Request ID:59859
Title: Security Spec- Compliance
location: Raleigh, NC,USA
Job description:
Duties and Responsibilities:
· Identify aggregate, report and escalate compliance risks, issues and control enhancements
· Respond to internal and external inquiries for information to clarify regulatory requirements;
· Assist with development of processes to identify, quantify, analyze, and report on State Data Center Risk and Compliance status
· Update relevant policies to ensure they reflect regulatory requirements
· Implement and maintain attestation documentation sufficient to ensure compliance with Federal and State regulatory, legal, and functional related policies and procedures
· Assist in the execution of governance and management routines.
· Contribute to monitoring and testing of security controls, plans and related metrics.
· Configure, Operate and Maintain the statewide GRC tool
· Monitors risk mitigation and coordinates policy and controls to ensure that other business units are taking effective remediation steps
· Working knowledge of statistics & the ability to apply statistical techniques in evaluation designs & analysis.
· Ability to supervise projects & give instructions to technical staff & consultants as needed.
· Supports key business initiatives by identifying compliance risks and providing resolutions to manage these risks.
· Serves as a resource regarding compliance impact on matters such as agency business risks.
· Leads and reviews application security risk assessments for new or updated internal or third party applications
· Collaborate with broad group of stakeholders to ensure compliance with State and Federal policies and standards.
· Serves in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensures that security controls are implemented as planned
· Participate in other Security & Compliance projects as required
Required skills:
o Enterprise level Governance, Risk, and Compliance (GRC) software platform administration experience
o Enterprise level NIST Risk Management Framework experience
o Enterprise level Risk Assessment and RMF Governance experience
o Experience in securing HIPAA, IRS, PII, PCI and other Federal Data types
o Enterprise level experience with Security Controls Implementation
o Experience working with Enterprise Audit and 3rd party assessment teams
o Enterprise level IBM OpenPages Experience
o CISSP or equivalent certification
we are urgently looking for proposal writer who can writer proposals for USA state and Federal agencies for staffing and Technical RFP's. with 1-2 years of experience. if interested please share contact details or can you please refer if any if your friends.
location : panjagutta, hyderabad