Senior Security Analyst

Mathematica Policy Research   •  

Woodlawn, MD

Industry: Information Technology


5 - 7 years

Posted 76 days ago

This job is no longer available.

Position Description:

Mathematica Policy Research is dedicated to improving public well-being by bringing the highest standards of quality, objectivity, and excellence to bear on information and analysis for our partners and clients. The company has been at the forefront of design and assessment of public policies and programs since 1968. Our analytic solutions have yielded actionable information to guide decisions in wide-ranging policy areas, from health, education, early childhood, and family support to nutrition, employment, disability, and international development. As one of the foremost public policy research organizations in the United States, Mathematica Policy Research is a leader health care research, quality measures, and performance improvement services to federal agencies.

Currently, Mathematica is seeking a Senior Security Analyst to be based in our Woodlawn, MD or Washington, DC office, who will apply their expertise in delivering security and privacy program analysis and client security services. The Senior Security Analyst will serve as a security subject matter expert for clients such as agencies in the U.S. Department of Health and Human Services and commercial health organizations. This role will lead execution of client requirements, including advising project and technology teams on government and industry standards and best practices for securing data and applications in on-premises, cloud and hybrid deployments. The Senior Security Analyst will partner with project leadership to develop security solutions that align with client security and privacy standards, and recommend procedures and specific tools to enhance project and application security.

Position Requirements:

  • Six+ years of experience in information security and privacy analysis and compliance for on-premises, cloud, and hybrid delivery models. Federal government securityexperience a plus.
  • Develop and maintain business and technical security and privacy related solutions to align with prevailing security and privacy standards, guidelines, and best practices that promote compliance with contractual, FISMA/FedRAMP, NIST and HIPAA requirements.
  • Prepare client and corporate security assessment and authorization documentation such as security plans, risk assessment and security control testing reports, contingency plans, and responses to third-party questionnaires and audits.
  • Execute security and privacy related client area- and project-specific tasks and deliverables, including management of access to client systems and data, and coordinating ongoing security monitoring.
  • Partner with project and IT leadership to communicate and negotiate security-related matters with clients and partners, including CMS, SSA, large federal IT integrators, and states.
  • Lead and coordinate on-premises and cloud solution securityrisk, compliance and vulnerability assessments, communicate findings to
  • IT leadership, and recommend solutions to correct deficiencies.
  • Contribute to business development tasks such as analyzing and preparing written responses to requests for proposals, budgeting and scheduling security tasks, and ensuring security requirements are incorporated into proposed technical solutions.
  • Review and contribute to security and privacy specifications in contracts, data sharing agreements and HIPAA business associate agreements.
  • Develop, operationalize and standardize Health security business processes and procedures.
  • Excellent tactful and diplomatic communication and interpersonal skills, with the ability to convey complex security and privacy concepts to varied audiences in verbal and written formats.
  • Collaborative mindset to work within in a highly matrixed organization as a security SME among other analysts and technologists.
  • Demonstrated ability to team with and partner as needed across business units.
  • Strong organizational and project management skills. Ability to work in a fast-paced, multidisciplinary setting, and shift priorities as demanded by business needs
  • Customer service and sense of urgency orientation in execution of job responsibilities.
  • Willingness and ability to share knowledge with development teams and mentor individuals in ad hoc and formalized formats.

Education and certification

  • Bachelor's degree in computer science, cybersecurity, business or other relevant discipline. Will consider a combination of education and skills developed through progressively responsible positions in consulting, technology or security compliance roles.
  • CISSP, CAP, CISM or other relevant security industry certification required.
  • Amazon Web Services and/or other cloud security certification desirable.

To apply, please submit a cover letter, resume, writing sample based on recent and relevant work, and salary expectations. We offer our employees a stimulating, team-oriented work environment, competitive salaries, a comprehensive benefits package, and the advantages of employee ownership.

Various federal agencies and commercial entities with which we contract require that staff successfully undergo a public trust background investigation or security clearance as a condition of working on the project. If you are assigned to such a project, you will be required to obtain the requisite security clearance.

Available Locations: Woodlawn, MD; Washington, DC

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

Job ID 918-2