On-Site Interviews.
Candidate will need to work On-Site multiple days a week.
Maximum Vendor Submittal Rate is NA/hr.
The Virginia Department of Transportation is seeking to fill the Information Technology (IT) Security Analyst position. This position reports to the Deputy Information Security Officer in the Office of Information Security located in Richmond, Virginia.
The Virginia Department ofTransportation is seeking to fill the Information Technology (IT) SecurityAnalyst position. This position reports to the Deputy Information SecurityOfficer in the Office of Information Security located in Richmond, Virginia.
The IT Security Analyst supportsthe VDOT Information Security mission by implementing results-orientedstrategic approaches, plans, programs, and procedures. This position helps toensure that Commonwealth of Virginia Information Security Policies andStandards are followed by the Agency. The broad areas of responsibility forthis position include; identity and access management, IT risk management,business continuity and IT disaster recovery planning, security awarenesseducation and training, security vulnerability management and security incidentmanagement.
ResponsibilitiesDocumentsprocesses and script narratives/executive summaries.
CreateBusiness focused documentation for circulation among readers with varioustechnical understanding.
Shareinsight of Security Architecture and IT Governance approaches andimplementation methodologies
Researchand provide written guidance on alignment with security policies/standards.
Performtasks related to Security Compliance and Control Evaluation, Risk analysis, andexception documentation.
Collaboratewith Business areas and cross- functional Enterprise Architects to fullyunderstand business needs and provide strategic consultation on data securityand risk-averse implementation.
Partnerwith architects, other technical team members and to develop roadmaps andstrategies to support agency KPIs
Design/ImplementEnterprise Security/technology Patterns
Consultwith teams as needed on initiatives and provide tactical direction as well asprovide architecture considerations on legacy solutions
Researchand share finding of architecture governance, controls, and peer review processedwith regards to platform technology, security, and cloud.
QualificationsComprehensiveknowledge of Information Security principles; including information securitytrends, emerging technologies, best-practices, controls, models, architecture,etc.
Practicalexperience with identity and access management, IT risk management, businesscontinuity and IT disaster recovery planning, security awareness education andtraining, security vulnerability management, and security incident management.
Familiarity withthe Commonwealth of Virginia's Information Security Standards and/or theNational Institute of Standards and Technology Publication NA0-53.
Able tocommunicate effectively in writing and orally, exercise judgment, interpretlaws and policies, and maintain effective working relationships with a widevariety of individuals in both the public and private sectors
Experience in monitoring ITenvironments for compliance with information security architecture policies andstandards.
Substantial technicalexperience in 2 or more: Cloud-based technologies, Identity & AccessManagement, Vulnerability Management, firewalls, computer forensic techniques,databases, collaboration tools, web & mail services.
Ability to provide inputand security direction for future designs, information security capabilities,and strategic technology alternatives.
Excellent written and oralcommunication and presentation skills (possessing the ability to breakdowncomplex technical terms into everyday language).
Demonstrated ability towork with broad cross-section of personal including all levels of managementand external entities such as VITA consultants and service providers to explainand security measures and collaborate and disseminate security relatedinformation in partnership with the Office of Information Security.
Work experience in a fast-pacedenvironment and acquire new skills/knowledge to meet customer needs.
Thorough understanding ofcustomers priorities and the business criticality of platforms, applicationsand services.
Required/Desired Skills Skill Required /Desired Amount of Exp in Years Candidate Experience Comprehensive knowledge of Information Security principles; including information security trends, emerging technologies, best-practices, controls, Required 5 Practical experience with identity and access management, IT risk management, business continuity and IT disaster recovery planning Highly desired 5 Knowledge of IT Security Governance and Compliance Required 5 Experience in business writing and presenting Required 5 Educational or Career Experience in Cybersecurity, Government technology implementation, IT Governance or related field(s). Required 4 Questions No. Question Candidate Answer Question1 Commonwealth of Virginia security policies prohibit the use of offshore IT contractors. Do you attest to the fact that your candidate will physically reside within the US for the duration of the assignment? Question2 Please list candidate's email address.