Security Analyst - Consultant

Overview

On Site
Hybrid
$80 - $90 hr
Contract - Independent
Contract - W2

Skills

IBM SYSTEM
ZSERIES
390
FISMA
HIPAA
NIST
CMS MARS-E
FISMA-COMPLIANT
EGRC
ARCHER
ISC(2)
SANS GIAC
ISACA
CERTIFICATION

Job Details

Job Title: Senior Information Systems Security Officer (Security Analyst Consultant)

Scope of the Project

The Office of Cybersecurity (OCS) is responsible for safeguarding the security and compliance of information systems and data. We are seeking an experienced Senior ISSO to lead and support day-to-day security and compliance requirements across complex information system environments. This role will focus on implementing and enhancing security and compliance programs aligned with regulatory frameworks such as FISMA, NIST, CMS MARS-E, and HIPAA.

Daily Duties & Responsibilities

  • Lead and manage security and compliance initiatives across information systems.

  • Develop, maintain, and review System Security Plans (SSPs), PIAs, ISAs, CMAs, and related RMF/A&A artifacts.

  • Perform architectural reviews and risk assessments of:

    • Network design and data flow

    • System and data access models

    • Firewall rule requests (ports, protocols, services)

    • Vulnerability management

  • Audit internal systems and vendor environments for compliance with agency standards.

  • Review and provide recommendations on contracts, agreements, and compliance documentation.

  • Act as the primary contact for third-party audits and assessments.

  • Collaborate with leadership, vendors, and business partners to provide security recommendations and risk mitigation strategies.

  • Document findings, reports, and recommendations using tools such as Microsoft Office, Archer eGRC, Bizagi, and Atlassian.

Required Skills & Experience

  • 5+ years of IT security experience auditing/working with IBM System 390/zSeries, Windows, Linux, databases (relational & non-relational), networking, and web applications.

  • Strong working knowledge of FISMA, NIST, CMS MARS-E, and HIPAA standards.

  • Proven experience within a FISMA-compliant security program.

  • Hands-on experience with eGRC systems (Archer preferred).

  • Prior healthcare IT security experience.

  • Professional security certification required: ISC(2), ISACA, SANS GIAC, or equivalent.

  • Strong communication and collaboration skills, with the ability to engage both technical and non-technical stakeholders.

  • Proficiency in Microsoft Office (Word, Excel, PowerPoint, Visio).

Preferred Skills & Experience

  • Prior ITIL experience in Information Security Management.

  • Experience integrating RMF/A&A processes into the SDLC.

  • Familiarity with cloud security and vendor risk management.

  • BS in Computer Science or related discipline (or 10+ years equivalent experience).

***Lumen and / or its clients will not provide equipment (Laptop, monitor, etc.) to the selected contractor. The contractor must have their own equipment. Access to a virtual desktop set up (software) will be provided by Lumen s client, allowing the user access to the required systems and technology.***

Lumen Solutions Group Inc. is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.