Job Description:
- Services will collaborate with cross-functional teams to gather necessary information for the creation and maintenance of SSPs and ensure that security controls are properly documented and implemented to mitigate identified risks.
- Services will conduct security assessments to evaluate the effectiveness of implemented security controls.
- Services will also be involved with updating IT security policies & procedures, participating in the audits, assisting team with compliance security & risk assessment and working with team to remediate findings.
- Deep understanding of NIST standards (8-10 years)
- Developing comprehensive System Security Plans (SSPs) in accordance with NIST Special Publication 800-53 (8 Years)
- Conducting security assessments to evaluate the effectiveness of implemented security controls (8 Years)
- Technical Writing
- Understanding of IRS 1075, SSA security, or other regulatory requirements
- Experience with creating, maintaining IT policy and procedures
- CISA (Certified Information Systems Auditor) or CISSP (Certified Information Systems Security Professional) preferred