We are looking for Senior Information Security Engineer for our client in Denver, CO
Job Title: Senior Information Security Engineer
Job Location: Denver, CO
Job Type: Contract 12 Months
- A senior information security engineer does the same technical work as an information security engineer, but has more experience and certification in their field.
- Engineers at this level will take on information security work that involves a high level of management and communications skill as well as a high level of skill in their specialty.
- They must be able to work effectively with broad direction in situations that may not be well defined.
- People at this level may work with technical, administrative or physical security controls or investigations, or may be involved in developing and implementing security projects, policies, standards or business processes.
Primary job duties include the following:
- Address securityrisk assessment findings and recommendations for two key systems, Benefits Management System (hosted in AWS and Salesforce) and PEAK (Salesforce)
- Work with the state security team on addressing compliance as well as building the on-going security program to govern risk and compliance.
- Work with vendor security and development staff on controls and procedures to align with policies.
- Interact with the agency program staff on securityreporting and security plan maintenance.
Additional Secondary Duties include the following:
- Assist the state with updatingprocesses and procedures in support of security plans for Federal Agencies (Social Security Administration, CMS and IRS)
- Provide recommendations for software and hardware configurations to supportsecurity standards and setting up a HW/SW asset license management system.
- Participate in the definition and implementation of projects to upgrade the systems and infrastructure to comply with revised standards for security and privacy, including MARS E v 2.0 for CMS and publication 1075 for IRS and management of FTI data
- Recommend changes to the process for planning and validating the application of patches
- Clear Communicator (written and verbal)
- Experienced with using common business applications; such as, Google Docs, Microsoft Office (Word, Excel), Microsoft Project
- Strong analytical and research skills using the Internet and other tools
- Strong verbal communication skills & ability to facilitate a planning session or meeting
- Understanding of data governance, including the security requirements for PII, FTI, and PHI.
- Must be able to work independently and be proactive in reaching for information
- Must be comfortable in an environment with change and many concurrent projects
- Understanding of a government environment and data governance
- Experience in the application of commonly accepted concepts and practices specific to the secure design and development of technical documents
- Salesforce and AWS hosting
- Secure code scanning tool