Application Security and Workflow Assistant
Nature of Work:
Under general supervision this position will be responsible for performing full performance level professional/technical work on the wvOASIS Project assisting with developing, implementing, and maintaining information security policies, standards, and controls throughout all applications within the project. This includes but is not limited to creating, modifying, and removing accounts and resources for employees to wvOASIS applications as requested by authorized personnel. This position requires attention to detail, organizational skills, good customer service skills and high-level of confidentiality. May require being on call after normal business hours, weekends and holidays. Performs duties necessary to define, establish, and maintain resource ownership/stewardship responsibilities, such as data classification, security levels, account management, access to resource controls, monitoring activities and other internal controls. Recommends internal controls and risk management strategies to reduce risks and ensure compliance with policy and regulations. Manages and responds to help desk problem tickets to ensure appropriate resolution of issues. Attend meetings in person and WebEx meetings.
Basic Job Functions:
Due to the nature of this position, administrators have access rights to systems which may house user information and sensitive information. Administrators having these rights understands they may only log into these system with unique identifiable credentials so all activity will be logged and monitored. (It should be understood that this is not intended to be a detailed nor comprehensive description of any individual employee's job content. Managers set the specific duties and responsibilities for each employee).
Knowledge, Skills, and Abilities
Knowledge of recognized information security domains: access controls, application security, and risk management.Basic knowledge of information technology software, hardware, terminology and concepts. Ability to develop skills to use tools and technologies to assess, monitor, and document the security state of applications, data management, account management, classification, incident management, systems management and other technology resources. Ability to make decisions and use independent judgment, especially when resolving complex, challenging issues associated with information security work, projects or operations. Ability to read, understand, interpret, compile and apply technical information. Ability to communicate effectively, both verbally and in writing. Ability to establish and maintain effective working relationships to diverse groups, including those serving in management, professional, technical, staff positions, and the user community.
Minimum Qualifications
TRAINING: Bachelor’s degree from a regionally accredited four-year college or university incomputer science, computer information systems, information technology, computerengineering, electronics, network engineering or closely related field, OR, graduation from astandard high school or the equivalent, plus oneOASIS approved informationtechnology certifications.
EXPERIENCE: Two years of full-time or equivalent part-time paid experience in network account management, access control management, data clarification, risk management and/or customer services relating to information technology.
NOTE: Acceptable information technology certifications include CompTIA’s A+ or Network +
Microsoft Certification, CISSP, any cisco certification or anyHelp Desk Institute Certification