Security Spec- Compliance

Request ID:59859
Title:  Security Spec- Compliance
location: Raleigh, NC,USA

Job description:

Duties and Responsibilities: 

·                     Identify aggregate, report and escalate compliance risks, issues and control enhancements
·                     Respond to internal and external inquiries for information to clarify regulatory requirements; 
·                     Assist with development of processes to identify, quantify, analyze, and report on State Data Center Risk and Compliance status
·                     Update relevant policies to ensure they reflect regulatory requirements
·                     Implement and maintain attestation documentation sufficient to ensure compliance with Federal and State regulatory, legal, and functional related policies and procedures
·                     Assist in the execution of governance and management routines.
·                     Contribute to monitoring and testing of security controls, plans and related metrics.
·                     Configure, Operate and Maintain the statewide GRC tool
·                     Monitors risk mitigation and coordinates policy and controls to ensure that other business units are taking effective remediation steps
·                     Working knowledge of statistics & the ability to apply statistical techniques in evaluation designs & analysis. 
·                     Ability to supervise projects & give instructions to technical staff & consultants as needed.  
·                     Supports key business initiatives by identifying compliance risks and providing resolutions to manage these risks.
·                     Serves as a resource regarding compliance impact on matters such as agency business risks.
·                     Leads and reviews application security risk assessments for new or updated internal or third party applications
·                     Collaborate with broad group of stakeholders to ensure compliance with State and Federal policies and standards.
·                     Serves in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensures that security controls are implemented as planned
·                     Participate in other Security & Compliance projects as required

Required skills:

o   Enterprise level Governance, Risk, and Compliance (GRC) software platform administration experience
o   Enterprise level NIST Risk Management Framework experience
o   Enterprise level Risk Assessment and RMF Governance experience
o   Experience in securing HIPAA, IRS, PII, PCI and other Federal Data types
o   Enterprise level experience with Security Controls Implementation
o   Experience working with Enterprise Audit and 3rd party assessment teams
o   Enterprise level IBM OpenPages Experience
o   CISSP or equivalent certification

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

we are urgently looking for proposal writer  who can writer proposals for USA state and Federal agencies for staffing and Technical RFP's. with 1-2 years of experience. if interested please share contact details or can you please refer if any if your friends. 

location : panjagutta, hyderabad

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file