixing serious security vulnerabilities
Risk Analysis
Canidates with State Government Security Experience will be given preference over other qualified candidates.
Thanks and Regards,
Mohit Jain
New York Technology Partners - Rochester
332 Jefferson Rd
Rochester, NY 14623
( 2016800200 x 7023| Fax: (201) 474-8533
Best way to communicate is by E-Mails.
You received this message because you are subscribed to the Google Groups "Frontier Knowledge Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to frontier-knowledge-group+unsubscribe@googlegroups.com.
To post to this group, send email to frontier-knowledge-group@googlegroups.com.
Visit this group at http://groups.google.com/group/frontier-knowledge-group?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

No comments:
Post a Comment