I. DESCRIPTION OF SERVICES
Require a Security Analyst in a backfill position. Pay is up to $63 ph W-2 all inclusive or $69 ph all inclusive C2C.
Texas Administrative Code (TAC) 202 rules and the Texas Health and Human Services (HHS) enterprise policies require DADS to develop and maintain an Information Security Management Program consisting of agency policies, procedures, technical safeguards, incidents and risks assessment records, roadmap documents, executive reports; and training as well as awareness presentations. The Worker will be responsible for the creation, peer-review, or full maintenance of such artifacts on a routine basis.
DADS Information Technology has approximately 462 systems and sub-systems which need to be further examined for security protections under the direction of the DADS Information Security Officer (ISO). The Worker will perform individual Information Security Risk Assessments (SRA), present to and seek ISO approval, formally route to technical staff for removal of security deficiencies; and to Executive Management for presentation of risks, costs and justification of remediation. The Worker will conduct SRA for all high risk systems at least annually and for medium and low risk systems once biannually.
The Worker will review all assigned DADS Information Technology (IT) Standard Operating Procedures (SOP) pertinent to Information Security Office and revise prioritized SOPs and associated forms templates in coordination with fellow IT Security Analyst staff. Submits the ISO and Information Resource Manager (IRM) reviewed documents to the agency Business Operation Unit for final publication.
Daily, the Worker will perform systems analysis, data analysis, scheduled vulnerability assessments, and any assigned security monitoring, The Worker will review and complete DADS Information Security Incident records and Risk Assessment Reports effectively and timely reducing Information Security Office work backlog items. The Worker will review and document planned work using scheduling software or online calendars and update Status Reports. Work involves research of new and existing security technologies such as hardware, software or data networking components.
The Worker will be responsible for validation of existing documentation for information security issues and recording of security controls or deficiencies in the System Security Plans for targeted project, solution, environment, or automation facility.
The Worker is expected to work independently with latitude for the use of initiative and independent judgment.
All communication with internal and external staff will be respectful and professional. Communication with the ISO will be requested on sensitive and confidential topics before communicating with other parties.
The Worker is expected to work with assigned agency or external staff to develop required documentation, inspection reports, user validation spreadsheets, checklists or update the same following system modifications or other change.
The services to be provided include, but are not limited to, the following:
- Analyze current systems to validate accuracy and completeness of documentation.
- Fill in documentation gaps found by creating and updating technical and end user documentation of department reporting systems and data handling processes.
- Maintain excellent communication with supervisors through weekly status reports, participation in department staff meetings, and other forms as needed.
- Maintain polite and professional relationships with co-workers and support customers.
- Other duties as assigned.
II. WORKER SKILLS AND QUALIFICATIONS
8 years Experience in the IT industry
8 years Experience in Systems and Data Analysis
5 years Experience as a security analyst including performing security risk assessments.
4 years Demonstrated ability to work on complex technical problems, analyzing, evaluating, and recommending best practice methods and processes.
4 years Experience documenting technical systems
4 years Experience with end user reporting systems
4 years Experience with data integration
3 years Experience with MS/Office 2010 Suite, Project, Visio and SharePoint for producing documentation, forms and/or workflows.
Strong Working knowledge of scanning/penetration tools, network firewall technologies, Internet applications, E-Business, telecommunications and/or computer systems analysis.
Strong Working knowledge of Intra/Internet/Extranet security issues and architecture.
Strong Proven ability to work successfully with technical and non-technical groups, participate effectively on teams, and manage multiple responsibilities.
Strong Experience with MS/Office 2010 Suite, Project, Visio and SharePoint for producing documentation, forms and/or workflows.
Successful customer experiences in problem resolution using analysis, technical, and people skills, as appropriate
Excellent communication and team-playing skills
Graduation from an accredited four-year college or university with major course work in computer science, computer information systems, or management information systems.
Certified Information Systems Security Professional (CISSP).
1 Knowledge of IT environments in Texas State Government agencies
1 year Knowledge of Texas Health and Human Services programs
Strong Familiarity with complete software development life cycle from requirements gathering to design, testing, implementation and configuration management
Strong Ability to interact with a diverse level of staff to exchange and/or extract information
Demonstrated Understanding of: database security issues; data modeling, data structures, data migration/conversion
III. TERM OF SERVICE
Services expect to start as soon as possible and are expected to be completed by August 31, 2013. Total estimated Worker hours shall not exceed 1000 hours. This service may be amended, renewed, and/or extended providing both parties agree to do so in writing.
IV. WORK HOURS AND LOCATION
A. Services shall be provided during normal business hours unless otherwise coordinated through the DADS. Normal business hours are Monday through Friday from 8:00 AM through 5:00 PM, excluding State holidays when the agency is closed.
B. The primary work location(s) will be at 701 W. 51st Street, Austin, Texas.