Epicareer Might not Working Properly
Learn More

IT Security Analyst with GRC

Salary undisclosed

Apply on

Availability Status

This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.


Original
Simplified
Hello, Hope you are doing great!!! Please have a look at the below requirement and let me know if you are comfortable with the position ASAP with your updated word resume.
Role: IT Security Analyst
Location:Richmond, VA (Hybrid)
*Inperson interview is mandatory
Contract on c2c
Job Description:
The IT Security Analyst supports the VDOT Information Security mission by implementing results-
oriented strategic approaches, plans, programs, and procedures. This position will focus on security
analysis for our procurement teams. They will ensure that Commonwealth of Virginia Information
Security Policies and Standards are followed by the Agency. The broad areas of responsibility for this
position include identity and access management, System and services acquisition review, IT risk
management, business continuity and IT disaster recovery planning, security awareness education and
training, security vulnerability management and security incident management.
Responsibilities:
Documents processes and script narratives/executive summaries.
Create Business focused documentation for circulation among readers with various technical
understanding.
Share insight of Information security and IT procurement approaches and implementation
methodologies
Research and provide written guidance on alignment with security policies/standards.
Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and procurement
recommendations.
Collaborate with Business areas and cross- functional Procurement Analysts or Enterprise Architects to
fully understand business needs and provide strategic consultation on security and risk-averse
acquisition.
Partner with architects, other technical team members to develop roadmaps and strategies to support
agency KPIs
Consult with teams as needed on initiatives and provide tactical direction as well as provide
considerations on legacy solutions as they are replaced.
Qualifications:
Comprehensive knowledge of Information Security principles; including information security trends,
emerging technologies, best-practices, controls, models, architecture, etc.
Practical experience with identity and access management, services and software acquisition or
procurement, IT risk management, business continuity and IT disaster recovery planning, security

awareness education and training, security vulnerability management, and security incident
management.
Familiarity with the Commonwealth of Virginia s Information Security Standards and/or the National
Institute of Standards and Technology Publication 800-53.
Able to communicate effectively in writing and orally, exercise judgment, interpret laws and policies,
and maintain effective working relationships with a wide variety of individuals in both the public and
private sectors.
Experience in monitoring IT environments for compliance with information security architecture
policies and standards.
Ability to provide input and security direction for future designs, information security capabilities, and
strategic technology alternatives.
Excellent written and oral communication and presentation skills (possessing the ability to break down
complex technical terms into everyday language).
Demonstrated ability to work with broad cross-section of personnel including all levels of management
and external entities (such as other agencies), consultants and service providers to explain security
measures and collaborate and disseminate security related information in partnership with the Office of
Information Security.
Work experience in a fast-paced environment and acquire new skills/knowledge to meet customer
needs.
Required / Desired Skills Required /Desired Amount of Experience
Knowledge and application of security best practices Required Proficient/SME
Experience in Security review/risk analysis Required Proficient/SME
Knowledge of IT Procurement Required Proficient
Experience in business writing and presenting Required Proficient
Educational or Career Experience in Cybersecurity,
Government technology implementation, IT Governance or
related field(s). Required Proficient/SME
Thanks & Regards
Praveen Kumar
SR IT Recruiter
Direct:
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job