SR Systems Security Analyst (Closed)
Our client is looking for a SR Systems Security Analyst w/ CCDE or CCIE (either Routing and Switching or Security specialty) in Jacksonville, FL:
Job Duties:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This list of essential job functions is not exhaustive and may be supplemented as necessary. (To be included on all templates)
•Automate mechanisms to provide adequate control and auditing capabilities for assets. Assure proper security controls are activated for new technologies.
•Assure compliance with corporate policies, standards, CMS Core Security Requirements and HIPAA-AS rules and regulations.
•Plan, coordinate and implement the security reporting for CMS directed external audits, internal audits, information systems to prevent unauthorized modification, destruction, or disclosure of information in support of the Medicare fee-for-service business.
•Assure access privileges are standard based on job functions. Experience with security software products and security access administration.
•Demonstrated ability to learn new technologies and applications.
•Business skills in customer service, proficiency in handling internal and external audit support, specialized knowledge of CMS regulations and requirements, excellent problem solving skills and verbal and written skills.
•Provide oversight for ensuring all security related policies, procedures and desktop procedures are adhered to by all employees supporting subsidiaries and business partners.
•Job requires a high degree of confidentiality.
•Responsible for the timely and high quality completion of project deliverables.
•Assist with system security and auditing activities in support of the Systems Security Officer.
•Interact with Internal Audit and the Compliance Officer, and IT Security.
•Ensure compliance with regulatory and contractual access controls.
•Provide leadership to the Systems Security staff.
•Participate in the ongoing review of security controls and processes to ensure efficiency and compliance with all applicable CMS Core Security Requirements, HIPAA security requirements, and other effective system security measures.
•Assist management in preparing and leading Corrective Action Plans to ensure compliance with CMS Core Security Requirements, HIPAA security requirements, and to address internal and external audit findings.
•Develop and Revise System Security Policies and Procedures as necessary to ensure effective compliance with CMS requirements and to enhance internal controls.
•Review compliance of all operational components with CMS Core Security Requirements.
•Participate in business planning workgroups.
•Ensure IT systems security requirements are included in the handling, processing, and analyzing of Medicare data.
•Perform security control measures to ensure the granting of direct data access authorizations rights are in compliance with CMS Core Security Requirements, HIPAA security requirements, and other effective system security guidelines.
•Responsible for the review, research, monitoring, logging, and recertification of individuals with direct data access authorizations for appropriateness and separation of duty principles.
•Assist and serve as Back-up Security Administrator for the Government Accounting System (G.A.S.) – Deltek Costpoint, Deltek T&E, and ADP with full security administrative rights.
•Access production datasets to conduct periodic reviews of access control reports to support information system account management functions.
•This resource is responsible for building and managing repositories for various System Configuration Management documents such as SOPs and Departmental Policies. This resource is technical enough to identify weaknesses or gaps in submitted documentation.
•Supports and Coordinates the IT DISA Pro Active Audit Model
•Coordinates with IT Administrators to ensure Inventory remediation steps occur timely.
•Coordinates with IT Security personnel across the organization to ensure proper and meaningful interpretation of DISA STIG Regulations.
•Implements and directs mock DISA STIG Compliance and Vulnerability Audits.
•Servers as primary on-point support person during active CMS audits.
•Ensures that all IT Platform teams maintain updated compliance and vulnerability standard, documentation and policies.
•Oversees the health of the Inventory Management and Compliance and Vulnerability systems.
•Responsible for communicating to all levels of management.
•Crates and maintains reports associated with the Inventory and Scanning systems.
Partner with IT technical staff and Business Sponsor to ensure the design accomplishes both business and technical requirements
•Accountable for managing and monitoring project performance of multiple projects with one or more internal and external dependencies, multiple scopes, including: providing guidance to the management and core team Identifies items / issues that jeopardize the cost, quality or timeliness of project deliverables.
•Identifies, negotiates, communicates and manages project changes. Reports status of project, including project risks, to customers, project team, supervisor, Project Offices, governance and other key staff
•Oversee product documentation and archiving. Adheres to the Project Management standards for project closure.
•Responsible for managing external and vendor relationships (including the SOW and managing to implementation deliverables and schedules)
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This list of essential job functions is not exhaustive and may be supplemented as necessary. (To be included on all templates)
•Automate mechanisms to provide adequate control and auditing capabilities for assets. Assure proper security controls are activated for new technologies.
•Assure compliance with corporate policies, standards, CMS Core Security Requirements and HIPAA-AS rules and regulations.
•Plan, coordinate and implement the security reporting for CMS directed external audits, internal audits, information systems to prevent unauthorized modification, destruction, or disclosure of information in support of the Medicare fee-for-service business.
•Assure access privileges are standard based on job functions. Experience with security software products and security access administration.
•Demonstrated ability to learn new technologies and applications.
•Business skills in customer service, proficiency in handling internal and external audit support, specialized knowledge of CMS regulations and requirements, excellent problem solving skills and verbal and written skills.
•Provide oversight for ensuring all security related policies, procedures and desktop procedures are adhered to by all employees supporting subsidiaries and business partners.
•Job requires a high degree of confidentiality.
•Responsible for the timely and high quality completion of project deliverables.
•Assist with system security and auditing activities in support of the Systems Security Officer.
•Interact with Internal Audit and the Compliance Officer, and IT Security.
•Ensure compliance with regulatory and contractual access controls.
•Provide leadership to the Systems Security staff.
•Participate in the ongoing review of security controls and processes to ensure efficiency and compliance with all applicable CMS Core Security Requirements, HIPAA security requirements, and other effective system security measures.
