What are the responsibilities and job description for the Information Security Architect position at InfoStride?
Scope of the project:
- The client is tasked with ensuring compliance with state guidelines. This position with be performing those services including:
- Supporting agencies during their development of the information security program with direct tactical implementation assistance.
- Developing and tracking agency information security implementation plans.
- Interviewing admistrators, managers and third parties to aid in development of program artifacts.
- Ensuring high-level assessments of agencies infosec work to ensure progress is made.
- Providing high-level analysis of process and procedures work to ensure compliance with state standards.
Daily duties / responsibilities:
- The implementation assistance would include, but is not limited to:
- Interviewing business and technical owners to determine policies and procedures used for each agency process.
- Developing and tracking infosec implementation plan progress.
- Documenting information gathered during both interviews and document reviews to assist with developing formal process and procedures.
- Assessing agency documentation to ensure adequate approaches are used to comply with controls.
- Facilitating agency status reporting.
- Collaborating, often onsite at agency locations, with agencies to provide recommendations for compliance.
Required skills :
- Have completed an information security plan or system security plan notebook.
- Prior experience working with fisma standards.
- Must have a strong working knowledge of nist 800-53
- Prior experience poa&m or cap.
- Strong communcation experience (written and verbal).
Preferred skills (rank in order of importance):
- Simultaneously manage multipe infosec work efforts.
- Strong schedule management and resource planning skills.
- Ability to work at a high-volume and fast pace.
- Strong collaborator and strong ability to meet deadlines.
- Knowledge of irs 1075, hipaa, cjis, mars-e and/or pci-dss.
- Ability to indentify map and re-engineer business processes.\
Certification:
- CISA or GSLC or Equivalent
