Info Security Analyst - American Technology Consulting

HybridIndianapolis, INResource will works as an Information Security Analyst responsible for auditingand monitoring systems containing confidential information. This position isalso responsible for helping the organization manage its risks by monitoring theorganization’s IT systems for inefficiencies, inaccuracies, mismanagement, etc.Tasks will include assisting with the configuration of data, application,network, and IAAM logs; assisting with log reporting tools; and monitoringsystems for security problems. The position participates in all aspects of thetechnology audit and monitoring including the planning, control analysis,testing, issue development, and reporting phases. This position will alsoparticipate in all federal and state audits against DCS technology systems.Employee works in an Information Technology Division of a State Agency, theDepartment of Child Services (DCS-IT) under the guidance of the SecurityManager.The essential functions of this role are as follows:• Monitors and keep supervisor informed of status of information security andconfidentiality conditions, including problem areas and recommended enhancement;• Interfaces with user customers to understand their security needs andimplement procedures to accommodate them including training and assessment.• Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA)and remediating any findings; assists with creating and submitting reportsrelevant to security audits.• Develop information security policies and standards for protection ofinformation systems in compliance with state and federal requirements (e.g. IRS,SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53).• Develops Standard Operating Procedures (SOP) for implementing securitypolices;• Recommends appropriate security safeguards to be included during developmentof new information technology systems and legacy systems;• Ensures maximum utilization of computer hardware and software features tosecure automated systems and associated data;• Develops and implements procedures for use of information security managementsoftware;• Proposes information security software enhancements;• Performs periodic audits to assure security policies and standards are beingfollowed and are effective.• Develops recommendations for enhancements and generates reports wherenecessary;• Keeps abreast of new laws and changes affecting privacy standards, networksecurity, cloud security, remote access, and physical security;• Mentors and provides guidance to new or other staff as needed;• Performs related duties as assigned.• Assist on other task as assigned.Thorough knowledge of information security management tools, policies, andstandards of information security procedures;• Thorough knowledge of state and federal legislation and regulatory lawspertaining to information system security and privacy;• Thorough knowledge of software vulnerabilities, vulnerabilities scanningtools, and vulnerabilities remediation;• Familiarity with domain structures, user authentication, and digitalsignatures;• Ability to develop and maintain information security standards;• Ability to understand and apply complex computer logic to work;• Ability to work effectively with a wide range of information technologists,including systems administrators, technical support, application development,end users and management;• Experience in assessing security needs of teams and assist in their securitytraining.• Ability to communicate effectively both orally and in writing;• Ability to be a team member as well as a team leader depending on thesituation;• Degree in information security or technology preferred;• Security certification preferred (e.g. CISSP).• Network Admin experience preferred.Supervisory Responsibilities/Direct Reports:This role does not provide direct supervision to direct reports.