Hi,
Hope you are doing well
Please do let me know if you have any suitable profile for this position
*Position:* Security Analyst
*Location:* Denver, CO
*Duration*: 9+ Months Contract
*Skype Hire*
*Security Analyst Duties: *
*Primary job duties include the following:*
● Address security risk assessment findings and recommendations for two
key systems, Colorado Benefits Management System (JAVA, Linux, Oracle) and
PEAK (force.com platform)
● Review application code and operating system vulnerability scans and
oversee remediation
● Wok with vendor development staff to develop application code
scanning process and to develop remediation plans.
● Assist the state with updating processes and procedures in support of
security plans for Federal Agencies (Social Security Administration, CMS
and IRS).
● Provide recommendations for software and hardware configurations to
support security standards and setting up a HW/SW asset license management
system.
● Assist the state with planning the migration of one major system to
new hardware and implementing the required controls.
● Participate in the definition and implementation of projects to
upgrade the systems and infrastructure to comply with revised standards for
security and privacy, including MARS E v 2.0 for CMS and publication 1075
for IRS and management of FTI data.
● Recommend changes to the process for planning and validating the
application of patches.
*Minimum Requirements:*
● Minimum of 3 years of experience in a system development environment,
JAVA
● Minimum of 1 year of experience with application code vulnerability
scanning
● Minimum of 3 years of experience developing and implementing
technical projects
● Minimum of 1 year experience with secure coding with hands on use of
an application code vulnerability scanning tool
● Clear Communicator (written and verbal)
● Experienced with using common business applications; such as, Google
Docs, Microsoft Office (Word, Excel), Microsoft Project
● Strong analytical and research skills using the Internet and other
tools
● Strong verbal communication skills and ability to facilitate a
planning session or meeting
● Understanding of data governance, including the security requirements
for PII, FTI, and PHI.
● Must be able to work independently and be proactive in reaching for
information
● Must be comfortable in an environment with change and many concurrent
projects
*Desired Experience:*
● Understanding of a government environment and data governance
● Experience in the application of commonly accepted concepts and
practices specific to the secure design and development of technical
documents
● Salesforce development
● Use of Veracode or other vulnerability scanning tool
-Protected Health Information ("PHI")
-PII is defined as a person’s first name or first initial and last name in
combination with one or more of the following data elements:
Social security number
*Description:*
Information security (IS) engineers will collect, review, evaluate and
interpret data; diagnose normal and abnormal patterns; develop and
implement security rules and policies; diagnose and troubleshoot problems;
solve problems; and design and implement solutions based on security
principals, best practice and existing technologies. Engineers may also
configure, maintain and install equipment; develop or modify source code;
write scripts; harden or secure applications or databases; or respond to
and resolve information security incidents depending on their area of
specialty. All engineering specialties may also plan, implement, evaluate,
review and status projects involving information security solutions in
their specialty area. They document their work or the work of others on
their projects.
Engineers must be able to clearly communicate and escalate problems, issues
and solutions to technical and non-technical audiences alike using verbal,
written and graphical communication. They must be able to work on
interdisciplinary teams to develop solutions that are integrated across
organizational and functional lines.
Note that the need for the resource is urgent and that the state is
prepared to select the first qualified candidate.
*Summary:*
The requested resource will develop and update project plans for the many
technical and security related projects that support the operation and
maintenance of the infrastructure for the Colorado Benefits Management
System and associated systems (CBMS). There is a potential future
opportunity to move into a permanent state position as a security
engineer/analyst
*Thanks,*
*Satyendra*
*949-201-4822 *201 *
*satyen...@monteksys.com* <u...@monteksys.com>
*[image: cid:288F3ECB-299B-400D-80D3-20F4925B9DD1] *
*18100 Von Karman Avenue, Suite 850, Irvine, 92612*
[image: cid:005D9ED9-74E6-476A-998C-47EDA68B8DC8]
*DISCLAIMER:* This message and any attachments are solely for the use of
the individual or entity to which it is addressed and may contain
information that is privileged or confidential. If you are not the intended
recipient, any disclosure, use or distribution of the information contained
herein is prohibited. If you have received this communication in error,
please notify the sender by reply e-mail and immediately delete this
message and any attachments. You may reply and send an email with "Not
Interested" in the subject line in order to discontinue communication.
--
You received this message because you are subscribed to the Google Groups
"SAP-UK" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sap-uk+unsubscr...@googlegroups.com.
To post to this group, send email to sap-uk@googlegroups.com.
Visit this group at https://groups.google.com/group/sap-uk.
For more options, visit https://groups.google.com/d/optout.
