Security Assessment Director
DataStaff, Inc. is currently seeking a Security Assessment Director for a long-term contract opportunity with one of our direct clients in Raleigh, NC.
*This position is hybrid, onsite work will be required
Responsibilities:
- Manage and support the implementation of AWS Cloud infrastructure for multiple clients, including design, deployment, maintenance, and troubleshooting.
- Create detail technical documentation to support the security management of client’s cloud environments (e.g., network diagrams).
- Assist in developing privacy and security policies and procedures for new projects or enhancements to existing systems as well as providing guidance on best practices related to information technology security.
- Participate in regular status meetings with leaders and other stakeholders regarding current projects and future initiatives.
- Provide training to internal staff on topics such as Amazon Web Services (AWS) services, tools, etc.
- Create a cloud-based security platform that monitor and analyze data from multiple sources to identify potential threats
- Conduct penetration testing on the DHHS cloud infrastructure, identifying vulnerabilities in its security systems
- Develop an automated system for detecting anomalous behavior within the DHHS cloud environment using machine learning algorithms
- Conduct security assessments of web applications, networks, and systems to identify security vulnerabilities.
- Document findings and recommendations in security reports and presentations.
- Implement security controls to mitigate identified security risks.
- Conducted risk assessments to ensure compliance with NIST 800-53 frame work and HIPAA
- Design a comprehensive data loss prevention program that reduced sensitive information leakage
Knowledge and Skills:
- Experience in the healthcare industry
- Ability to secure cloud deployments and protect sensitive data.
- Adopt at working with senior management to develop and implement security strategy.
Required Skills:
- CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP)
- 5 Years – Performing the security assessments using NIST 800-53 r4 security controlP
- 3 Years – HIPAA Privacy & Security compliance
- 3 Years – Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports
- Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms
- Experience in performing the network, web and database security assessments.
- Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications
- Experience in performing penetration testing on the web applications deployed on the cloud platform
- Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.
This position is available on a corp-to-corp basis or as a W2 position with a competitive benefits package. DataStaff, Inc. offers medical, dental and vision coverage options as well as paid vacation, sick and holiday leave. As many of our opportunities are long-term, we also have a 401k program available for employees after 6 months