Cyber Security Analyst Information Technology (IT) - Annapolis, MD at Geebo
Scams & Shams AdWatch Home

Annapolis, MD   change location

Annapolis, MD

Enter a City:
Previously visited locations:
United States;
SearchorPost
Geebo » Annapolis, MD » Employment » Information Technology (IT)

Cyber Security Analyst


Job Description:
Provide consulting services to perform a cybersecurity risk assessment of the current information security controls and practices at the client location, including a review of the vulnerability management program.Minimum
Qualifications:
The Offeror, either through its own performance, or the performance of the Key Personnel identified in this Small Procurement, must have five (5) years of experience performing cybersecurity risk assessments of similar size and scope1.Offeror shall conduct a cybersecurity risk assessment as follows:
a. Measure the client's implemented controls and practices against the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) control categories including:
(1) NIST CSF categorical controls and standards to assess organizational maturity. i Govern, ii Identify, iii Detect, iv Protect, v Respond, and vi Recover. (2) Use of Capability Maturity Model Integration (CMMI) rating definitions when scoring controls as follows:
i 0 - Non-Existent, ii 1 - Performed, iii 2 - Managed, iv 3 - Defined, v 4 - Measured, and vi 5 - Optimized. (3) Controls in NIST 800-53 and NIST 800-171. (4) Review of NIST CSF assessment data from previous years to measure year-over-year performance. b. Offeror shall use a combination of the following techniques/methodology to complete the assessment:
(1) Staff/personnel interviews,(2) Questionnaires, (3) Requests for documentation, (4) Specific supporting evidence, (5) Workbooks, (6) Reports, and (7) Other pertinent information relevant to the assessment. c. If NIST assessment requirements or control frameworks are modified during the course of this cybersecurity assessment, the Offeror shall update the assessment to include any new/modified requirements or control frameworks. If the modifications require a modification to the level-of-effort by the Offeror, the AOC will work with the Successful Offeror on a mutually agreeable change order2. Offeror shall conduct a review of the Vulnerability Management Program processes, procedures, and scanning platform including the following:
a. Vulnerability scans, b. Frequency of the scans, c. Procedures to identify and report on vulnerabilities, systems, and networks to be scanned, d. The types of vulnerabilities to be assessed, e. How the vulnerabilities are ranked, f. Vulnerability exclusions, and g. Access restrictions. 3. Offeror shall provide the requested services by utilizing one (1) or more than one (1) key personnel with demonstrated knowledge of and experience with conducting cybersecurity assessments against NIST Cybersecurity Frameworks of organizations of similar size and scope. The AOC prefers key personnel with the following skills, experience, and capabilities:
a. Demonstrated background and expert knowledge and experience in information security, risk management, security compliance and project management in a large-scale enterprise environment. b. Ability to:
(1) Understand the Judiciary's technical and business environment and have working knowledge of security standards, an in-depth knowledge of applicable laws and regulations as they relate to security, experience with business continuity, disaster recovery, auditing, risk management, and vulnerability assessments. (2) Communicate effectively with all levels of Judiciary staff, management, and executive management both orally and in writing and effectively tailoring the communication to the needs and experience of the intended audience. (3) Interface effectively with internal and external auditors. Excellent interpersonal skills. High degree of professionalism and personal integrity. (4) Maintain high level of confidentiality. (5) Work well under pressure and with a high degree of independence. (6) Assess potential problems and make sound judgments around issues that may have an adverse effect on the Judiciary. (7) Effectively set and manage priorities. c. Critical thinking skills with strong attention to detail and follow up. d. Leadership and management skills to include team building, collaboration, problem- solving, deductive reasoning and negotiation. e. Self-motivated and directed. f. Skilled in handling sensitive documentation, situations, and people. g. Analytical, organized, and attention to detail. Recommended Skills Analytical Assessments Attention To Detail Business Continuity Capability Maturity Model Integration Confidentiality Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.

Continue

Don't Be a Victim of Fraud

  • Electronic Scams
  • Home-based jobs
  • Fake Rentals
  • Bad Buyers
  • Non-Existent Merchandise
  • Secondhand Items
  • More...

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.
© 1999-2024 Geebo, Inc. All Rights Reserved - Contact: 888-439-3113
About | Blog | Contact | Privacy Policy | Terms of Use | California Privacy Notice | Do not sell my personal info