Assist withevaluation of architecture interfacing with otherstate / federal / localsystems.

Assist withassessing the security of any equipmentneeded.

Assist with theevaluation of data integrity and datasecurity.

Assist withensuring all background check compliance is met for all projectteammembers.

Assist withcreating procedures to ensure the proper access rights aregranted.

Assist inbuilding User Acceptance Testing (UAT) scenarios to ensure securityrequirements are properly tested anddocumented.

Assist witharchitecture reviews of allenvironments.

Assist with theevaluation and testing of disaster recoveryplans.

Assist with thedevelopment of change management processes and procedureprojects.

Provide writtendocumentation and recommendations.

Review agencynetwork diagrams and access control lists (ACL) for compliance withFBI CJIS Security Policy and client s CJDN SecurityPolicy.

Work with DVSstaff review IT security audit documentation from local agencieswhich access DVS systems and data to determine compliance with FBICJIS Security Policy and client s CJDN Security Policyrequirements.

Providetechnical guidance principles standards and best practices to guidecriminal justice agency infrastructure design and systemimplementations to comply with FBI CJIS Security Policy and clients CJDN SecurityPolicy.

Performtechnical analysis of vendor solutions to assess compliance withFBI CJIS Security Policy and client s CJDN SecurityPolicy.

Audit identityand access management to assure they are properly managed andmaintained for all systems utilized to access driver s license andmotor vehicle registration data;

and recommend remedial action whenrequired.

Audit the drivers license and motor vehicle systems for PCI compliance; andrecommend remedial action whenrequired.

Work with clientagencies and other government entities to ensure driver and vehicledata is accessible for utilization for mission critical functionswhile maintaining all securityrequirements.

Access publicgovernment data to the extent allowable by law including data inthe State s possession that would otherwise be classified as notpublic under Minnesota Statutes section13.82.

Analyze securityneeds for all DVS projects DVS systems and systems that interfacewith DVSsystems.

Transitionand train new DVS security staff for dutiesincluding :

Deputy RegistrarSecurity

Identity AccessManagement(AIM)

PCICompliance

PolicyAuditing

DVSsecurities and LASOduties

DVSSecurities duties willinclude :

Deputy RegistrarSecurity

PCICompliance

PolicyAuditing

PhysicalSecurity ofFacilities

Fraud andInvestigations

ADLMVManagement

TechnicalReview / Architect

TheLASO duties willinclude :

Identifywho is using the CSA approved hardware software and firmware andensure no unauthorized individuals or processes have access to thesame.

Identifyand document how the equipment is connected to the statesystem.

Ensurethat personnel security screening procedures are being followed asstated in FBI CJIS Security Policy and the client s 5002policy

Ensurethe approved and appropriate security measures are in place andworking asexpected.

Supportpolicy compliance and ensure the CSA ISO is promptly informed ofsecurityincidents.

Conductan annual audit of CJIS compliance and track remediation efforts onany itemsfound

MaintainingCJIS compliant networkarchitecture

Properlyvetting all individuals with access to DVS physical and logicalresources through the access control systems and best IAMpractices

Properlyvetting all software and hardware vendors for CJIScompliance

Workingclosely with client IT to utilize enterprise resources whenpossible and involving MN.IT on all technicalprojects

Activeinvolvement in all data access requests that may contain CJI toensure CJI is protectedaccordingly

Workthrough vendor agreements to ensure all security requirements aremet orexceeded

Reviewingclient s IT scans of DVS resources and monitoring identifiedvulnerabilities and remediationefforts

Provideknowledgetransfer.

DesiredSkills

Six(6) years experience in a security architect or engineerrole.

Three (3) yearsexperience in network engineering including firewallmanagement.

Four (4) or moreengagements within the last ten (10) years in a security architector engineer role where the engagement was longer than three monthseach.

Experience withthe design and implementation of information systems inorganizations with more than 50 people with an emphasis on datanetwork and infrastructuresecurity.

CISSP or GIACcertification.

Comprehensiveknowledge of hardware software application and systemsengineering.

Broad knowledgeof database systems webbased technologies and networksecurity.

Systems thinkingthe ability to see how parts interact with the whole ( big picturethinking).

Knowledge of ITgovernance andoperations.

Communicationskills both written andverbal.

Ability toexplain complex technical issues in a way that nontechnical peoplemayunderstand.

Time managementandprioritization.

CISSP or GIAC certification

Last updated : 2024-05-31