Cloud Security Engineer
Company: TalentBurst, Inc.
Location: Quincy
Posted on: March 19, 2023
Job Description:
If you are interested in this position please attach your most
updated resume or email me at Moe.keya@talentburst.com. If you do
respond by email, please include a daytime phone number so I can
reach you.
Title: Cloud Security Engineer -
Location: Quincy, MA (Hybrid Onsite)
Duration: Long Term Renewable Contract
Hours: 37.5 Weekly Hours
-
POSITION SUMMARY:
The MMIS SE will function as a member of the core MMIS team and
collaborate across interdisciplinary project teams, vendors, and
other units in agencies to design and implement robust and holistic
security/data protection strategies across the MMIS enterprise
system including infrastructure, application code and accessibility
vulnerabilities.
-
Job Description:
The MMIS SE will assist in identifying, deploying, and
incorporating security controls into an MMIS system so that the
controls become an integral part its operational capabilities.
Additional responsibilities involve participate in efforts to
select appropriate DevSecOps tools and security methods, annual
security audits, and triage discovered security vulnerabilities
with internal & external stakeholders to ensure responsive and
timely remediation of issues.
-
MMIS Security Engineer is seeking to hire a Security Engineer (MMIS
SE) to join our collaborative Medicaid Management Information
System (MMIS) team. The MMIS SE will report to the MMIS Technical
Manager. This position would be expected to follow a hybrid model
of reporting to work that combines in-office workdays and work from
home days as needed.
-
Detailed list of Duties and Responsibilities:
- Lead efforts to develop and implement a robust MMIS security
posture especially as EOHHS migrates MMIS to the AWS cloud
datacenter.
- Lead efforts to develop and implement a holistic strategy to
identify, remediate infrastructure, application code and
accessibility vulnerabilities and institute an operational process
regularly monitor, track and report on progress.
- Serve as MMIS Security Lead with EOHHS and EOTSS enterprise
security organizations to develop and implement achievable
vulnerability remediation policies based on objective industry
standard, measures of risk impact, and probability.
- Participate in efforts to integrate Static Application
Security, Dynamic Application Security and Software Composition
Analysis Tools (SAST, DAST & SCA) into MMIS Software Development
Lifecycle (SDLC) emphasizing "Shift Left" early detection and
remediation of potential threats and vulnerabilities, and
automation, and process integration.
- Participate in efforts to develop and implement security
standards, secure common frameworks and developer documentation and
educational materials; create and update learning resources for
application security.
- Participate in efforts to present and explain threat modelling,
risks and risk mitigation strategies to business and IT
stakeholders (including leadership) and effectively defend
recommendations, where necessary.
- Participate in efforts to define MMIS technical security
hosting and software environments requirements.
-
Qualifications:
- Bachelor's Degree in Computer Science, Information
Systems/Technology, Business Administration, or other related
field, or equivalent work experience.
- Professional security certification: CISSP, GIAC, GWEB, GWAP or
other similar credentials a plus
- 3+ years of experience working in application and
infrastructure security roles.
- Strong technical knowledge of internet security issues, cloud
architectures, and threat landscape.
- Strong technical understanding of application and cloud
security threats and vulnerabilities, including OWASP top 10, SANS
top 25 etc.
- Extensive knowledge of and experience with security standards
such as NIST, FEDRamp, and ISO 27xxx.
- Solid understanding of AWS networking and security tools and
resources.
- Strong technical knowledge of AWS security and network
management tools and resources.
- Strong background in web application development and/or code
auditing.
- Strong consensus building and interpersonal communications
skills
- Strong analytical abilities.
- Strong writing and technical documentation skills.
-
Preferred Knowledge, Skills, and Abilities:
- Extensive hands-on experience with implementing best security
practices for AWS cloud
- Extensive hands-on experience with implementing best security
practices for AWS cloud hosted applications including the
appropriate utilization of AWS security and networking tools and
resources.
- Experience with DevOps practices and Continuous
Integration/Continuous Development (CI/CD) using GitLab and
pipelines.
- Experience with web and API development technologies.
- Knowledge of current development practices, including
containerized applications, microservice architectures, serverless
architectures, etc.
- Experience with Medicaid systems or in IT healthcare settings
desired
-
-
-
-
-
Keywords: TalentBurst, Inc., Quincy , Cloud Security Engineer, Engineering , Quincy, Massachusetts
Didn't find what you're looking for? Search again!
Loading more jobs...