Our organization is looking for an experienced Enterprise Architect / Security Support for a (12+ months) position in Eagan, MN. Please see the below job description and if interested submit a current resume.
1. Job Title: Enterprise Architect / Security Support(US Citizen or Green Card)
2. Job Location: Eagan, MN
3. Job Duration: 12+ months
4. Assignment Type: 1099, C2C
5. Pay Rate: Negotiable
6. Special Requirements: security, c&a, pci, cissp, cap, csslp, risk assessment, plans, st&e, enterprise, pci
Duties and Responsibilities:
- Provide both Enterprise IT and Security Certification and Accreditation guidance to several systems and applications
- Facilitate initial briefings and subsequent meetings with business leaders, technical development staff and project resources
- Coordinate the completion of a BIA for each information resource.
- Work with the Privacy Office on privacy-related requirements.
- Recommend security requirements to executive sponsors and portfolio managers during the BIA process based on generally accepted industry practices, the operating environment [e.g., hosted in the de-militarized zone (DMZ)], and the risks associated with the information resource.
- Provide guidance on how information resources are vulnerable to threats, what controls and counter measures may be appropriate, and the C&A process.
- Review and evaluate C&A documentation, including the BIA, Risk Assessment, Security Plan, Security Test and Evaluation (ST&E) plan and report, and independent reviews of the information resource.
- Prepare the C&A Evaluation Report.
- Escalate security concerns or forwarding the C&A Evaluation Report and supporting C&A documentation package to the certifier.
- Enterprise architect skills or application architecture skills
- Understanding of business functional areas and how they interact with enterprise systems
- Understanding of Information Technology and the various Security elements associated with protecting systems against vulnerabilities
- Technical background in application development, database, and system design
- Experience with enterprise integration, testing and project methodologies
- A thorough understanding of the Information Resource Security Certification and Accreditation (C&A) processes
- Managed the end-to-end C&A process for Business Applications and Infrastructure Systems
- Knowledge and experience with managing Payment Card Industry (PCI) applications through the C&A process
- Has familiarity with the following information security functional areas:
o Assessment of sensitivity and criticality
o Configuration and change control
o Risk assessment methodology
o Secure software development
o Security code review standards
o Business continuity management
o Hardware security
o Software security
o Network security
o Perimeter protection
o Connectivity management
o Remote access management
o Ongoing testing of controls
o Secure enclaves
o Virus and malicious code protection
o Intrusion detection and prevention
o Penetration testing
o Vulnerability scans and audit
o Incident management
a. Certified Information Systems Security Professionals (CISSP)
b. Certified Authorization Professional CAP)
c. Certified Secure Software Lifecycle Professional (CSSLP)