Job Title: Systems Security Specialist (Senior)
Location: Baltimore, MD 21202 Job Duties/Responsibilities
Develop and implement cloud security controls, cloud-based processes and
tools, and cloud security task automation.
Perform security assessments, working closely with DevOps and Developer
teams on identifying security and privacy issues in AWS or Azure and finding
solutions to provide required functionality securely.
Continuously monitor the Health Benefit Exchange (HBX) and ancillary systems,
not limited to cloud security operations, responding to security issues and
escalating as necessary.
Conduct security impact analysis of controls on proposed system changes.
Conduct cloud security assessments and Penetration testing.
Perform Incident Response and Forensics evaluation using security information
and event management (SIEM) tools.
Ensure that the MHBE system security requirements are addressed during all
phases of the system development life cycle.
Review and update systems security documentation and artifacts such as
Systems Security Plan, Information Security Risk Assessment, Privacy Impact
Assessment, Systems Security Report, Correction Action Plan, Plan of Action &
Milestones (POA&M).
Create and track POA&M requirements for resolving security findings.
Administer cloud-based and physical firewalls.
Deploy and administer Identity and Access Management products in various
operating systems.
Perform monitoring and operations of Identity and Access Management
implementation.
Design enhancements in Identity and Access Management products ForgeRock
and SailPoint.
Maintain, monitor, and provide operational support for IAM products, computer
programs, systems, and other security technologies and revise system design
and quality standards.
Make changes to IAM and underline applications for enhancing enterprise
security and ensure safe and secure operation to enable access to our systems
for our employees, contractors, consumers, and stakeholders.
Perform Security Incident Response and Forensics evaluation using security
information and event management (SIEM) tools.
Provide operational support for other security technologies.
Perform account/access management with IAM and other security tools.
Adhere to all security, change control, and MHBE Project Management Office
(PMO) policies, processes, and methodologies.
Note: The candidate must be flexible to work overtime as needed, including
weekends, holidays, and off-hours.
Minimum Qualifications
Education: A Bachelor's Degree from an accredited college or university with a
major in Computer Science, Information Systems, Engineering, Business, or
other related scientific or technical discipline. A Master's Degree is preferred.
A minimum of eight (8) years of experience analyzing, defining, deploying,
monitoring, and administering security requirements and controls for large and
mission-critical IT systems.
A minimum of five (5) years performing day-to-day security operations functions,
including administration, troubleshooting, and resolution of various security
components.
A minimum of four (4) years of hands-on experience in performing cloud security
functions.
A minimum of four (4) years of experience in defining computer security
requirements for high-level applications and evaluating approved security product
capabilities.
A minimum of four (4) years of demonstrated production experience using AWS
Cloud supporting security operations.
A minimum of four (4) years of experience with administering security for
Windows and Linux operating systems.
Experience in performing Security Incident Response and Forensics evaluation
with SIEM tools.
Working knowledge of AWS security features such as Security Groups, Network
Access Control List, Firewall, WAF, Guard Duty, Macie, CloudTrail, CloudWatch,
Control Tower, etc.
Experience with assessment and evaluation of information systems to
recommend changes and mitigate threats, risks, and vulnerabilities.
Demonstrated ability to perform scheduled maintenance activities such as
patching, performance tuning, and backups.
Demonstrated ability to perform user provisioning and de-provisioning activities.
Experience in monitoring the security infrastructure for operational effectiveness.
Preferred Qualifications
The additional Experience/Knowledge/Skills listed below are preferred by MHBE.
A minimum of five (5) years of experience implementing, administering, and
monitoring Security Controls and Governance for public-facing complex IT
systems.
A minimum of five (5) years of specialized experience in defining computer
security requirements for high-level applications, evaluating approved security
product capabilities, and developing solutions to multilevel security problems.
A minimum of five (5) years of hands-on experience providing operational
support for ForgeRock and Sailpoint IAM products.
A minimum of five (5) years of experience with the assessment and evaluation of
information systems to recommend changes and mitigate threats, risks, and
vulnerabilities.
A minimum of five (5) years of experience conducting Incident Response testing
to evaluate processes for detection, response, and reporting of security incidents.
A minimum of three (3) years of hands-on experience designing, developing,
deploying, and administering security policies for health insurance marketplaces
or complex health and human services systems.
Experience configuring ForgeRock to enable single sign-on with different
applications and implementing password sync across all internal applications.
Experience with configuration and administration of SailPoint and performing
tasks such as designing an organizational tree structure and creating
provisioning and de-provisioning policies.
Experience implementing ID policies, password policies, access control lists
(ACL), reconciliation, service definition, the configuration of remote resources,
workflows, password synchronization, reconciliation schedules, and life cycle
management.
Experience in providing detailed configuration and administration for programs
such as ACL configuration, Group Management, and configuration management.
Hands-on experience with troubleshooting, investigating operational problems,
and providing workarounds, resolutions, and remediations.
Experience developing IT Security roadmaps and execution plans.
Demonstrated technical knowledge of command line utilities running on various
platforms, including Linux and MS Windows.
Experience with implementation of integration solutions between IAM system and
user account repositories such as Active Directory, LDAP, and Databases.
Experience with Java, JavaScript, and shell scripts.
Experience assisting organizations meeting NIST SP 800-37, NIST 800-53, IRS
Publication 1075, and MARS-e 2.0 requirements.
Experience with conducting vulnerability management and penetration testing
efforts.
Experience in configuring and reviewing ASA and/or Fortinet firewalls.
Possess one or more security certifications such as CISSP, ISO, CSA STAR
Cloud Security Advisor, CCSE, QCS, CNA, VCP, or equivalent.
Experience working with the Project Management Office (PMO) processes,
policies, and procedures.
Never miss an opportunity! Create an alert based on the job you applied for.
