Apply on Employer Site

QUANTALEAP · 1 month ago

IT Security Analyst 3

Richmond, VA, VA

Full-time, Contract

Hybrid

Mid Level

QUANTALEAP is seeking to fill the IT Security Analyst 3 position within the Virginia Department of Transportation. The role involves supporting the Information Security mission by implementing strategic approaches, ensuring compliance with security policies, and managing risks across various IT domains.

Information Technology & Services

Responsibilities

Documents processes and script narratives/executive summaries

Create Business focused documentation for circulation among readers with various technical understanding

Share insight of Security Architecture and IT Governance approaches and implementation methodologies

Research and provide written guidance on alignment with security policies/standards

Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and exception documentation

Collaborate with Business areas and cross- functional Enterprise Architects to fully understand business needs and provide strategic consultation on data security and risk-averse implementation

Partner with architects, other technical team members and to develop roadmaps and strategies to support agency KPIs

Design/Implement Enterprise Security/technology Patterns

Consult with teams as needed on initiatives and provide tactical direction as well as provide architecture considerations on legacy solutions

Research and share finding of architecture governance, controls, and peer review processed with regards to platform technology, security, and cloud

Qualification

Information Security principlesIdentityAccess ManagementIT Risk ManagementSecurity Incident ManagementCloud-based technologiesArtificial IntelligenceVulnerability ManagementCommunication skillsBusiness continuity planningSecurity awareness educationCollaboration toolsTechnical documentation

Required

Comprehensive knowledge of Information Security principles; including information security trends, emerging technologies, best-practices, controls, models, architecture, etc

Practical experience with identity and access management, IT risk management, business continuity and IT disaster recovery planning, security awareness education and training, security vulnerability management, and security incident management

Familiarity with the Commonwealth of Virginia's Information Security Standards and/or the National Institute of Standards and Technology Publication 800-53

Able to communicate effectively in writing and orally, exercise judgment, interpret laws and policies, and maintain effective working relationships with a wide variety of individuals in both the public and private sectors

Experience in monitoring IT environments for compliance with information security architecture policies and standards

Substantial technical experience in 2 or more: Cloud-based technologies, Artificial Intelligence, Machine Learning, Identity & Access Management, Vulnerability Management, firewalls, computer forensic techniques, databases, collaboration tools, web & mail services

Ability to provide input and security direction for future designs, information security capabilities, and strategic technology alternatives

Excellent written and oral communication and presentation skills (possessing the ability to breakdown complex technical terms into everyday language)

Demonstrated ability to work with broad cross-section of personal including all levels of management and external entities such as VITA consultants and service providers to explain and security measures and collaborate and disseminate security related information in partnership with the Office of Information Security

Work experience in a fast-paced environment and acquire new skills/knowledge to meet customer needs

Thorough understanding of customers priorities and the business criticality of platforms, applications and services