Apply on Employer Site

Acentra Health · 1 month ago

Cybersecurity Analyst, Senior

United States

Full-time

Remote

Senior Level, Lead/Staff

$99K/yr - $124K/yr

10+ years exp

Acentra Health is dedicated to empowering better health outcomes through technology and clinical expertise. They are seeking a Senior Cybersecurity Analyst to track and brief on the security status of cloud service provider systems, contribute to security documentation, and perform security audits and compliance tasks for cloud applications.

Health Care

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Understand, establish, and implement Authority to Operate (ATO) for systems to adhere with FedRAMP High guidelines and the HIPAA rule

In-depth Knowledge of NIST 800-53 v5 framework to execute security controls and plans

Serve as liaison between program managers and senior leaders providing technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information. Analyze security posture and vulnerabilities present in cloud architecture systems

Update and review technical security documentation deliverables such as system security, incident response and contingency plans

Prepare deliverables for the customer as required by contract

Assist SIEM with investigations of suspected incidents, compete customer notifications according to contractual obligations

Qualification

CISSPNIST 800-53Information SecurityFedRAMP HighSecurity DocumentationProject ManagementSoft Skills

Required

A Bachelor's degree or higher from a US Department of Education accredited college or university recognized by the corresponding professional associations in an information technology-related field

An active certification from one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security+, Certified Authorization Professional (CAP), or GIAC Security Essentials (GSEC)

Minimum of 10 years of experience applying information technology security controls

Minimum of 2 years using federal processes, procedures, and standards in implementing information technology security controls (e.g., National Institute of Standards and Technology (NIST) Special Publications, Federal Information Processing Standards (FIPS), Federal Information Security Modernization Act of 2014 (FISMA), DHS Policy Directive 4300A)

Knowledgeable with Federal Security Policy Documentation (POA&Ms, SOP's, Contingency Plans, SSPs, etc.)

Providing system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents

Analyzing and updating security plans, policies, and procedures to ensure they align with cybersecurity laws and regulations and the organization's cyber objectives. Developing related system design to enhance cyber security controls and to reduce vulnerabilities, mitigate risks, and develop remediation plans to harden relevant security systems

This role requires the candidate to obtain a high-level US public trust clearance. That clearance requires US citizenship and residency. Furthermore, the individual must have resided in the US for 3 of the last 5 years

A public trust security clearance is required to perform on this contract. Failure to achieve and maintain the necessary clearance will result in the disqualification of the selected candidate from the position