14 Nov
NCDHHS PSO - Security Assessment Director #667211
Vacancy expired!
Job Number: 667211Closing Date: 11/03/2021Category: NCDHHS PSO - Security Assessment DirectorStart Date: 11/01/2021End Date: 03/07/2022
Description:NC DHHS seeks a Security Assessment Director to support COVID related activities.Must be able to demonstrate excellent program management, negotiation, communication and problem-solving skills. Responsible for working with both senior-level business executives and IT personnel to define and execute program requirements and manage stakeholder expectations. Strategically plan and manage initiatives consisting of program components that meet Departmental, State and other stakeholder expectations. Responsible for the leadership, direction and oversight of the project team(s) and of all vendor related activities tied to the program. Report to Sr. Executive Management. Authorize and manage internal and external relationships (agency, Federal, vendor, and other State agencies) and dependencies across initiative components to ensure successful delivery of the program. Responsible for establishing and executing adequate project management controls based on industry accepted methodologies and standards. These controls include the responsibility to monitor and control cost, schedule, performance and risk; to ensure quality and security; overall integration and issues resolution and to perform administrative functions. • Experience in performing the security assessments using NIST 800-53 r4 security controls.• Experience in implementing the controls for HIPAA Privacy & Security compliance.• Experience in reviewing the Soc2 Type2, FedRamp, HITRUST compliance reports• Proficient in using the vulnerability management tools and remediating those identified vulnerabilities. • Experience in performing the network, web and database security assessments.• Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of the web applications.• Experience in performing penetration testing on the web applications deployed on the cloud platform.• Knowledge of cloud native security services provided by the AWS/Azure/Google Cloud Platform cloud platforms.CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/Google Cloud PlatformRequired/Desired Skills:Required - CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/Google Cloud Platform)Required - 5yrs - Performing the security assessments using NIST 800-53 r4 security controlRequired - 3yrs - HIPAA Privacy & Security complianceRequired - 3yrs - Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reportsRequired - Knowledge of cloud native security services provided by the AWS/Azure/Google Cloud Platform cloud platformsRequired - Experience in performing the network, web and database security assessments.Required - Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applicationsRequired - Experience in performing penetration testing on the web applications deployed on the cloud platformVacancy expired!