Overview
Skills
Job Details
LOCAL to Richmond only
webcam & in-person interview
ABOUT THE ROLE
Responsibilities Include:
-
Assess current security controls and processes against new CMS, IRS, and SCC security standards.
-
Identify gaps and recommend remediation steps to achieve and maintain compliance.
-
Plan, lead, and execute development and updates to policies, procedures, and documentation to reflect requirements.
-
Design, implement, and train on the process for assessing partners and vendors, ensuring alignment with security standards.
-
Develop assessment tools, workflows, and scoring model to evaluate and measure the effectiveness and compliance of vendor and partner security controls.
-
Evaluate the security posture of vendors and partners to ensure information security contractual, information sharing, and data sharing agreement requirements are met.
-
Test the effectiveness of operational and management controls using interviews, document reviews, and observation.
-
Analyze, assess, report, and present on audit findings, risk exposure, and recommendations.
-
Support information security continuous monitoring and incident response programs.
-
Perform related work as required.
| Sr. no. | Skill | Required /Desired | Amount | Experience you have (in years) |
|---|---|---|---|---|
| 1 | Audit and compliance/information security/information technology experience or combination thereof | Required | 9 Years | |
| 2 | Information Security control audit and assessment experience | Required | 5 Years | |
| 3 | NIST 800-53 or other security framework | Required | 5 Years | |
| 4 | Perform testing, analysis, reporting, and develop remediation plans for compliance with operational and management controls | Required | 5 Years | |
| 5 | Develop and update policies, procedures, and documentation | Required | 2 Years | |
| 6 | Healthcare, health insurance, or ACA | Desired | 2 Years | |
| 7 | Industry recognized certification CISA, CIA, GSNA, CISSP, or equivalent | Desired | 2 Years |