Data Security Consultant

Title: Data Security Consultant

Location: Remote

Duration: 12 Months

Job Description:

Project Schedule:

• Anticipated Project Start Date: July 1 2024.
• Anticipated End Date: June 30 2025.

Sample Tasks:

• Assist with evaluation of architecture interfacing with other state/federal/local systems.
• Assist with assessing the security of any equipment needed.
• Assist with the evaluation of data integrity and data security.
• Assist with ensuring all background check compliance is met for all project team members.
• Assist with creating procedures to ensure the proper access rights are granted.
• Assist in building User Acceptance Testing (UAT) scenarios to ensure security requirements are properly tested and documented.
• Assist with architecture reviews of all environments.
• Assist with the evaluation and testing of disaster recovery plans.
• Assist with the development of change management processes and procedure projects.
• Provide written documentation and recommendations.
• Review agency network diagrams and access control lists (ACL) for compliance with FBI CJIS Security Policy and BCA CJDN Security Policy.
• Work with DVS staff review IT security audit documentation from local agencies which access DVS systems and data to determine compliance with FBI CJIS Security Policy and BCA CJDN Security Policy requirements.
• Provide technical guidance principles standards and best practices to guide criminal justice agency infrastructure design and system implementations to comply with FBI CJIS Security Policy and BCA CJDN Security Policy.
• Perform technical analysis of vendor solutions to assess compliance with FBI CJIS Security Policy and BCA CJDN Security Policy.
• Audit identity and access management to assure they are properly managed and maintained for all systems utilized to access drivers license and motor vehicle registration data; and recommend remedial action when required.
• Audit the drivers license and motor vehicle systems for PCI compliance; and recommend remedial action when required.
• Work with DPS agencies and other government entities to ensure driver and vehicle data is accessible for utilization for mission critical functions while maintaining all security requirements.
• Access public government data to the extent allowable by law including data in the States possession that would otherwise be classified as not public under Minnesota Statutes section 13.82.
• Analyze security needs for all DVS projects DVS systems and systems that interface with DVS systems.
• Transition and train new DVS security staff for duties including:
  • Deputy Registrar Security
  • Identity Access Management (AIM)
  • PCI Compliance
  • Policy Auditing
• DVS securities and LASO duties
• DVS Securities duties will include:
  • Deputy Registrar Security
  • IAM
  • PCI Compliance
  • Policy Auditing
  • Physical Security of Facilities
  • Fraud and Investigations
  • ADLMV Management
  • Technical Review/Architect
• The LASO duties will include:
• Identify who is using the CSA approved hardware software and firmware and ensure no unauthorized individuals or processes have access to the same.
• Identify and document how the equipment is connected to the state system.
• Ensure that personnel security screening procedures are being followed as stated in FBI CJIS Security Policy and the MNJIS 5002 policy
• Ensure the approved and appropriate security measures are in place and working as expected.
• Support policy compliance and ensure the CSA ISO is promptly informed of security incidents.
• Conduct an annual audit of CJIS compliance and track remediation efforts on any items found
• Maintaining CJIS compliant network architecture
• Properly vetting all individuals with access to DVS physical and logical resources through the access control systems and best IAM practices
• Properly vetting all software and hardware vendors for CJIS compliance
• Working closely with MN.IT to utilize enterprise resources when possible and involving MN.IT on all technical projects
• Active involvement in all data access requests that may contain CJI to ensure CJI is protected accordingly
• Work through vendor agreements to ensure all security requirements are met or exceeded
• Reviewing MN.IT scans of DVS resources and monitoring identified vulnerabilities and remediation efforts
• Provide knowledge transfer.

Desired Skills:

• Six (6) years experience in a security architect or engineer role.
• Three (3) years experience in network engineering including firewall management.
• Four (4) or more engagements within the last ten (10) years in a security architect or engineer role where the engagement was longer than three months each.
• Experience with the design and implementation of information systems in organizations with more than 50 people with an emphasis on data network and infrastructure security.
• CISSP or GIAC certification.
• Comprehensive knowledge of hardware software application and systems engineering.
• Broad knowledge of database systems webbased technologies and network security.
• Systems thinking the ability to see how parts interact with the whole (big picture thinking).
• Knowledge of IT governance and operations.
• Interpersonal and leadership skills servant leadership collaboration facilitation and negotiation skills.
• Communication skills both written and verbal.
• Ability to explain complex technical issues in a way that nontechnical people may understand.
• Time management and prioritization.

.