Senior Systems Security Specialist (Hybrid)

Job Title: Senior Systems Security Specialist (Hybrid)
Duration: 3 Years
Location: Baltimore MD

Note: The candidate must be flexible to work overtime as needed including weekends holidays and off-hours.

Job Description:

The client seeks Senior Systems Security Specialists to plan design develop administer monitor and govern various security policies controls and systems for the client and other systems.

Duties / Responsibilities

• Develop and implement cloud security controls cloud-based processes and tools and cloud security task automation.
• Perform security assessments working closely with DevOps and Developer teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely.
• Continuously monitor the client and ancillary systems not limited to cloud security operations responding to security issues and escalating as necessary.
• Conduct security impact analysis of controls on proposed system changes.
• Conduct cloud security assessments and Penetration testing.
• Perform Incident Response and Forensics evaluation using security information and event management (SIEM) tools.
• Ensure that the MHBE system security requirements are addressed during all phases of the system development life cycle.
• Review and update systems security documentation and artifacts such as Systems Security Plan Information Security Risk Assessment Privacy Impact Assessment Systems Security Report Correction Action Plan Plan of Action & Milestones (POA&M).
• Create and track POA&M requirements for resolving security findings.
• Administer cloud-based and physical firewalls.
• Deploy and administer Identity and Access Management products in various operating systems.
• Perform monitoring and operations of Identity and Access Management implementation.
• Design enhancements in Identity and Access Management products ForgeRock and SailPoint.
• Maintain monitor and provide operational support for IAM products computer programs systems and other security technologies and revise system design and quality standards.
• Make changes to IAM and underline applications for enhancing enterprise security and ensure safe and secure operation to enable access to our systems for our employees contractors consumers and stakeholders.
• Perform Security Incident Response and Forensics evaluation using security information and event management (SIEM) tools.
• Provide operational support for other security technologies.
• Perform account/access management with IAM and other security tools.
• Adhere to all security change control and client Project Management Office (PMO) policies processes and methodologies.

Minimum Qualifications

• A minimum of eight (8) years of experience analyzing defining deploying monitoring and administering security requirements and controls for large and mission-critical IT systems.
• A minimum of five (5) years performing day-to-day security operations functions including administration troubleshooting and resolution of various security components.
• A minimum of four (4) years of hands-on experience in performing cloud security functions.
• A minimum of four (4) years of experience in defining computer security requirements for high-level applications and evaluating approved security product capabilities.
• A minimum of four (4) years of demonstrated production experience using AWS Cloud supporting security operations.
• A minimum of four (4) years of experience with administering security for Windows and Linux operating systems.
• Experience in performing Security Incident Response and Forensics evaluation with SIEM tools.
• Working knowledge of AWS security features such as Security Groups Network Access Control List Firewall WAF Guard Duty Macie CloudTrail CloudWatch Control Tower etc.
• Experience with assessment and evaluation of information systems to recommend changes and mitigate threats risks and vulnerabilities.
• Demonstrated ability to perform scheduled maintenance activities such as patching performance tuning and backups.
• Demonstrated ability to perform user provisioning and de-provisioning activities.
• Experience in monitoring the security infrastructure for operational effectiveness.

Preferred Qualifications

• A minimum of five (5) years of experience implementing administering and monitoring Security Controls and Governance for public-facing complex IT systems.
• A minimum of five (5) years of specialized experience in defining computer security requirements for high-level applications evaluating approved security product capabilities and developing solutions to multilevel security problems.
• A minimum of five (5) years of hands-on experience providing operational support for ForgeRock and Sailpoint IAM products.
• A minimum of five (5) years of experience with the assessment and evaluation of information systems to recommend changes and mitigate threats risks and vulnerabilities.
• A minimum of five (5) years of experience conducting Incident Response testing to evaluate processes for detection response and reporting of security incidents.
• A minimum of three (3) years of hands-on experience designing developing deploying and administering security policies for health insurance marketplaces or complex health and human services systems.
• Experience configuring ForgeRock to enable single sign-on with different applications and implementing password sync across all internal applications.
• Experience with configuration and administration of SailPoint and performing tasks such as designing an organizational tree structure and creating provisioning and de-provisioning policies.
• Experience implementing ID policies password policies access control lists (ACL) reconciliation service definition the configuration of remote resources workflows password synchronization reconciliation schedules and life cycle management.
• Experience in providing detailed configuration and administration for programs such as ACL configuration Group Management and configuration management.
• Hands-on experience with troubleshooting investigating operational problems and providing workarounds resolutions and remediations.
• Experience developing IT Security roadmaps and execution plans.
• Demonstrated technical knowledge of command line utilities running on various platforms including Linux and MS Windows.
• Experience with implementation of integration solutions between IAM system and user account repositories such as Active Directory LDAP and Databases.
• Experience with Java JavaScript and shell scripts.
• Experience assisting organizations meeting NIST SP 800-37 NIST 800-53 IRS Publication 1075 and MARS-e 2.0 requirements.
• Experience with conducting vulnerability management and penetration testing efforts.
• Experience in configuring and reviewing ASA and/or Fortinet firewalls.
• Possess one or more security certifications such as CISSP ISO CSA STAR Cloud Security Advisor CCSE QCS CNA VCP or equivalent.
• Experience working with the Project Management Office (PMO) processes policies and procedures.

Education

• Bachelor s degree from an accredited college or university in Engineering Computer Science Information Systems Business or other related disciplines.