Job Searchi - jobSearchi.com

Job Details

ID #21751433
State New York
City Queens
Job type Contract
Salary USD TBD TBD
Source QED National
Showed 2021-10-27
Date 2021-10-27
Deadline 2021-12-25
Category Et cetera
Create resume

Cloud Risk Analyst

New York, Queens, 11415 Queens USA

Vacancy expired!

A NYC government agency located in Queens, NY is looking for a Cloud Risk Analyst. The contract is currently set to last till the end of March 2022 with a high probability of becoming a multi-year engagement. The city agency is seeking a qualified consultant for a Cloud Risk Analyst role. We are looking for a Risk Analyst to join a team responsible for the assessment of information security practices and posture of commercial Cloud vendors and their delivery models, including IaaS, PaaS, and SaaS. Responsibilities include the research and the analysis to establish tactics, techniques and procedures for vulnerability scanning, remediation, and mitigation, including risk assessments and risk reporting. Document and maintain cybersecurity and privacy policies, legal agreements, vendor vs owner responsibilities, compliance artifacts, standards for compliance, system authentication/authorization, and management in a commercial Cloud environment.

Requirements and skills

  • Broad knowledge of information security and privacy fundamentals.
  • Knowledge on applying risk management frameworks such as NIST, FISMA, or ISO 27000.
  • Knowledge in SSAE 16, SOC 2, Shared Assessments, FedRAMP, and other vender risk assessment methodologies.
  • Knowledge on Governance, Risk, and Compliance (GRC) and vendor risk management tools.
  • Excellent oral and written communication, ability to convey technical and security related concepts to people at all levels of the organization.
  • Proficient in the design and implementation of effective information security controls with minimal oversight.
  • Acute attention to detail with a high level of data integrity and accuracy.
  • Strong organizational and prioritization skills to handle multiple priorities.
  • Exposure to public cloud offerings and building cloud native applications.

Preferred Skills

  • Bachelor's degree in information technology or Computer Science.
  • Industry recognized certifications within the domains of information security and privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.).
  • 5 years of working in an IT computer related field.
  • 3 years of hands-on technical experience in cloud administration.
  • 1 year of experience with Cloud Cybersecurity efforts and emerging technology aligned with the Risk Management Framework (RMF).

Responsibilities

  • The consultant will work with agency staff to properly capture issues and assist with resolution. The consultant will ensure proper follow-up occurs and that all issues are resolved within an estimated timeframe. In addition, the consultant will:
  • Keep abreast of the latest security, privacy, and regulatory concerns and best practices impacting third party risk management.
  • Advise agency on any changes requested by third parties to security and privacy provisions of agreements or contracts.
  • Collaborate with IT project management and operational teams to design secure cloud infrastructure plans and services.
  • Perform analysis on the security for all cloud services including but not limited to: AWS, Microsoft Azure, Google, etc.
  • Provide subject matter expertise on cloud security, automation and virtualization.
  • Develop, document, and validate policies, processes and/or procedures relating to a variety of cloud concepts and standards.
  • Develop cloud security metrics to analyze risk and identify potential opportunities to reduce vulnerabilities.
  • Collaborate with all parties and city Cyber Command Center to obtain disposition of cloud solution and update agency inventory list.

About us: QED National is a leading IT consulting, solutions and staff augmentation firm, serving both the public and private sectors for over 28 years. Headquartered in midtown Manhattan, QED National's team is comprised of the brightest minds in the industry with the skills to solve the most complex technological problems.

Vacancy expired!

Subscribe Report job