Job summary:


Title:
Junior Security Analyst

Location:
Raleigh, NC, United States

Length and terms:
Long term - W2 or C2C


Position created on 09/13/2022 01:30 pm

Job description:


Interview Type: Skype *** Very long term project initial PO for 1 year, expect to go for 4+ years *** Remote during covid then onsite

Complete Description:

The NC Department of Health and Human Services seeks a junior level IT Security Specialist to manage, assist and  assess NCFAST compliance with CMS, USDA, ACF, State of NC and DHHS requirements. This resource must identify the risks and assist in the development of mitigation strategies, and to establish the privacy and security architecture using on prem and cloud infrastructures.  Duties include developing familiarity with the security best practices in the cloud (AWS, Azure, GCP,Oracle etc.), reviewing the Business Continuity Plan and Disaster Recovery Testing documents, researching Best Practices for reuse,and applying Federal rules, State IT Security, DHHS Privacy and Security policies and industry standards. This role must be familiar with the tools and frame works to support the Agile development process using DevSecOps and practice good analytical and creative problem solving skills to resolve day to day privacy and security incidents.    

Required Skills:

  • Experience with risk management to identify gaps through risk management and assisting the development team in implementing mitigation strategies. 3 Years
  • Experience in NIST 800 53 and HIPAA assessment. 3 Years
  • Experience in implementing DevSecOps tools such as Fortify, CheckMarx, Contrast, Imperva. 3 Years
  • Experience in implementing the best practices for vulnerability manament using Qualys and Nessus. 3 Years
  • Hands on experience conducting penetration testing on enterprise web applications using tools such as Burp Suite, Metasploit, Webinspect etc. 3 Years
  • Excellent written English and oral communications skills

Desired Skills:

  • Familiarity with privacy and security and best practices for deploying the the work loads on AWS, GCP and AZURE cloud platforms. 3 Years
  • Familiarity with SOC2 Type 2, HITRUST and MARSE 3 Years

 

Contact the recruiter working on this position:



The recruiter working on this position is Nadeem Ahmed Razvi(Shaji Team)
His/her contact number is +(1) (202) 7381674
His/her contact email is nadeem@msysinc.com

Our recruiters will be more than happy to help you to get this contract.