Direct Client Rek for Business/Information Security Analyst

Business/Information Security Analyst   Primary Skill Experience defining, revising, and implementing information security policies, standards, and procedures for risk mitigation,NIST, GAPP, and/or CJIS security requirements for IT  Interview   FACE to FACE Bill Rate Competitive  Location Lansing, Michigan  Duration 1+ Year  # of Positions 1  Description Develops risk policies and procedures per policy framework. Ensures all technical, management, and operational controls are in-place to maintain an acceptable risk level for assigned systems. Liaison between IT and client. Relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, a wide degree of creativity and latitude is expected. Develops and implements risk policies, standards, and procedures (PSP) per applicable privacy and security framework to address audit gaps. Provides risk and compliance related support to the Security Accreditation Process Team and client Information Security Officer (ISO) in best aligning policies/procedures with relevant Plan of Actions and Milestones (POA&M). Reviews, analyzes and identifies opportunities and leads changes to PSP to reduce policy burden on enterprise and increase the proper alignment across the agency. Properly manages potential policy changes and impacts, risk- based recommendations, and relevant resolution/mitigation plans. Facilitates cross-functional team meetings to best reach agreement on the most effective and sustainable PSP in various risk and compliance areas. Communicates and socializes Security policy and risk management throughout the organization and gather feedback where appropriate. Manages the processes to streamline PSP. Reviews, analyzes, and evaluates business systems and user needs. Formulates systems to parallel overall business strategies. Experienced with business process reengineering and identifying new applications of technology to business problems to make business more effective. Familiar with industry standard (including Legacy, Core, and Emerging technologies), business process mapping, and reengineering. Prepares solution options, risk identification, and financial analyses such as cost/benefit, ROI, buy/build, etc. Knowledge of commonly-used concepts, practices, and procedures within a particular field. Familiar with relational database concepts, and client-server concepts. Relies on limited experience and judgment to plan and accomplish goals. Performs a variety of tasks. Works under general supervision. A certain degree of creativity and latitude is required.   Skill Matrix PLEASE FILL THE SKILL MATRIX TABLE AVAILABLE COLUMN WITH YOUR NUMBER OF YEAR WISE EXPERIENCE SKILL YEARS USED AVAILABLE Experience defining, revising, and implementing information security policies, standards, and procedures for risk mitigation. 4 Years Required Experience in Information Security, Information Technology, Compliance or Risk Management. 4 Years Required Knowledge of NIST, GAPP, and/or CJIS security requirements for IT. 2 Years Required Practical experience with the basic tenets of security risk management (threat mgmt., vulnerability mgmt., and risk treatment). 2 Years Required Demonstrated ability to translate information security risks or other IT concepts into language easily understood by a non-technical audience. 10 Years Required Experience with drafting requirement traceability matrices and test plans for requirement validation. 5 Years Desired Skilled with IT process/methodology (e.g. ITIL, COBIT, LEAN, Six Sigma, CMM) and experience implementing processes and methodologies 4 Years Required Experience with Joint Application Development (JAD) session facilitation 10 Years Required Excellent written communication and customer-facing verbal communication skills. 12 Years Required Demonstrated ability to coordinate/manage initiatives from end-to-end with minor supervision. 10 Years Required Experience with issue tracking tools (e.g. TFS, JIRA, Bugzilla). 4 Years Required
Reference : Direct Client Rek for Business/Information Security Analyst jobs

source http://cvwing.com/jobs/technology/direct-client-rek-for-businessinformation-security-analyst_i3443