Connecticut Department of Correction
Job Posting

Position Title: Information Technology Analyst 3
Open To: The Public
Location: Central Office-Wethersfield CT
Hours: 35 hrs per week, 1st Shift, Monday-Friday
Position: 109323
Salary: $76,409 - $98,162
Closing Date: March 24, 2015
Eligibility Requirement: Candidates must have applied for and passed the Information Technology Analyst 3 exam and be on the current certification list promulgated by the Department of Administrative Services for this classification.  State employees currently holding the above title or those who have previously attained permanent status may apply for lateral transfer.
Preferred Experience:
The Department of Correction is currently accepting applications for an IT Analyst 3 position to serve as the Agency Information Security Officer for HIPAA.  The incumbent for this position should be familiar with Federal (specifically FASMA and NIST) and State regulations and legislation, policy and practices as they relate to systems security.  Experienced in working with both physical and logical information security systems, Strong technical skills (application and operating system hardening, vulnerability, assessments, security audits, TCP/IP, intrusion detection, firewalls, etc.).  Outstanding interpersonal and communication skills.  Must possess a high degree of integrity and trust along with the ability to work independently.  Excellent documentation skills.  Ability to weigh business risks and enforce appropriate information security measures.  In-depth knowledge of the HIPAA Security Rule and government technology laws.  CISSP (Certified Information Systems Security Professional) certification-preferred.
Example of Duties: Collaborate with DAS/BEST Security and information system owners to implement the Risk Analysis process, Assist DAS/BEST Security with identification of common security controls, in accordance with NIST 800-53 Guidelines.  Coordinate the implementation and assessment of common security controls, in accordance with NIST 800-53 Guidelines.  Coordinate systems changes with the information system owner, and actively assess the security impact of those changes.  Responsible for implementing, managing and enforcing information security directives as mandated by HIPAA.  Coordinate agency information system security for all computers, electronic storage devices, and communication systems.  Monitor and record the performance of information security initiatives.  Report status to agency Commissioner or designee, IT manager, IT Security SME and DAS/BEST Security Division on a monthly basis.  Recommend course of action to the Commissioner and senior management that, if implemented, would allow the agency to securely meet organizational business goals.  Participate in statewide ISO forums hosted by DAS/BEST Security Division to facilitate adoption and application of policies, standards, and best practices.  Facilitate inventory and classification of agency data.  Ensure system security plans align with agency Business Continuity and Disaster Recovery plans.  Ensure the ongoing integration of information security with business strategies and requirements.
Minimum Qualifications Required
Knowledge, Skill and Ability:
Considerable knowledge of principles and techniques of systems analysis, design, development, and computer programming; considerable knowledge of principles of information systems; considerable knowledge of principles and theories of business and planning functions; considerable knowledge of programming languages; considerable knowledge of project management principles and techniques; considerable knowledge of principles, problems and techniques of data processing and data communication operations; considerable knowledge of data processing and data communications equipment and diagnostic tools; considerable knowledge of methods and procedures used to conduct detailed analysis and design of computer systems; considerable knowledge of principles of complex computer operating systems; knowledge of principles and techniques of business information systems re-engineering; knowledge of network protocols and architecture; knowledge of practices and issues of systems security and disaster recovery; knowledge of applications systems development principles and techniques; knowledge of principles and practices of data base management; considerable interpersonal skills; considerable oral and written communication skills; considerable problem solving skills; consideralbe technical problem solving skills; considerable analytical skills; considerable ability to prepare correspondence, manuals, reports and documentation; considerable ability to analyze and resolve operational and communications problems; considerable ability to analyze and debug complex software programs; considerable ability to identify, analyze and resolve complex business and technical problems; some supervisory ability.
Application Instructions:
Qualified candidates who meet the above requirements need to submit a cover letter, resume, your last two (2) Performance Evaluations, an application for Employment (Form CT-HR-12) which is available at and a State of Connecticut Addendum-Criminal Conviction (Form CT-HR-13) which is available at .  Please submit your information to: 
Note for Applicants: The filling of this position will be in accordance with reemployment, SEBAC, promotion and merit employment rules. State employees should be aware that your performance appraisals, attendance records and discipline records will be reviewed to ensure that you meet DOC Administrative Directive 2.3.

An Equal Opportunity/Affirmative Action Employer