Job Description

Our valued Municipal client is currently seeking a Threat and Risk Analyst to support the Technology Security Branch in the planning, execution and documentation of TRA’s.

Roles and Responsibilities

• Support the Technology Security Branch in the planning, execution and documentation of TRA’s using two different approaches:
  • For large, enterprise-wide large impact projects, the Information Security Forum’s (ISF) Information Risk Assessment Methodology (IRAM) version 1 for these and other projects, as assigned; and
  • For small to mid-size initiatives, an internally developed Risk Assessment process

Qualifications and Skills

• 5 years experience performing threat and risk assessments and generating professional reports to indicate findings and recommendations
• Demonstrated knowledge/experience with assessment work meeting varying sizes and level of complexity
• Demonstrated knowledge/experience with security elements of application development and architecture.

Education

A three (3) year university degree or community college diploma in computer science or related discipline 

 Maintain current at least one of the following certifications
o Certified Information Security Professional (CISSP)
o Certified Information Security Manager (CISM)
o Certified in Risk and Information Systems Control (CRISC)
o Certified Information Systems Auditor (CISA)
o Global Information Assurance Certification Security Essentials
(GSEC) certifications