|
|||||
<
/td>
|
Job Description: Position Titile: JR. Informaiton Security AnalystLocation: Towson, MD Status: Green Card Clearance: None Performs all procedures necessary to ensure the safety of information systems assets and to protect systems, networks, and data from unauthorized access or destruction. DUTIES/RESPONSIBILITIES: -Interpret security and privacy policies, regulations, contractual obligations, and standards into security control requirements and assess environments against those requirements. -Review existing configurations to ensure compliance with security hardening standards. -Assess and communicate the ongoing security and privacy posture of GDIT program and shared service environments. -Work with stakeholders to improve information security and privacy controls and to remediate risk issues. -Participate in information security audit activities originating from third parties. -Participate in data masking activities -Perform periodic and on-demand system audits and vulnerability assessments to determine compliance and work with stakeholders to drive remediation efforts. -Participate in computer security incident response activities, including incident identification and investigation, containment and remediation, reporting, and post-incident analysis. -Assist with the design and implementation of counter-measures or mitigating controls. -Maintain current knowledge of relevant technology as assigned. Participate in special projects as required. Education: Bachelor's Degree in Information Assurance or a related technical discipline, or the equivalent combination of education, professional training or work experience. Expereince: 2-5 years of related experience in data security administration. Skills: -Working knowledge of the HIPAA Security and Privacy Rules -Working knowledge of security and privacy standards, not limited to but including one: HITRUST CSF, FISMA, CMS ARS, and NIST 800 Series. -Administration experience with Informatica Power Center and Informatica Test Data Manager is desired. -Knowledge of security controls related to Active Directory, virtualization, databases, web servers, firewalls, Windows, UNIX, and Linux is preferred. -Information security certification such as CISSP, CISM, or GSEC is preferred. -Privacy certification such as CIPP or CIPT preferred.
An Equal Opportunity Employer M/F/D/V |
||||||||||||||
|
||||||||||||||
|
