NCDHHS- PSO IT Security Specialist st

Title NCDHHS- PSO IT Security Specialist st Location Raleigh, NC (Remote) Duration 8 Months Interview Type Either Webcam Interview or In Person Job Type C2C,W2     Job Description  

NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Architect to assist Child Welfare Information System (CWIS).

• NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Architecture to assist and assess the CWIS.
• Strong understanding of security principles, including secure coding practices, vulnerability management, threat modeling, and risk assessment.
• Strong experience with containerization technologies such as Docker and container orchestration tools like Kubernetes (Redhat OpenShift preferred).
• Demonstrable experience on securing containerized environments and integrate security into container workflows.
• Understanding of regulatory compliance requirements (e.g., HIPAA, PCI DSS) and experience implementing controls to meet these requirements.
• In addition to these technical skills and experiences possessing relevant certifications such as certified Ethical Hacker (CEH), or AWS Certified Security Specialty in security and DevOps practices.
• Knowledgeable of OSI networking model.
• Hands-on experience with design and configuration of network security on layer 3, 4, and 7. Application of these in a data center environment is highly desired.

 

Skill Required / Desired Amount of Experience Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies. Required 7 Years Experience documenting vulnerability assessment results in a accurate, clear, actionable, and available way to appropriate personnel Required 7 Years Strong understanding of security principles, including secure coding practices, vulnerability management, threat modeling, and risk assessment. Required 6 Years Expertise in using Copado for Salesforce deployment automation and release management Required 6 Years Knowledge of common security frameworks such as OWASP Top 10 and CIS Benchmarks. Required 6 Years Experience using GitHub Actions for CI/CD pipelines and GitHub Security features like code scanning and secret scanning. Required 6 Years Understanding of regulatory compliance requirements (e.g., HIPAA, PCI DSS) and experience implementing controls to meet these requirements. Required 6 Years Industrial experience w/ DevSecOps concept such as static code analysis, dependency bot, and container hardening. Experience with integration of these Required 6 Years Knowledgeable of OSI networking model. Hands-on experience with design and configuration of network security on layer 3, 4, and 7. Application of thes Required 6 Years