20 Aug
IT Security and Compliance Engineer
Iowa, Walnut , 51577 Walnut USA

Vacancy expired!

Job Role: IT Security and Compliance Engineer

Location: Walnut, IA

Employment Type: Long-term Contract

Job Description

The IT Security and Compliance Engineer creates or updates security and privacy documentation according to NIST SP 800-53 Rev 4 requirements, including system security plans, security reports, and privacy assessments.The engineer works with department subject matter experts (SMEs) to develop and document control implementation descriptions that meet or exceed the security-control compliance requirements. The engineer develops policies and procedures based on security-control implementations for each business unit and system component in scope of the system boundary. The engineer inputs and maintains security-controls and associated artifacts in the organization’s Governance, Risk and Compliance (GRC) system. The IT Security and Compliance Engineer performs other tasks as assigned, such as updating diagrams, taking screen captures for insertion into documentation, and planning documentation schedules to meet defined project milestones. The engineer should be comfortable working independently with guidance from a project manager and amongst a team.

Responsibilities:
  • Create or update the System Security Plan (SSP), System Security Plan (SSP) Workbook, IRS Safeguard Security Report (SSR), Privacy Impact Assessment (PIA), Information Security Risk Assessment (ISRA), Computer Matching Agreement (CMA), Information Exchange Agreement (IEA), and Interconnection Security Agreement (ISA)
  • Develop new or update current policies and procedures to meet federal requirements
  • Coordinate with department subject matter experts on all aspects of policies and procedures
  • Consider risk mitigation and remediation when drafting policies and procedures
  • Maintain security controls catalog and associated artifacts in department GRC
  • Gather documentation and evidence to support new and revised policy and procedures for independent security controls assessments, and third party penetration tests
  • Adhere to documentation plans and schedules
  • Achieve and maintain relevant knowledge on organization’s mission and information system structure
  • Maintain consistency in tone and style.
  • Manage updates and revisions to existing documentation.
  • Resolve reported documentation issues.
  • Identify new documentation needs or opportunities.
  • Collaborate with team on meeting security and privacy requirements
  • Participate in other security and compliance projects as needed.

Needed Soft Skills:
  • Time management skills with the ability to operate under short deadlines
  • Self-starter with minimal management supervision
  • Ability to work under pressure and manage fluctuating workloads
  • Work in a team setting
  • Ability to gain consensus
  • Maintain confidentiality
  • Excellent written and verbal communication skills
Candidates must bring samples of policies and procedures they have developed to interview. Looking forward to working with you.

Vacancy expired!


Report job