Remote IT Security Specialist - Cloud Risk and Compliance

Job Overview

We are on the lookout for a talented IT Security Specialist to contribute to a significant application and infrastructure modernization initiative. In this pivotal role, you will assess security requirements, scrutinize key documentation, identify potential vulnerabilities, and aid in the formulation of robust mitigation strategies to ensure adherence to security and privacy standards. The successful candidate will possess a solid foundation in cloud security, risk management, and system security evaluations.

Key Responsibilities

• Strategically plan, implement, enhance, and oversee security protocols to safeguard computer networks and sensitive information.
• Conduct ongoing assessments of development methodologies and propose enhancements to bolster security.
• Support the Information System Security Officer (ISSO) in the stewardship of system security plans, ensuring that systems achieve and sustain Authorization to Operate (ATO) status.
• Facilitate activities pertinent to the Assessment and Authorization (A&A) process.
• Guarantee compliance with security standards for applications and systems within cloud environments, including AWS, Azure, and Google Cloud.
• Direct the security program for applications and systems, adhering to established guidelines such as MARS-E, NIST, and HIPAA.
• Collaborate with Operations & Maintenance (O&M) and Infrastructure teams to ensure software remains current and aligned with Information Security policies.
• Partner with development teams to fulfill security requirements while minimizing project disruptions.
• Work alongside colleagues to deploy automated Disaster Recovery solutions, encompassing alert systems, notifications, data backups, and recovery processes.
• Assist in the establishment of security event logging and monitoring frameworks.
• Conduct internal evaluations of security controls to ensure compliance with applicable regulations and technical criteria.
• Monitor and track remediation efforts for audit observations via Plans of Actions and Milestones (POA&Ms) and Corrective Action Plans (CAPs).
• Ensure the implementation of essential security measures to protect sensitive data and infrastructure.
  
  

Required Skills

• Extensive experience in security operations, including logging, monitoring, and incident management.
• Proficiency in risk management and vulnerability assessments based on NIST 800-53, HIPAA, SSA, and IRS Pub 1075 guidelines.
• Expertise in ensuring security compliance within cloud environment frameworks (AWS, Azure, Google Cloud).
• Ability to serve as a comprehensive resource for compliance requirements pertaining to CMS and state regulations.
  
  

Qualifications

• A minimum of 5 years in IT security or a similar domain.
• At least 5 years of experience ensuring security compliance for cloud applications.
• 5 years of experience in updating and maintaining system security plans.
• Extensive experience supporting infrastructure services, with a thorough understanding of NIST 800-53.
• Demonstrated experience in conducting security engineering reviews and providing strategic recommendations.
• Familiarity with Agile methodologies and working in expansive, cross-functional teams.
• Strong comprehension of security architecture, along with knowledge of frameworks such as TOGAF and MITA.
• Proven experience in risk management, vulnerability assessments, and security compliance documentation.
• Experience in evaluating RFPs, MOUs, and disaster recovery plans for security criteria.
  
  

Career Growth Opportunities

This role presents a remarkable opportunity for professional advancement within the dynamic field of IT security and compliance. The successful candidate will have the chance to grow their expertise in a collaborative environment and potentially pursue higher roles in security management.

Company Culture And Values

Join a company that values innovation, collaboration, and diversity. We are committed to fostering a workplace that promotes professional growth and a supportive community for all employees.

Networking And Professional Opportunities

Engage with a network of skilled professionals in IT security and collaborate on projects that will enhance your expertise and career trajectory.

Compensation And Benefits

We offer a competitive salary commensurate with experience, along with a comprehensive benefits package including health, dental, and vision insurance. Opportunities for continuous learning and professional development are also integral to our organizational culture.

Employment Type: Full-Time