IT - SCDHHS - Security Analyst - Consultant jobs in United States
info-icon
This job has closed.
company-logo

Abacus Service Corporation ยท 2 days ago

IT - SCDHHS - Security Analyst - Consultant

positionColumbia, SC
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Abacus Service Corporation is seeking a Security Analyst - Consultant for the South Carolina Department of Health and Human Services. The role involves leading security, risk, and compliance activities in support of cybersecurity efforts while ensuring adherence to federal, state, and agency standards.

Health CareInformation Technology
check
Growth OpportunitiesbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

The Senior ISSO will report to the ISSO Team Lead in OCS and operate as an experienced cybersecurity consultant to SCDHHS leadership, business units, business partners and vendors
Leadership experience with CMS MARS-E, ARC-AMPE, or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight
Experience should include well documented success in the development and maintenance of System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Interconnection Security Agreements (ISAs), Computer Matching Agreements (CMAs), and related interviews and audit/assessment activities to complete and verify these and other RMF/Assessment and Authorization (A&A) tasks and artifacts
Experience with development and integration of RMF/A&A tasks and artifacts in RMF type roles such as; ISSO, Information Security Architect, Security Control Assessor, etc., into the System Development Life Cycle (SDLC) is ideal
Experience in security as related to Cloud services and vendor management is considered desirable for this position
Perform detailed architectural reviews and risk analysis of security related requests in order to make sound decision making recommendations, such as:
Network Design and Information Flow
System and Data Access Models
Review Firewall Rule Requests (Ports, Protocols, and Services)
Baseline Configuration Management Deviation Requests
Vulnerability Management
Champion the design, development, implementation, and/or ongoing maturation of SCDHHS security and compliance efforts
Audit and assess internal agency systems as well as business partner/service provider information system security controls
Utilize Microsoft Office software suite, System Center Service Manager (Ticketing system), Archer eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other OCS efforts
Perform security and compliance reviews of Contracts, Business Associate Agreements, Data Usage/Sharing Agreements, and other types of documents and artifacts
Serve as primary point of contact for third-party audits and/or assessments of agency and business partner systems
Collaborate with agency leadership, business partners, and other parties/ stakeholders to provide recommendations for security and compliance risk mitigation efforts
Must have a strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy
5+ years of experience in IT working with and/or auditing IBM System 390/zSeries, Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure, and Web-based Applications
Prior experience working within a FISMA compliant program
Prior experience in working with any eGRC systems
Prior Health Information Technology experience
ISC(2), ISACA, SANS GIAC and/or other Information Security Certification is required
Ability to work independently and as a member of a team
Ability to collaborate and coordinate with multiple teams and vendors
Ability to multitask and prioritize tasks effectively in order to meet deadlines
Experience and training with eGRC solutions
Ability to engage diverse audiences of varying technical and non-technical skill-levels to ensure effective alignment of technical requirements to business objectives
Ability to collaborate and coordinate efforts amongst multiple teams and vendors in fulfillment of SCDHHS OCS initiatives
Ability to multitask and prioritize tasks effectively in order to meet deadlines in a results-oriented environment
Must have intermediate to advanced skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency
Keen attention to detail while maintaining the ability to see the big picture
Ability to absorb, retain and communicate complex processes
Ability to accept changes and constructive criticism and remain flexible in dealing with leadership and teams of varying technical and business knowledge

Qualification

ISC(2)ISACASANS GIACFISMA complianceEGRC systemsIBM System 390/zSeriesWindowsLinuxDatabasesNetworking InfrastructureWeb-based ApplicationsITILMultitaskingCommunicationTeam collaborationAttention to detail

Required

ISC(2), ISACA, SANS GIAC and/or other Information Security Certification is required
5+ years of experience in IT working with and/or auditing IBM System 390/zSeries, Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure and Web-based Applications
Prior experience working within a FISMA or NIST compliant program
Prior experience in working with any eGRC systems

Preferred

Bachelor's in a related area or 10+ years of experience in the field or in a related area
Prior ITIL experience in the area of Information Security Management

Company

Abacus Service Corporation

twittertwitter
company-logo
Abacus Service Corporation is provides IT solutions for global health care businesses.
dateFounded in 2004
location
Southfield, Michigan, USA
people-size201-500 employees
web-link
http://www.abacusservice.com

Funding

Current Stage
Growth Stage

Leadership Team

S
Sam Akunuri
Founder and COO
linkedin
Company data provided by crunchbase