Robert Half Lansing, MI - IT - DTMB - Agency Services - MDOT - IT Sec... in LANSING, Michigan
We are recruiting for an IT Security Analyst for a long term contract in the Lansing, MI area. This is a hybrid role that requires 2 days onsite per week. The IT Security Analyst is responsible for completing and maintaining system security plans (SSP) for new and existing systems. The system security plans are documented in the Governance, Risk, Compliance (GRC) tool. This requires close coordination with IT project teams, business and enterprise security representatives, and product owners, to establish and maintain processes and controls for security vulnerability remediation. Typical job duties include, but are not limited to the following:
· Create system security plans (SSP) for new applications in alignment with the Secure Application Development Life Cycle (SADLC)
· Maintain SSPs for existing applications requiring authority to operate (ATO) and those facing software and/or hardware enhancements.
· Collaborate with business representatives to establish system registration.
· Identify security testing and system scanning requirements.
· Analyze risk assessments and provide mitigating actions and responses for technical controls.
· Continuously monitor plans of action and milestones (POAM) and corrective action plans (CAP) as they relate to the SSPs in collaboration with the Enterprise Information Management (EIM) office.
· Validate respective SSPs to ensure NIST control requirements are met.
· Author recommendations associated with your findings on how to improve the customer’s security posture in accordance with PSP & NIST controls.
· Assist team members and vendors with proper artifact collection to satisfy assessment requirements.
The ideal candidate will possess a combination of the following skills and experiences:
· Experience in the IT industry analyzing and applying information security principles and practices
· Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems
· Experience analyzing the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3,4 or 5, and 800-53A Revision 1.
· Experience with other Security Frameworks (ISO, PCI, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements is a plus Nice to have
· CISSP, CISA, PMP and/or Security+ certification Nice to have
· Experience working with software vendors to implement security controls Nice to have
· Experience using Lockpath or similar GRC tool Nice to have
· Experience working independently and in a team environment
· Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
· Ability to collaborate on multiple projects/efforts at a given time
· Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change
Technology Doesn't Change the World, People Do.®
Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.
Robert Half puts you in the best position to succeed by advocating on your behalf and promoting you to employers. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity – even on the go. Download the Robert Half app (https://www.roberthalf.com/mobile) and get 1-tap apply, instant notifications for AI-matched jobs, and more.
Questions? Call your local office at 1.888.490.4429. Robert Half will consider qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. All applicants applying for U.S. job openings must be authorized to work in the United States. Benefits are available to temporary professionals. Visit https://roberthalf.gobenefits.net/ for more information.