*Position -: Security Analyst* *Duration -: long term* *Location: Fort Collins, CO*
*NEED GC AND USC* *This Security Analyst role requires a very strong understanding of NIST and FISMA (which are US-based security guidelines), so our ideal candidate will probably have years of experience in the US.* * Additionally, this person needs to be familiar both with network security but also application, database and computer security in general. * *A Network Engineer who focuses on security won’t be sufficient, this person needs to be 100% Security focused, with a history of job titles on their resume like “Security Analyst”, “Security Engineer”, “IT Security”, etc.”* *This is a very technical candidate, with strong, hands-on IT exp. and understanding of relational databases* *Security Analyst* *Job Description:* *- Analyze business, functional, and non-functional requirements to create technical design and unit test strategy documents.* *- Design, test, and implement solutions based on requirements provided from the Enterprise Application Services, Office of the Chief Information Officer (OCIO), USDA* *- Design artifacts that follow the technical standards and guidelines * *- Work with staff to define solutions and implement those solutions according to the agreed upon design.* *- Control deployment of HP Fortify and future planned security services * *- Review monthly and quarterly Retina and WebInspect scans and recommend technical solutions to mitigate vulnerabilities* *- Actively transfer knowledge and mentor staff members on various aspects of system specific administration, configuration, and development* *Required Skills:* *- Experience collaboratively establishing secure configuration baselines for technologies such as Windows Server 2008 R2, Exchange 2010, or Red Hat Enterprise Linux Server 6.* *- Experience securing Oracle database suites or MS SQL databases (not looking for someone who only has network skills).* *- Experience performing IT product security specification reviews.* *- Experience designing/reviewing architectures for adequate security such as secure authentication methods.* *- Ability to use collaborative communication skills and establish productive working relationships.* *- Experience with documentation reviews, including A&A packages* *- Awareness of the diagnostic and mitigation aspects of Information Security Continuous Monitoring.* *- Assists Information Systems Security Managers (ISSMs) in generating ATO package and continuous monitoring artifacts. * *- Assists in documenting and managing artifacts in online SharePoint and CSAM security repositories.* *- Knowledge of Risk Management Framework* *- Knowledge of NIST, FISMA and other applicable guidance* *Desired Skills: * *- Implement security controls in appropriate information systems.* *- Assess the effectiveness of the security controls once they have been implemented.* *- Determine agency-level risk to the mission or business case.* *- Authorize the information system for processing.* *- Monitor the security controls on a continuous basis* *- Implement security controls in appropriate information systems.* *Thanks and Regards* *[image: cid:image001.jpg@01D0A762.A6EA2220]* *Chad* IT RECRUITER *Email*: *c...@technocraftsol.com* <c...@technocraftsol.com> *Contact*: *614-664-7632* *Yahoo ID / Gmail ID*: *chad.technocraft* *Website*: www.technocraftsol.com *Note: Technocraft Solutions LLC works with Direct Client’s and Preferred Vendors Nationwide. * *Your confirmation would means that you understand the level of Technocraft Solutions LLC association for the mentioned project and will not approach Technocraft Solutions LLC Client directly* -- You received this message because you are subscribed to the Google Groups "Oracle-Projects" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracle-projects+unsubscr...@googlegroups.com. To post to this group, send email to oracle-projects@googlegroups.com. Visit this group at http://groups.google.com/group/oracle-projects. For more options, visit https://groups.google.com/d/optout.