Security Assessment Director - Military veterans preferred

Job Title: - Security Assessment Director
Location: Raleigh, NC
Duration: 11+ months

Description:

• Manage and support the implementation of AWS Cloud infrastructure for multiple clients, including design, deployment, maintenance, and troubleshooting.
• Create detail technical documentation to support the security management of client's cloud environments (e.g., network diagrams).
• Assist in developing privacy and security policies and procedures for new projects or enhancements to existing systems as well as providing guidance on best practices related to information technology security.
• Participate in regular status meetings with leaders and other stakeholders regarding current projects and future initiatives.
• Provide training to internal staff on topics such as Amazon Web Services (AWS) services, tools, etc..
• Create a cloudbased security platform that monitor and analyze data from multiple sources to identify potential threats
• Conduct penetration testing on the DHHS cloud infrastructure, identifying vulnerabilities in its security systems
• Develop an automated system for detecting anomalous behavior within the DHHS cloud environment using machine learning algorithms
• Conduct security assessments of web applications, networks, and systems to identify security vulnerabilities.
• Document findings and recommendations in security reports and presentations.
• Implement security controls to mitigate identified security risks.
• Conducted risk assessments to ensure compliance with NIST 800-53 frame work and HIPAA
• Design a comprehensive data loss prevention program that reduced sensitive information leakage
• Experience in performing penetration testing on the web applications deployed on the cloud platform.
• Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms. Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices. CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP

• CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP)
• Performing the security assessments using NIST 800-53 r4 security control
• HIPAA Privacy & Security compliance
• Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports
• Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms
• Experience in performing the network, web and database security assessments.
• Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications
• Experience in performing penetration testing on the web applications deployed on the cloud platform
• Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.