*Title*: Security Analyst *Location*: Denver CO
*Duration*: 9+ Months Please Send your resumes to *m...@nytpartners.com <m...@nytpartners.com>* *Duties: Primary job duties include the following:* ● Address security risk assessment findings and recommendations for two key systems, Colorado Benefits Management System (JAVA, Linux, Oracle) and PEAK (force.com platform) ● Review application code and operating system vulnerability scans and oversee remediation ● Wok with vendor development staff to develop application code scanning process and to develop remediation plans. ● Assist the state with updating processes and procedures in support of security plans for Federal Agencies (Social Security Administration, CMS and IRS). ● Provide recommendations for software and hardware configurations to support security standards and setting up a HW/SW asset license management system. ● Assist the state with planning the migration of one major system to new hardware and implementing the required controls. ● Participate in the definition and implementation of projects to upgrade the systems and infrastructure to comply with revised standards for security and privacy, including MARS E v 2.0 for CMS and publication 1075 for IRS and management of FTI data. ● Recommend changes to the process for planning and validating the application of patches. *Minimum Requirements:* ● Minimum of 3 years of experience in a system development environment, JAVA ● Minimum of 1 year of experience with application code vulnerability scanning ● Minimum of 3 years of experience developing and implementing technical projects ● Minimum of 1 year experience with secure coding with hands on use of an application code vulnerability scanning tool ● Clear Communicator (written and verbal) ● Experienced with using common business applications; such as, Google Docs, Microsoft Office (Word, Excel), Microsoft Project ● Strong analytical and research skills using the Internet and other tools ● Strong verbal communication skills and ability to facilitate a planning session or meeting ● Understanding of data governance, including the security requirements for PII, FTI, and PHI. ● Must be able to work independently and be proactive in reaching for information ● Must be comfortable in an environment with change and many concurrent projects *Desired Experience:* ● Understanding of a government environment and data governance ● Experience in the application of commonly accepted concepts and practices specific to the secure design and development of technical documents ● Salesforce development ● Use of Veracode or other vulnerability scanning tool *-Protected Health Information ("PHI")* -PII is defined as a person’s first name or first initial and last name in combination with one or more of the following data elements: Social security number State-issued driver’s license number State-issued identification card number Financial account number in combination with a security code, access code or password that would permit access to the account Medical and/or health insurance information *-Federal Tax Information ("FTI")* FTI is defined as any return, return information or taxpayer return information that is entrusted to the University by the Internal Revenue Services Please Send your resumes to *m...@nytpartners.com <m...@nytpartners.com>* -- *Thanks & Regards,* *Mike* *Technical IT Recruiter* *NYT Partners* -- You received this message because you are subscribed to the Google Groups "OracleD2K" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracled2k+unsubscr...@googlegroups.com. To post to this group, send email to oracled2k@googlegroups.com. Visit this group at https://groups.google.com/group/oracled2k. For more options, visit https://groups.google.com/d/optout.