Job Posting for Security consultant at NextRow Digital
Resource Title : Data SecurityConsultant
Location : St Paul MN(Remote)
Duration : Long Term Contract
Sample Tasks
Assist withevaluation of architecture interfacing with otherstate / federal / local systems.
Assist withassessing the security of any equipment needed.
Assist with the evaluation of data integrity and datasecurity.
Assist with ensuring all backgroundcheck compliance is met for all project team members.
Assist with creating procedures to ensure the properaccess rights are granted.
Assist in buildingUser Acceptance Testing (UAT) scenarios to ensure securityrequirements are properly tested and documented.
Assist with architecture reviews of allenvironments.
Assist with the evaluation andtesting of disaster recovery plans.
Assistwith the development of change management processes and procedureprojects.
Provide written documentation andrecommendations.
Review agency networkdiagrams and access control lists (ACL) for compliance with FBICJIS Security Policy and BCA CJDN Security Policy.
Work with DVS staff review IT security auditdocumentation from local agencies which access DVS systems and datato determine compliance with FBI CJIS Security Policy and BCA CJDNSecurity Policy requirements.
Providetechnical guidance principles standards and best practices to guidecriminal justice agency infrastructure design and systemimplementations to comply with FBI CJIS Security Policy and BCACJDN Security Policy.
Perform technicalanalysis of vendor solutions to assess compliance with FBI CJISSecurity Policy and BCA CJDN Security Policy.
Audit identity and access management to assure they areproperly managed and maintained for all systems utilized to accessdrivers license and motor vehicle registration data;
and recommendremedial action when required.
Audit thedrivers license and motor vehicle systems for PCI compliance; andrecommend remedial action when required.
Workwith DPS agencies and other government entities to ensure driverand vehicle data is accessible for utilization for mission criticalfunctions while maintaining all security requirements.
Access public government data to the extent allowable bylaw including data in the States possession that would otherwise beclassified as not public under Minnesota Statutes section13.82.
Analyze security needs for all DVSprojects DVS systems and systems that interface with DVSsystems.
Transition and train new DVS securitystaff for duties including :
Deputy Registrar Security
IdentityAccess Management (AIM)
PCICompliance
Policy Auditing
DVS securities and LASO duties
DVSSecurities duties will include :
DeputyRegistrar Security
PCI Compliance
PolicyAuditing
Physical Security ofFacilities
Fraud and Investigations
ADLMV Management
TechnicalReview / Architect
TheLASO duties will include :
Identify who isusing the CSA approved hardware software and firmware and ensure nounauthorized individuals or processes have access to thesame.
Identify and document how the equipmentis connected to the state system.
Ensure thatpersonnel security screening procedures are being followed asstated in FBI CJIS Security Policy and the MNJIS 5002policy
Ensure the approved and appropriatesecurity measures are in place and working as expected.
Support policy compliance and ensure the CSA ISO ispromptly informed of security incidents.
Conduct an annual audit of CJIS compliance and trackremediation efforts on any items found
Maintaining CJIS compliant networkarchitecture
Properly vetting all individualswith access to DVS physical and logical resources through theaccess control systems and best IAM practices
Properly vetting all software and hardware vendors forCJIS compliance
Working closely with MN.IT toutilize enterprise resources when possible and involving MN.IT onall technical projects
Active involvement inall data access requests that may contain CJI to ensure CJI isprotected accordingly
Work through vendoragreements to ensure all security requirements are met orexceeded
Reviewing MN.IT scans of DVSresources and monitoring identified vulnerabilities and remediationefforts
Provide knowledgetransfer.
Desired Skills
Six (6) years experience in a securityarchitect or engineer role.
Three (3) yearsexperience in network engineering including firewallmanagement.
Experience with the design andimplementation of information systems in organizations with morethan 50 people with an emphasis on data network and infrastructuresecurity.
CISSP or GIACcertification.
Comprehensive knowledge ofhardware software application and systems engineering.
Broad knowledge of database systems webbased technologiesand network security.
Systems thinking theability to see how parts interact with the whole (big picturethinking).
Knowledge of IT governance andoperations.
Interpersonal and leadershipskills servant leadership collaboration facilitation andnegotiation skills.
Communication skills bothwritten and verbal.
Ability to explain complextechnical issues in a way that nontechnical people mayunderstand.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
Sign up to receive alerts about other jobs that are on the Security consultant career path.
Click the checkbox next to the jobs that you are interested in.
Sign up to receive alerts about other jobs with skills like those required for the Security consultant.
Click the checkbox next to the jobs that you are interested in.