Senior Systems Security specialist
Job Title: Senior Systems Security Specialist Duration: 3 Months Location: Baltimore, MD 21202 Shift: 1 st shift Responsibilities: · Develop and implement cloud security controls, cloud-based processes and tools, and cloud security task automation. · Perform security assessments, working closely with DevOps and Developer teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely. · Continuously monitor the Health Benefit Exchange (HBX) and ancillary systems, not limited to cloud security operations, responding to security issues and escalating as necessary. · Conduct security impact analysis of controls on proposed system changes. · Conduct cloud security assessments and penetration testing. · Perform Incident Response and Forensics evaluation using security information and event management (SIEM) tools. · Ensure that the MHBE system security requirements are addressed during all phases of the system development life cycle. · Review and update systems security documentation and artifacts such as Systems Security Plan, Information Security Risk Assessment, Privacy Impact Assessment, Systems Security Report, Correction Action Plan, Plan of Action & Milestones (POA&M). · Create and track POA&M requirements for resolving security findings. · Administer cloud-based and physical firewalls. · Deploy and administer Identity and Access Management products in various operating systems. · Perform monitoring and operations of Identity and Access Management implementation. · Design enhancements in Identity and Access Management products ForgeRock and SailPoint. · Maintain, monitor, and provide operational support for IAM products, computer programs, systems, and other security technologies and revise system design and quality standards. · Make changes to IAM and underlying applications for enhancing enterprise security and ensure safe and secure operation to enable access to our systems for employees, contractors, consumers, and stakeholders. · Perform Security Incident Response and Forensics evaluation using SIEM tools. · Provide operational support for other security technologies. · Perform account/access management with IAM and other security tools. · Adhere to all security, change control, and MHBE Project Management Office (PMO) policies, processes, and methodologies. · Note: The candidate must be flexible to work overtime as needed, including weekends, holidays, and off-hours. Preferred Qualifications: · A minimum of five (5) years of experience implementing, administering, and monitoring Security Controls and Governance for public-facing complex IT systems. · A minimum of five (5) years of specialized experience in defining computer security requirements for high-level applications, evaluating approved security product capabilities, and developing solutions to multilevel security problems. · A minimum of five (5) years of hands-on experience providing operational support for ForgeRock and Sailpoint IAM products. · A minimum of five (5) years of experience with the assessment and evaluation of information systems to recommend changes and mitigate threats, risks, and vulnerabilities. · A minimum of five (5) years of experience conducting Incident Response testing to evaluate processes for detection, response, and reporting of security incidents. · A minimum of three (3) years of hands-on experience designing, developing, deploying, and administering security policies for health insurance marketplaces or complex health and human services systems. · Experience configuring ForgeRock to enable single sign-on with different applications and implementing password sync across all internal applications. · Experience with configuration and administration of SailPoint and performing tasks such as designing an organizational tree structure and creating provisioning and de-provisioning policies. · Experience implementing ID policies, password policies, access control lists (ACL), reconciliation, service definition, the configuration of remote resources, workflows, password synchronization, reconciliation schedules, and life cycle management. · Experience in providing detailed configuration and administration for programs such as ACL configuration, Group Management, and configuration management. · Hands-on experience with troubleshooting, investigating operational problems, and providing workarounds, resolutions, and remediations. · Experience developing IT Security roadmaps and execution plans. · Demonstrated technical knowledge of command line utilities running on various platforms, including Linux and MS Windows. · Experience with implementation of integration solutions between IAM system and user account repositories such as Active Directory, LDAP, and Databases. · Experience with Java, JavaScript, and shell scripts. · Experience assisting organizations meeting NIST SP 800-37, NIST 800-53, IRS Publication 1075, and MARS-e 2.0 requirements. · Experience with conducting vulnerability management and penetration testing efforts. · Experience in configuring and reviewing ASA and/or Fortinet firewalls. · Possess one or more security certifications such as CISSP, ISO, CSA STAR Cloud Security Advisor, CCSE, QCS, CNA, VCP, or equivalent. · Experience working with the Project Management Office (PMO) processes, policies, and procedures.
