Lead Security Engineer || 16+ years Exp || at Remote, Remote, USA |
Email: [email protected] |
Hi, Hope you are doing well. Please let me know if you are available in the job market . Title: Lead Security Engineer Location : : Candidates need to be in the DC, MD, VA -Remote Visa : Any Visa Client : District of Columbia- DHCF - Department of Health Care Finance (STaR2) DHCF DCAS - Lead Security Engineer (724734) Note: Below Skill matrix is required. Title Lead Security Engineer (724734) Client District of Columbia- DHCF - Department of Health Care Finance (STaR2) Location Remote -DHCF - 955 L'Enfant Plaza SW, Suite 3500, Washington DC 20024 Location of Candidates STaR2 candidates need to be in the DC, MD, VA -remote Description/Role The contractor is responsible for the organization's security program including but not limited to daily operations of the IT security program. The Security Lead will support the District of Columbia Access System (DCAS) under the Technical Program manager to identify security vulnerabilities, design, and implement security solutions, monitor security systems, and respond to security incidents impacting DHCF on-premises and cloud hosted resources. The contractor shall provide subject matter expertise in the design, development and implementation of security best practices which includes, but is not limited to, network security, application security, access control, and security policy development. Responsibilities: Conduct security assessments and audits to identify vulnerabilities and provide recommendations for remediation of DHCF assets. Design, implement, and manage security infrastructure and tools, including firewalls, intrusion detection systems, vulnerability management systems, antivirus systems. Collaborate with IT teams to ensure security best practices are integrated into IT projects and operations for divisions providing services internally and externally. Develop and maintain security policies, procedures, and standards. Monitor security systems and respond to security incidents in a timely manner. Provide security awareness training to employees and stakeholders. Stay up to date with the latest security trends, threats, and technologies. Should have experience with Center for Medicaid Services (CMS), Internal Revenue Services (IRS) and Social Security Administration (SSA) Audits and Remediation. Qualifications: Minimum of 15 years of experience working in the field of cybersecurity. Knowledge of federal and industry-specific regulations and compliance requirements related to cybersecurity (e.g., FISMA, HIPAA, GDPR). Experience in preparing for and participating in security audits and assessments. Expertise in network security, including firewalls, intrusion detection/prevention systems, and VPNs. Proven experience with security assessment tools and methodologies. Proficiency in security technologies such as SIEM (Security Information and Event Management) systems and endpoint protection solutions Experience with security monitoring tools, log analysis, and incident response procedures in Azure environments. Strong leadership skills with the ability to motivate and manage a team effectively. Excellent communication and interpersonal skills to work collaboratively with diverse teams and stakeholders. Demonstrated ability to develop and implement security policies, procedures, and standards. Experience in incident response, including conducting investigations and managing security incidents. Strong understanding of cloud security principles and best practices. Strong knowledge of network security, encryption, authentication methods, and security protocols. Excellent problem-solving skills and attention to detail. Strong communication skills and ability to work collaboratively with cross-functional teams. Deliverables: Comprehensive cybersecurity strategy document outlining short-term and long-term goals. Updated security policies and procedures manual. Regular compliance reports and documentation of security measures taken. Security assessment reports detailing identified vulnerabilities and recommended remediation strategies. Documentation of implemented security measures and configurations. Incident reports for security incidents, including analysis, containment, eradication, recovery, and lessons learned. Create a detailed implementation plan outlining the steps and timeline for deploying security solutions, configuring firewalls, intrusion detection systems, and other security tools. Integrate and configure security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems, and vulnerability scanners, for continuous monitoring and threat detection. Develop a comprehensive incident response plan outlining procedures for identifying, containing, eradicating, recovering from, and documenting security incidents. Conduct tabletop exercises to validate the plan. Configure network security devices, including firewalls, routers, and switches, to enforce access controls, segmentation, and threat detection. Complete Remediation of all findings from audit reports and communicate with the federal agencies that conduct audit. --------------------------------------------- CONTRACT JOB DESCRIPTION Responsibilities: 1. Formulates and defines systems scope and objectives based on both user needs and a thorough understanding of business systems and industry requirements. 2. Devises or modifies procedures to solve complex problems considering computer equipment capacity and limitations, operation time, and form of desired results. Includes analysis of business and user needs, documentation of requirements, and translation into proper system requirements specifications. 3. Provides consultation on complex projects and is considered to be the top-level contributor/specialist of most phases of systems analysis, while considering the business implications of the application of technology to the current and future business environment. Minimum Education/Certification Requirements : Bachelors degree in IT or related field or equivalent experience; or a current Project Management Professional (PMP) Certification Skill Matrix: Skill Required / Desired Amount of Experience Candidate exp 16+ yrs. MS Office/PowerPoint experience Required Bachelors degree in IT or related field or equivalent experience Required Knowledge and exp in state and federal information security laws, including but not limited to HIPAA, including NIST, PCI and all other regulations Required 8 Years Proven expertise in presenting executive level reports on project security and compliance Required 8 Years Healthcare Privacy and Security (CHPS) certification and/or other healthcare industry related security credentials Highly desired Proven track record in the successful completion of an SDLC from a security workstream standpoint Required 10 Years Expertise translating security protocols and requirements to stakeholders and/or technical project managers Required 8 Years Knowledge of project management tools - JIRA, SharePoint, Sciforma, Salesforce, MS Project (preferably) Required 8 Years 11 Proven documentation expertise for the purpose of security policy development, audit finding responses, security risks/gap analysis reports etc. Required 8 Years 11 Proven experience functioning as the prim POC for IT security audits Required 8 Years 9 Knowledge of HIPAA, state and federal guidelines on security, transactions and security Required 8 Years Experience working in IT Security for the Health and Human Services sector Required 10 Years Expience managing a team of IT professionals specializing in IT Security Required 10 Years CISSP Certification (preferred) Highly desired Excellent communication and leadership skills Required 10 Years Expert knowledge of the MS Office Suite Required 10 Years Knowledge and/or understanding of Curam - V6 or higher (desired) Highly desired ITIL Certification (desired) Highly desired Proven knowledge and expertise with health care relevant legislation and standards for the protection of health information and patient security Required 7 Years Professional Experience that Meets the requirements for a Master Level Business Systems Analyst Required 16 Years Regards, Akash Srivastava Technical Recruiter 1 Point System LLC [email protected] D : 803-893-9554 115 Stone Village Drive Suite C Fort Mill, SC 29708 https://www.linkedin.com/in/akash-srivastava-a25031223/ -- Keywords: information technology microsoft Alaska Maryland South Carolina Virginia |
[email protected] View all |
Tue Nov 21 20:53:00 UTC 2023 |