Engagement Type
Contract
Short Description
Typical Experience : 84 months
CompleteDescription
This position ismostly remote but DIT may want them to attend an inperson meetingfrom time to time so theyd prefer someone driving distance from ouroffice in Raleigh.
Business & Policy Analyst Position
Requirements
- Able to articulate IT value propositions from both abusiness and technical perspective
- Experiencewriting and reviewing IT privacy and / or securitypolicies.
- Ability to develop business case / ROIfor IT value propositions
- Ability to transferknowledge and other important or relevant information to others inthe engagement channel
- Matrix managementskills for DIT client vendors and other involvedparties / resources
- Ability to participate inthe project to deliver the proposed and agreed uponsolution
- Understanding of general ITarchitectural principles
- Excellent verbal andwritten communication skills including the ability to interact andcommunicate effectively with S level client executives
- Vertical business expertise and / or knowledge ofhorizontal solution capabilities
- Solid vendorinteraction and management skills at a project level
- Ability to transfer knowledge and other important orrelevant information to others in the engagement channel
- Strong knowledge of and experience with business softwaretechnology analysis tools and business case analytics
- Detail oriented professional with experience using M365applications to draft review outline and understand businessprocesses and policies
- Experience with NCstatewide security and privacy policies
PreferredSkills :
Experience with NIST 80053rev5 NIST RMF and familiarity with NIST Privacy Framework and NISTAI Framework.
Experience developing a crosswalkor matrix of data classification and privacy and securitycontrols.
Experience creating reviewing and / orrefining system data dictionaries with stakeholders.
Experience with data asset classification of federallyregulated stated and NC stateowned and controlled data to includeretention schedules.
Experience developing andimplementing standard operating procedures (SOPs) with regard toinformation privacy and security.
Experiencemanually creating data dictionaries in Excel to record data ownerdata table names system business names retention schedules alignedprivacy policies and notices etc.
Required / Desired Skills
Skill
Required / Desired
Amount
of Experience
Experience with NIST 80053 rev5NIST RMF and familiarity with NIST Privacy Framework and NIST AIFramework.
Required
Years
Experience developing a crosswalk or matrix ofdata classification and privacy and security controls.
Required
Years
Experience creating reviewing and / or refining system datadictionaries with stakeholders.
Required
Years
Experience with data asset classification of federallyregulated stated and NC stateowned and controlled data to includeretention schedules.
Required
Years
Experience developing and implementingstandard operating procedures (SOPs) with regard to informationprivacy and security.
Required
Years
Experience manually creating data dictionariesin Excel to record data owner data table names system businessnames and retention schedules.
Required
Years
Experience manually creating data dictionaries in Excelto record aligned privacy policies and notices etc.
Required
Years
Experience with NC statewide security and privacypolicies.
Highly desired
Years
Questions
Description
Question 1
Absences greater than two weeks MUST be approved by CAImanagement in advance and contact information must be provided toCAI so that the resource can be reached during his or her absence.
The Client has the right to dismiss the resource if he or she doesnot return to work by the agreed upon date. Do you accept thisrequirement
Question2
This position is mostly remote but DITmay want them to attend an inperson meeting from time to time sotheyd prefer someone driving distance from our office in Raleigh.
Please list the current city and state the candidate is livingin.
Question3
Please list candidates emailaddress.
Question4
Please indicate how soon this candidate isavailable to start work. Vendors are encouraged to submitcandidates that are available for the duration of theassignment.
Question5
Vendor must disclose to the agency if thecandidate will be subcontracted at the time of submission. Do youaccept this requirement
Question 6
Vendor must notify theagency if any portion of the requirements listed in this task orderis to be outsourced to other countries.
Do you accept thisrequirement
Question8
Payment for all approved hours will be paidat the straight hourly rate regardless of the total hours worked bythe engaged resource.
It is the responsibility of the supplier toadhere to any applicable compensation laws including payment forovertime hours.
Do you accept this requirement
Question 9
Please confirm you have thoroughly validated and attestto the accuracy of the credentials listed throughout thiscandidates VectorVMS profile and resume pursuant to Section 5.
2.5of ITS009440. Do you confirm