Roles & Responsibilities

• Develop and implement security standards, policies, and procedures to safeguard resources ensuring compliance with HIPAA, NIST, FedRAMP, and/or HITRUST requirements.
• Evaluate security and privacy risks by balancing business drivers, best practices, and external drivers. Provide proactive solutions or recommendations through collaboration across business units.
• Support vulnerability management activities. Validate creation, documentation, and completion of Plans of Action and Milestones (POA&Ms).
• Lead computer security incident response efforts including but not limited to preparing executive summaries, recommending mitigation strategies, and tracking remediation efforts.
• Lead the creation and ensure the ongoing maintenance of documentation for multiple systems including but not limited to risk assessments, privacy impact assessments, and security plans. Validate compliance of documentation with government and industry standards.
• Work closely with Federal contract teams to ensure implementation of security controls and best practices as required by the contract.
• Stay current with industry trends, emerging threats, security technologies, and pertinent regulations.

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or related field.
  
• 8+ years of work experience in IT in one or more areas of infrastructure, application development, database, and systems management.
• Experience must be in an information security role with demonstrated working knowledge of information security, federal and state rules and regulations,
• company/business unit operations, compliance policies, procedures, and/or programs in the area of assignment.
• Experience working with FedRAMP, NIST 800-53, HIPAA, and/or FIPS.
• Experience with NIST, ISO, and HIPAA requirements/guidance is highly desirable.

Posted By