•Assist management in preparing and leading Corrective Action Plans to ensure compliance with CMS Core Security Requirements, HIPAA security requirements, and to address internal and external audit findings.
•Develop and Revise System Security Policies and Procedures as necessary to ensure effective compliance with CMS requirements and to enhance internal controls.
•Review compliance of all operational components with CMS Core Security Requirements.
•Participate in business planning workgroups.
•Ensure IT systems security requirements are included in the handling, processing, and analyzing of Medicare data.
•Perform security control measures to ensure the granting of direct data access authorizations rights are in compliance with CMS Core Security Requirements, HIPAA security requirements, and other effective system security guidelines.
•Responsible for the review, research, monitoring, logging, and recertification of individuals with direct data access authorizations for appropriateness and separation of duty principles.
•Assist and serve as Back-up Security Administrator for the Government Accounting System (G.A.S.) – Deltek Costpoint, Deltek T&E, and ADP with full security administrative rights.
•Access production datasets to conduct periodic reviews of access control reports to support information system account management functions.
•This resource is responsible for building and managing repositories for various System Configuration Management documents such as SOPs and Departmental Policies. This resource is technical enough to identify weaknesses or gaps in submitted documentation.
•Supports and Coordinates the IT DISA Pro Active Audit Model
•Coordinates with IT Administrators to ensure Inventory remediation steps occur timely.
•Coordinates with IT Security personnel across the organization to ensure proper and meaningful interpretation of DISA STIG Regulations.
•Implements and directs mock DISA STIG Compliance and Vulnerability Audits.
•Servers as primary on-point support person during active CMS audits.
•Ensures that all IT Platform teams maintain updated compliance and vulnerability standard, documentation and policies.
•Oversees the health of the Inventory Management and Compliance and Vulnerability systems.
•Responsible for communicating to all levels of management.
•Crates and maintains reports associated with the Inventory and Scanning systems.
Partner with IT technical staff and Business Sponsor to ensure the design accomplishes both business and technical requirements
•Accountable for managing and monitoring project performance of multiple projects with one or more internal and external dependencies, multiple scopes, including: providing guidance to the management and core team Identifies items / issues that jeopardize the cost, quality or timeliness of project deliverables.
•Identifies, negotiates, communicates and manages project changes. Reports status of project, including project risks, to customers, project team, supervisor, Project Offices, governance and other key staff
•Oversee product documentation and archiving. Adheres to the Project Management standards for project closure.
•Responsible for managing external and vendor relationships (including the SOW and managing to implementation deliverables and schedules)
Performs other duties as the supervisor may, from time to time, deem necessary. (To be included on all templates).
•This resource is responsible for building and managing repositories for various System Configuration Management documents such as SOPs and Departmental Policies. This resource is technical enough to identify weaknesses or gaps in submitted documentation.
•Supports and Coordinates the IT DISA Pro Active Audit Model
•Coordinates with IT Administrators to ensure Inventory remediation steps occur timely.
•Coordinates with IT Security personnel across the organization to ensure proper and meaningful interpretation of DISA STIG Regulations.
•Implements and directs mock DISA STIG Compliance and Vulnerability Audits.
•Servers as primary on-point support person during active CMS audits.
•Ensures that all IT Platform teams maintain updated compliance and vulnerability standard, documentation and policies.
•Oversees the health of the Inventory Management and Compliance and Vulnerability systems.
•Responsible for communicating to all levels of management.
•Creates and maintains reports associated with the Inventory and Scanning systems.
•This resource is responsible for building and managing repositories for various System Configuration Management documents such as SOPs and Departmental Policies. This resource is technical enough to identify weaknesses or gaps in submitted documentation.
•Supports and Coordinates the IT DISA Pro Active Audit Model
•Coordinates with IT Administrators to ensure Inventory remediation steps occur timely.
•Coordinates with IT Security personnel across the organization to ensure proper and meaningful interpretation of DISA STIG Regulations.
•Implements and directs mock DISA STIG Compliance and Vulnerability Audits.
•Servers as primary on-point support person during active CMS audits.
•Ensures that all IT Platform teams maintain updated compliance and vulnerability standard, documentation and policies.
•Oversees the health of the Inventory Management and Compliance and Vulnerability systems.
•Responsible for communicating to all levels of management.
•Creates and maintains reports associated with the Inventory and Scanning systems.
Required Skills:
•Business Influence and Execution
•Collaboration and Relationship-Building
•Bachelor’s degree in Computer Science/ IT /Project Management or equivalent work experience
•5 years of broad applied project management experience in managing technology projects and leading technical staff.
•Solid knowledge and experience in various Project Management and Product Development concepts, methodologies and processes
•Must have a solid demonstrated proficiency in the use and/or understanding of project tracking and management tools such as MS Project (including project tracking, reports and outputs and SharePoint).
•Solid proficiency with capacity planning and project projections.
•Strong PC skills specifically utilizing the MS Office Suite products (e.g., MS Word, MS Excels
Preferred:
•Three to five years of relevant experience in information systems security, OR business continuity, OR Privacy
About SkillStorm: SkillStorm is the nation’s fastest-growing I.T. Services company. We have been providing technology consulting, outsourcing and staffing solutions since 2002. SkillStorm can provide you with the right tools to ensure you have the best technology team in place to fuel your organization’s continued success. SkillStorm works with scores of fine companies, including many that rank among the elite Fortune 500 and has been setting the standard for customer service in the industry since inception.
For more information, please visit us at www.skillstorm.com.