Location: Washington, DC Duration: 12 Months+ Job Description: The Security Lead will support the client under the Technical Program manager to identify security vulnerabilities, design, and implement security solutions, monitor security systems, and respond to security incidents impacting client on-premises and cloud hosted resources. The contractor shall provide subject matter expertise in the design, development and implementation of security best practices which includes, but is not limited to, network security, application security, access control, and security policy development. Responsibilities: Conduct security assessments and audits to identify vulnerabilities and provide recommendations for remediation of client assetsDesign, implement, and manage security infrastructure and tools, including firewalls, intrusion detection systems, vulnerability management systems, antivirus systemsCollaborate with IT teams to ensure security best practices are integrated into IT projects and operations for divisions providing services internally and externallyDevelop and maintain security policies, procedures, and standardsMonitor security systems and respond to security incidents in a timely mannerProvide security awareness training to employees and stakeholdersStay up to date with the latest security trends, threats, and technologiesShould have experience with Center for Medicaid Services (CMS), Internal Revenue Services (IRS) and Social Security Administration (SSA) Audits and Remediation Qualifications: Minimum of 15 years of experience working in the field of cybersecurityKnowledge of federal and industry-specific regulations and compliance requirements related to cybersecurity (e.g., FISMA, HIPAA, GDPR)Experience in preparing for and participating in security audits and assessmentsExpertise in network security, including firewalls, intrusion detection/prevention systems, and VPNsProven experience with security assessment tools and methodologiesProficiency in security technologies such as SIEM (Security Information and Event Management) systems and endpoint protection solutionsExperience with security monitoring tools, log analysis, and incident response procedures in Azure environmentsStrong leadership skills with the ability to motivate and manage a team effectivelyExcellent communication and interpersonal skills to work collaboratively with diverse teams and stakeholdersDemonstrated ability to develop and implement security policies, procedures, and standardsExperience in incident response, including conducting investigations and managing security incidentsStrong understanding of cloud security principles and best practicesStrong knowledge of network security, encryption, authentication methods, and security protocolsExcellent problem-solving skills and attention to detailStrong communication skills and ability to work collaboratively with cross-functional teams Deliverables: Comprehensive cybersecurity strategy document outlining short-term and long-term goalsUpdated security policies and procedures manualRegular compliance reports and documentation of security measures takenSecurity assessment reports detailing identified vulnerabilities and recommended remediation strategiesDocumentation of implemented security measures and configurationsIncident reports for security incidents, including analysis, containment, eradication, recovery, and lessons learnedCreate a detailed implementation plan outlining the steps and timeline for deploying security solutions, configuring firewalls, intrusion detection systems, and other security toolsIntegrate and configure security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems, and vulnerability scanners, for continuous monitoring and threat detectionDevelop a comprehensive incident response plan outlining procedures for identifying, containing, eradicating, recovering from, and documenting security incidents. Conduct tabletop exercises to validate the planConfigure network security devices, including firewalls, routers, and switches, to enforce access controls, segmentation, and threat detectionComplete Remediation of all findings from audit reports and communicate with the federal agencies that conduct audit Responsibilities: Formulates and defines systems scope and objectives based on both user needs and a thorough understanding of business systems and industry requirementsDevises or modifies procedures to solve complex problems considering computer equipment capacity and limitations, operation time, and form of desired results. Includes analysis of business and user needs, documentation of requirements, and translation into proper system requirements specificationsProvides consultation on complex projects and is considered to be the top-level contributor/specialist of most phases of systems analysis, while considering the business implications of the application of technology to the current and future business environment Minimum Education/Certification Requirements : Bachelor's degree in IT or related field or equivalent experience; or a current Project Management Professional (PMP) Certification Skills: SkillsRequired / DesiredAmountof Experience16+ yrs. MS Office/PowerPoint experienceRequiredBachelor's degree in IT or related field or equivalent experienceRequiredKnowledge and exp in state and federal information security laws, including but not limited to HIPAA, including NIST, PCI and all other regulationsRequired8YearsProven expertise in presenting executive level reports on project security and complianceRequired8YearsHealthcare Privacy and Security (CHPS) certification and/or other healthcare industry related security credentialsHighly desiredProven track record in the successful completion of an SDLC from a security workstream standpointRequired10YearsExpertise translating security protocols and requirements to stakeholders and/or technical project managersRequired8YearsKnowledge of project management tools - JIRA, SharePoint, Sciforma, Salesforce, MS Project (preferably)Required8YearsProven documentation expertise for the purpose of security policy development, audit finding responses, security risks/gap analysis reports etc.Required8YearsProven experience functioning as the prim POC for IT security auditsRequired8YearsKnowledge of HIPAA, state and federal guidelines on security, transactions and securityRequired8YearsExperience working in IT Security for the Health and Human Services sectorRequired10YearsExpience managing a team of IT professionals specializing in IT SecurityRequired10YearsCISSP Certification (preferred)Highly desiredExcellent communication and leadership skillsRequired10YearsExpert knowledge of the MS Office SuiteRequired10YearsKnowledge and/or understanding of Curam - V6 or higher (desired)Highly desiredITIL Certification (desired)Highly desiredProven knowledge and expertise with health care relevant legislation and standards for the protection of health information and patient securityRequired7YearsProfessional Experience that Meets the requirements for a Master Level Business Systems AnalystRequired16Years
Powered by JazzHR
q4JhcHZBFR
