Sr Security Consultant at Careerbuilder in Eden Prairie, Minnesota

Posted in Other 13 days ago.





Job Description:

*Description:*

* This is a Sr. position - must be able to understand end to end security, compliances, controls, etc.

*Projects the candidate will be working on: *

* This position is for highly critical visible project responsible for overseeing all aspects of information security operations, information security programs/projects, information security & technology risk assessments, and information security reporting.

* Performs all duties in accordance with the company's policies and procedures, all U.S. state and federal laws and regulations, wherein the company operates

*Ideal Background:*

* Cyber security leaders who manage security for systems and developing solutions for the healthcare industry. We are searching for a seasoned SISO with a passion for cyber security, excellent communication skills, and a leadership mindset to manage the latest threats and related laws and policies governing information security.

*Experience:*

* MUST have experience with Data Exchanges.

*REQUIREMENTS:*

* Five (5)+ years of Information Security experience is required; including three (3) years of FISMA related experience.

* Bachelors Degree in an Information Security, Cybersecurity, Computer Science or equivalent. Masters Degree in a related field a plus.

* Hold in good standing at least one of the following certifications:

* Certified Information Systems Security Professional (CISSP)

* Certified Information Systems Manager (CISM)

* Certified Cloud Security Professional (CCSP)

* Strong presentation, oral, and written communication skills

* Ability to balance security needs with mission/business needs.

* Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework.

* Specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, NIST, MARS-E, HIPPA, SSA and IRS standards.

* Knowledge and experience with incident management and vulnerability management.

* Strong understanding of how to manage risk profile for large organizations required to meet federal privacy and security requirements while maintaining a tolerable risk level.

* Strong understanding of security architectures, operating systems, databases, networks, applications, and security tools.

* Knowledge and experience with information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies and architectures.

* Ability to assess and weigh current and evolving security threats in an operational environment

*Responsible:*

* Overseeing all aspects of information security operations, information security programs/projects, information security & technology risk assessments, and information security reporting.

* Performs all duties in accordance with the company's policies and procedures, all U.S. state and federal laws and regulations, wherein the company operates.

*Job Responsibilities:*

* Responsible for maintaining security with an objective to provide confidentiality, integrity, and availability of sensitive data within systems.

* Assist with alignment of information technology (IT) security priorities with the security strategy, information security budget, staffing, and contracting.

* Identify and evaluate security program implications of new technologies or technology upgrades.

* Oversee and manage compliance with state and federal security and privacy standards.

* Primary liaison to customers on all security, privacy, and compliance matters.

* Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.

* Monitor, evaluate, and report effectiveness of cybersecurity safeguards to ensure the appropriate level of protection at an acceptable risk.

* Ensure security improvement actions are evaluated, validated, and implemented as required.

* Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.

* Coordinate and participate in the continuous monitoring program of audits/assessments, penetration testing and vulnerability scanning.

* Oversee vulnerability and POA&M management, remediation, and reporting to leadership and customers.

* Lead efforts to obtain and maintain authorizations to operate.

* Oversee and ensure remediation's and incident response activities are met in accordance with Service Level Agreements.

* Set up and own processes for continued compliance for items such as RBAC compliance.

* Review change requests and provide Security oversight; ensure compliancy as outlined in the SOW (e.g. FedRAMP)