We are looking for Senior Privacy and Security Consultant for our client in Raleigh, NC
Job Title: Senior Privacy and Security Consultant
Job Location: Raleigh, NC
Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire
- Client is requiring services of an IT SecurityArchitecture to assist and assess the Medicaid Enterprise System (Medicaid Reform) and review CMS requirements for the project.
- In addition this resource must also review the RFP, MOU and MOA for privacy, security and audit requirements.
- This resource must identify the risks and assist in the development of mitigation strategies, and to establish the target security/infrastructurearchitecture.
Duties include, are not limited to:
- Author corresponding requirements, including definition of dependencies on infrastructure consolidation efforts.
- Define Security/Information Assurance requirements (and dependencies).
- Specify key architectural aspects of the architecture view, and identify other aspects that need definition.
- Research Best Practices for reuse, applying State IT Security and industry standards, and defining the transformation approach that transitions the current architecture to the target architecture.
- The ideal candidate will have experienceworking with current and emerging information security technologies and development methodologies.
- Bachelor?s degree in computer science, management information systems, or related field preferred.
- Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected.
- Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.
- Experience updating privacy and security policies based on gaps found through an assessment process.
- Experience documenting vulnerability assessment results in a accurate, clear, actionable, and available way to appropriate personnel
- Must be able to review & assess MES systems throughout all phases of their life cycle in an effort to identify Privacy, SecurityArchitecture
- Must be able to serve as a knowledge base for organizations as it relates to CMS and state compliance requirements & mitigation strategies.
- Experience Performing risk assessments based on NIST 800-53 Rev 4. HIPAA,SSA and IRS Pub 1075.
- Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.
- Experience in reviewing RFP, RFQ, MOU and MOA for privacy and securityarchitecture requiremetns