Job Title: Network Security Engineer
Location: St. Paul, MN
Position ID:- RFO0111
Client: Minnesota Department of Health, MN
Kindly Fill given below Skill Matrix With Experience in years:-
Also Need 3 professional references with Name, Title, Client, Phone, Email.
Minimum Qualifications
|
Required minimum qualifications
|
Minimum Number Years of experience
|
|
4 years’ experience working on IT security controls projects in environments that use the following technologies: Oracle, MS-SQL, Active Directory, Java, Javascript, Linux, Windows server 2012, Windows 7, TCPIP.
|
|
|
3 years’ experience working with NIST recommended Security Controls for Federal Information Systems and Organizations, Special Publication 800-53 revision 4.
|
|
|
2 years’ experience with Identity and Access Management (IAM) system(s).
|
|
Desired Skills
|
Minimum Number Years of experience
|
|
Experience with Keycloak identity management authentication server.
|
|
|
Experience with ArcSight event manager.
|
|
|
Experience with RSA Archer platform.
|
|
|
At least one engagement in which the applicants had to participate in a SSAE16 SOC 2 or equivalent (e.g. FedRAMP) industry security standards audit
|
Project Deliverables:
- Detailed project work plan with prioritized deliverables, level of effort in hours, dates, and task assignments.
- Access Controls Risk Assessment document for Applications, Network, Operating Systems, and Databases based on compliance with MN.IT Enterprise Security Control Standards and data classification for each system.
- Documented application access controls, procedures, remediation plans, and exceptions that adhere to the MN.IT Enterprise Security Control Standards.
- Documented network access controls, procedures, remediation plans, and exceptions that adhere to the MN.IT Enterprise Security Control Standards.
- Documented operating system access controls, procedures, remediation plans, and exceptions that adhere to the MN.IT Enterprise Security Control Standards.
- Documented database access controls, procedures, remediation plans, and exceptions that adhere to the MN.IT Enterprise Security Control Standards.
- The documented access controls and procedures must adhere to the appropriate data classifications that are documented in the MN.IT Enterprise Security Control Standards.
- Documented procedures must include how access is/or will be monitored and tracked.
- Documented procedures must include any tools that are/or will be used to monitor and track access.
- Documented application controls and procedures must include remediation for migrating to Keycloak Authentication Server if applicable.
- Create an MDH Access Control documentation package that can be used to test and verify application, network, operating system, and database access controls that adhere to MN.IT Enterprise Security Control Standards.