Ready2Work Staffing

<< Back to Jobs

NC DHHS Security Specialist - Junior

Research Triangle Park/Durham, North Carolina | Contract | Sep 13, 2022
Salary Type
Hourly
Job Function
Information Technology
Employment Type
Contract
Experience Level
3-5 Years
Min. Education
BA/BS/Undergraduate

Job Description

Short Description:

The NC DHHS Privacy and Security Office (PSO) requires the services of a junior level IT Security Specialist to manage, assist and assess NCFAST compliance with CMS, USDA, ACF, North Carolina and DHHS requirements.

Complete Description:

The NC Department of Health and Human Services seeks a junior level IT Security Specialist to manage, assist and assess NCFAST compliance with CMS, USDA, ACF, State of NC and DHHS requirements. This resource must identify the risks and assist in the development of mitigation strategies, and to establish the privacy and security architecture using on prem and cloud infrastructures. Duties include developing familiarity with the security best practices in the cloud (AWS, Azure, GCP,Oracle etc.), reviewing the Business Continuity Plan and Disaster Recovery Testing documents, researching Best Practices for reuse,and applying Federal rules, State IT Security, DHHS Privacy and Security policies and industry standards. This role must be familiar with the tools and frame works to support the Agile development process using DevSecOps and practice good analytical and creative problem solving skills to resolve day to day privacy and security incidents.

Job Requirements

Required / Desired Skills

Skill Required / Desired

Amount of Experience

Experience with risk management to identify gaps through risk management and assisting the development team in implementing mitigation strategies. Required 3 Years

Experience in NIST 800-53 and HIPAA assessment. Required 3 Years

Experience in implementing DevSecOps tools such as Fortify, CheckMarx, Contrast, Imperva. Required 3 Years

Experience in implementing the best practices for vulnerability manament using Qualys and Nessus. Required 3 Years

Hands-on experience conducting penetration testing on enterprise web applications using tools such as Burp Suite, Metasploit, Webinspect etc. Required 3 Years

Familiarity with privacy and security and best practices for deploying the the work loads on AWS, GCP and AZURE cloud platforms. Desired 3 Years

Familiarity with SOC2 Type 2, HITRUST and MARSE Desired 3 Years

Excellent written English and oral communications skills Required