Information Resource Group, Inc.
ONLY W2: Security Analyst with IBM System 390/zSeries: Onsite from Day 1 in Colu
Information Resource Group, Inc., Columbia, South Carolina, us, 29228
Title: Security Analyst (ONLY W2)
Duration: 12 Months (Possibility of extension)
Location: Columbia, SC 29201 (Onsite from Day 1)
No. of Hours/Week: 40
Position Overview The Senior Information Systems Security Officer (ISSO) will lead and participate in day-to-day security, risk, and compliance activities for complex information systems. The role focuses on implementing, maintaining, and enhancing security and compliance programs aligned with federal and state policies and regulatory frameworks including FISMA, NIST, CMS MARS-E, and HIPAA.
Reporting Structure Reports to the ISSO Team Lead within the Office of Cybersecurity.
Key Responsibilities Security Program & Compliance Responsibilities
Lead and support security, risk, and compliance activities for information systems.
Develop, maintain, and assess RMF and A&A artifacts including:
System Security Plans (SSPs)
Privacy Impact Assessments (PIAs)
Interconnection Security Agreements (ISAs)
Computer Matching Agreements (CMAs)
Support and participate in audit, assessment, and authorization activities.
Integrate RMF/A&A processes into the System Development Life Cycle (SDLC).
Serve as the primary point of contact for third-party audits and assessments.
Risk Analysis & Architecture Review
Perform detailed architectural and risk reviews related to:
Network design and information flow
System and data access models
Firewall rule requests (ports, protocols, services)
Configuration management deviation requests
Vulnerability management
Audit, Assessment & Documentation
Audit and assess internal systems and external partner systems.
Review security and compliance aspects of:
Contracts
Business Associate Agreements
Data usage and data sharing agreements
Document findings using tools such as Microsoft Office, System Center Service Manager, Archer eGRC, Bizagi, and Atlassian products.
Collaboration & Advisory
Act as a cybersecurity consultant to leadership, business units, vendors, and stakeholders.
Provide security and compliance risk mitigation recommendations.
Collaborate across multiple teams and vendors to support cybersecurity initiatives.
Required Skills
5 years of IT experience working with and/or auditing:
IBM System 390/zSeries
Windows and Linux systems
Relational and non-relational databases
Networking infrastructure
Web-based applications
Prior experience working within a FISMA-compliant program
Prior experience working with eGRC systems
Preferred Skills
Prior ITIL experience in the area of Information Security Management
Required Education & Certifications
ISC(2), ISACA, SANS GIAC, or other Information Security certification (required)
Preferred Education
Bachelor’s degree in a related field
OR
10 years of experience in the field or a related area
#J-18808-Ljbffr
Position Overview The Senior Information Systems Security Officer (ISSO) will lead and participate in day-to-day security, risk, and compliance activities for complex information systems. The role focuses on implementing, maintaining, and enhancing security and compliance programs aligned with federal and state policies and regulatory frameworks including FISMA, NIST, CMS MARS-E, and HIPAA.
Reporting Structure Reports to the ISSO Team Lead within the Office of Cybersecurity.
Key Responsibilities Security Program & Compliance Responsibilities
Lead and support security, risk, and compliance activities for information systems.
Develop, maintain, and assess RMF and A&A artifacts including:
System Security Plans (SSPs)
Privacy Impact Assessments (PIAs)
Interconnection Security Agreements (ISAs)
Computer Matching Agreements (CMAs)
Support and participate in audit, assessment, and authorization activities.
Integrate RMF/A&A processes into the System Development Life Cycle (SDLC).
Serve as the primary point of contact for third-party audits and assessments.
Risk Analysis & Architecture Review
Perform detailed architectural and risk reviews related to:
Network design and information flow
System and data access models
Firewall rule requests (ports, protocols, services)
Configuration management deviation requests
Vulnerability management
Audit, Assessment & Documentation
Audit and assess internal systems and external partner systems.
Review security and compliance aspects of:
Contracts
Business Associate Agreements
Data usage and data sharing agreements
Document findings using tools such as Microsoft Office, System Center Service Manager, Archer eGRC, Bizagi, and Atlassian products.
Collaboration & Advisory
Act as a cybersecurity consultant to leadership, business units, vendors, and stakeholders.
Provide security and compliance risk mitigation recommendations.
Collaborate across multiple teams and vendors to support cybersecurity initiatives.
Required Skills
5 years of IT experience working with and/or auditing:
IBM System 390/zSeries
Windows and Linux systems
Relational and non-relational databases
Networking infrastructure
Web-based applications
Prior experience working within a FISMA-compliant program
Prior experience working with eGRC systems
Preferred Skills
Prior ITIL experience in the area of Information Security Management
Required Education & Certifications
ISC(2), ISACA, SANS GIAC, or other Information Security certification (required)
Preferred Education
Bachelor’s degree in a related field
OR
10 years of experience in the field or a related area
#J-18808-Ljbffr