Job Title: Security Consultant
Location:Remote
Contract role(Parttime)
Theclient is seeking a resource to conduct comprehensive audits ofdata systems including its infrastructure policies and proceduresto assure: 1) all data meets or exceeds federal Criminal JusticeInformation Services (CJIS) security guidelines; 2) are PaymentCard Industry (PCI) compliant; and 3) meet or exceed current bestpractices regarding drivers license and motor vehicle datasecurity; and to serve as a Local Agency Security Officer (LASO)for DVSs use of CJIS.
At ahigh level the resource will act as the primary informationsecurity contact between DVS and the CJIS System Agency (CSA) underwhich DVS interfaces with the Federal Bureau of Investigation (FBI)CJIS Division and the Minnesota Bureau of Criminal Apprehension(BCA). The Local Agency Security Officer (LASO) actively representsDVS in all matters pertaining to information security disseminatesinformation security alerts and other material to constituents andmaintains information security documentation to include systemconfiguration files. The LASO will assist with information securityaudits or hardware and procedures and keeps the CSA informed as toany information security needs and problems.
Sample Tasks:
* Assist with evaluation of architectureinterfacing with other state/federal/local systems.
* Assist with assessing the security of any equipmentneeded.
* Assist with the evaluation of dataintegrity and data security.
* Assist withensuring all background check compliance is met for all projectteam members.
* Assist with creating proceduresto ensure the proper access rights are granted.
* Assist in building User Acceptance Testing (UAT)scenarios to ensure security requirements are properly tested anddocumented.
* Assist with architecture reviewsof all environments.
* Assist with theevaluation and testing of disaster recovery plans.
* Assist with the development of change managementprocesses and procedure projects.
* Providewritten documentation and recommendations.
* Review agency network diagrams and access control lists(ACL) for compliance with FBI CJIS Security Policy and BCA CJDNSecurity Policy.
* Work with DVS staff review ITsecurity audit documentation from local agencies which access DVSsystems and data to determine compliance with FBI CJIS SecurityPolicy and BCA CJDN Security Policy requirements.
* Provide technical guidance principles standards and bestpractices to guide criminal justice agency infrastructure designand system implementations to comply with FBI CJIS Security Policyand BCA CJDN Security Policy.
* Performtechnical analysis of vendor solutions to assess compliance withFBI CJIS Security Policy and BCA CJDN Security Policy.
* Audit identity and access management to assure they areproperly managed and maintained for all systems utilized to accessdrivers license and motor vehicle registration data; and recommendremedial action when required.
* Audit thedrivers license and motor vehicle systems for PCI compliance; andrecommend remedial action when required.
* Workwith DPS agencies and other government entities to ensure driverand vehicle data is accessible for utilization for mission criticalfunctions while maintaining all security requirements.
* Access public government data to the extent allowable bylaw including data in the States possession that would otherwise beclassified as not public under Minnesota Statutes section13.82.
* Analyze security needs for all DVSprojects DVS systems and systems that interface with DVSsystems.
* Transition and train new DVSsecurity staff for duties including:
* Deputy RegistrarSecurity
* Identity Access Management(AIM)
* PCI Compliance
* Policy Auditing
* DVS securities and LASOduties:
* DVSSecurities duties will include:
* Deputy Registrar Security
* IAM
* PCI Compliance
* Policy Auditing
* Physical Security ofFacilities
* Fraud and Investigations
* ADLMV Management
* Technical Review/Architect
* The LASO duties willinclude:
* Identify who is using the CSA approved hardware softwareand firmware and ensure no unauthorized individuals or processeshave access to the same.
* Identify and documenthow the equipment is connected to the state system.
* Ensure that personnel security screening procedures arebeing followed as stated in FBI CJIS Security Policy and the MNJIS5002 policy
* Ensure the approved andappropriate security measures are in place and working asexpected.
* Support policy compliance and ensurethe CSA ISO is promptly informed of security incidents.
* Conduct an annual audit of CJIS compliance and trackremediation efforts on any items found
* Maintaining CJIS compliant networkarchitecture
* Properly vetting all individualswith access to DVS physical and logical resources through theaccess control systems and best IAM practices
* Properly vetting all software and hardware vendors forCJIS compliance
* Working closely with MN.IT toutilize enterprise resources when possible and involving MN.IT onall technical projects
* Active involvement inall data access requests that may contain CJI to ensure CJI isprotected accordingly
* Work through vendoragreements to ensure all security requirements are met orexceeded
* Reviewing MN.IT scans of DVSresources and monitoring identified vulnerabilities and remediationefforts
* Provideknowledge transfer.
Desired Skills:
* Six (6) years experience in a security architect orengineer role.
* Three (3) years experience innetwork engineering including firewall management.
* Four (4) or more engagements within the last ten (10)years in a security architect or engineer role where the engagementwas longer than three months each.
* Experiencewith the design and implementation of information systems inorganizations with more than 50 people with an emphasis on datanetwork and infrastructure security.
* CISSP orGIAC certification.
* Comprehensive knowledge ofhardware software application and systems engineering.
* Broad knowledge of database systems webbased technologiesand network security.
* Systems thinking theability to see how parts interact with the whole (big picturethinking).
* Knowledge of IT governance andoperations.
* Interpersonal and leadershipskills servant leadership collaboration facilitation andnegotiation skills.
* Communication skills bothwritten and verbal.
* Ability to explain complextechnical issues in a way that nontechnical people mayunderstand.
* Time management andprioritization.