February 14, 2019
Senior Information Security Engineer
About The Opportunity
A senior information security engineer does the same technical work as an information security engineer, but has more experience and certification in their field.
- A senior information security engineer does the same technical work as an information security engineer, but has more experience and certification in their field. Engineers at this level will take on information security work that involves a high level of management and communications skill as well as a high level of skill in their specialty. They must be able to work effectively with broad direction in situations that may not be well defined. People at this level may work with technical, administrative or physical security controls or investigations, or may be involved in developing and implementing security projects, policies, standards or business processes.
- The seeking an experienced security, risk and compliance professional to identify and define technical and security related projects that support the operation and maintenance of the Colorado Benefits Management System, PEAK and associated systems. There is a potential opportunity to move into a permanent state position as a security engineer/analyst.
- Address security risk assessment findings and recommendations for two key systems, Colorado Benefits Management System (hosted in AWS and Salesforce) and PEAK (Salesforce)
- Work with the state security team on addressing compliance as well as building the on-going security program to govern risk and compliance.
- Work with vendor security and development staff on controls and procedures to align with policies.
- Interact with the agency program staff on security reporting and security plan maintenance.
- Assist the state with updating processes and procedures in support of security plans for Federal Agencies (Social Security Administration, CMS and IRS)
- Provide recommendations for software and hardware configurations to support security standards and setting up a HW/SW asset license management system.
- Participate in the definition and implementation of projects to upgrade the systems and infrastructure to comply with revised standards for security and privacy, including MARS E v 2.0 for CMS and publication 1075 for IRS and management of FTI data
- Recommend changes to the process for planning and validating the application of patches
- Clear Communicator (written and verbal)
- Experienced with using common business applications; such as, Google Docs, Microsoft Office (Word, Excel), Microsoft Project
- Strong analytical and research skills using the Internet and other tools
- Strong verbal communication skills & ability to facilitate a planning session or meeting
- Understanding of data governance, including the security requirements for PII, FTI, and PHI.
- Must be able to work independently and be proactive in reaching for information
- Must be comfortable in an environment with change and many concurrent projects
- Understanding of a government environment and data governance
- Experience in the application of commonly accepted concepts and practices specific to the secure design and development of technical documents
- Salesforce and AWS hosting
- Secure code scanning tool
3 + Months
Please Contact me to discuss the hiring process!
Sr. Executive Recruiter
Contact: (310) 929-8421 Ext: 108
Hi! My name is Harmanpreet Singh. I love to work with people and help them find their dream job. I work with my consultants to understand their niche area of work and look for the best match for them. I feel that keeping in mind the priorities of my consultants help me to serve them better. Additionally, I always keep them posted about new relevant jobs which help me to build a connection with them not only professionally but at a personal level as well.