Vacancy expired!
Role: PSO - Security Assessment Director (667211) Duration: 4 Months+Location: Dix Campus, Raleigh, NC Interview Mode: Either Webcam Interview or In PersonType: ContractStart Date: Immediate DHHS seeks a Security Assessment Director to support COVID related activities.Must be able to demonstrate excellent program management, negotiation, communication and problem-solving skills. Responsible for working with both senior-level business executives and IT personnel to define and execute program requirements and manage stakeholder expectations. Strategically plan and manage initiatives consisting of program components that meet Departmental, State and other stakeholder expectations. Responsible for the leadership, direction and oversight of the project team(s) and of all vendor related activities tied to the program. Report to Sr. Executive Management. Authorize and manage internal and external relationships (agency, Federal, vendor, and other State agencies) and dependencies across initiative components to ensure successful delivery of the program. Responsible for establishing and executing adequate project management controls based on industry accepted methodologies and standards. These controls include the responsibility to monitor and control cost, schedule, performance and risk; to ensure quality and security; overall integration and issues resolution and to perform administrative functions.- Experience in performing the security assessments using NIST 800-53 r4 security controls.
- Experience in implementing the controls for HIPAA Privacy & Security compliance.
- Experience in reviewing the Soc2 Type2, FedRamp, HITRUST compliance reports
- Proficient in using the vulnerability management tools and remediating those identified vulnerabilities.
- Experience in performing the network, web and database security assessments.
- Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of the web applications.
- Experience in performing penetration testing on the web applications deployed on the cloud platform.
- Knowledge of cloud native security services provided by the AWS/Azure/Google Cloud Platform cloud platforms.
CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/Google Cloud Platform) Required SkillsCISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/Google Cloud Platform) RequiredPerforming the security assessments using NIST 800-53 r4 security controlP Required 5 YearsHIPAA Privacy & Security compliance Required 3 YearsExperience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports Required 3 YearsKnowledge of cloud native security services provided by the AWS/Azure/Google Cloud Platform cloud platforms RequiredExperience in performing the network, web and database security assessments. RequiredFamiliar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications RequiredExperience in performing penetration testing on the web applications deployed on the cloud platform Required