Cloud Security Engineer

Company: TalentBurst, Inc.
Location: Quincy
Posted on: March 19, 2023

Job Description:

If you are interested in this position please attach your most updated resume or email me at Moe.keya@talentburst.com. If you do respond by email, please include a daytime phone number so I can reach you.

Title: Cloud Security Engineer -
Location: Quincy, MA (Hybrid Onsite)
Duration: Long Term Renewable Contract
Hours: 37.5 Weekly Hours
-
POSITION SUMMARY:
The MMIS SE will function as a member of the core MMIS team and collaborate across interdisciplinary project teams, vendors, and other units in agencies to design and implement robust and holistic security/data protection strategies across the MMIS enterprise system including infrastructure, application code and accessibility vulnerabilities.
-
Job Description:
The MMIS SE will assist in identifying, deploying, and incorporating security controls into an MMIS system so that the controls become an integral part its operational capabilities. Additional responsibilities involve participate in efforts to select appropriate DevSecOps tools and security methods, annual security audits, and triage discovered security vulnerabilities with internal & external stakeholders to ensure responsive and timely remediation of issues.
-
MMIS Security Engineer is seeking to hire a Security Engineer (MMIS SE) to join our collaborative Medicaid Management Information System (MMIS) team. The MMIS SE will report to the MMIS Technical Manager. This position would be expected to follow a hybrid model of reporting to work that combines in-office workdays and work from home days as needed.
-
Detailed list of Duties and Responsibilities:

• 
  
• Lead efforts to develop and implement a robust MMIS security posture especially as EOHHS migrates MMIS to the AWS cloud datacenter.
  
• Lead efforts to develop and implement a holistic strategy to identify, remediate infrastructure, application code and accessibility vulnerabilities and institute an operational process regularly monitor, track and report on progress.
  
• Serve as MMIS Security Lead with EOHHS and EOTSS enterprise security organizations to develop and implement achievable vulnerability remediation policies based on objective industry standard, measures of risk impact, and probability.
  
• Participate in efforts to integrate Static Application Security, Dynamic Application Security and Software Composition Analysis Tools (SAST, DAST & SCA) into MMIS Software Development Lifecycle (SDLC) emphasizing "Shift Left" early detection and remediation of potential threats and vulnerabilities, and automation, and process integration.
  
• Participate in efforts to develop and implement security standards, secure common frameworks and developer documentation and educational materials; create and update learning resources for application security.
  
• Participate in efforts to present and explain threat modelling, risks and risk mitigation strategies to business and IT stakeholders (including leadership) and effectively defend recommendations, where necessary.
  
• Participate in efforts to define MMIS technical security hosting and software environments requirements.
  
  -
  Qualifications:
  
  
  • 
    
  • Bachelor's Degree in Computer Science, Information Systems/Technology, Business Administration, or other related field, or equivalent work experience.
    
  • Professional security certification: CISSP, GIAC, GWEB, GWAP or other similar credentials a plus
    
  • 3+ years of experience working in application and infrastructure security roles.
    
  • Strong technical knowledge of internet security issues, cloud architectures, and threat landscape.
    
  • Strong technical understanding of application and cloud security threats and vulnerabilities, including OWASP top 10, SANS top 25 etc.
    
  • Extensive knowledge of and experience with security standards such as NIST, FEDRamp, and ISO 27xxx.
    
  • Solid understanding of AWS networking and security tools and resources.
    
  • Strong technical knowledge of AWS security and network management tools and resources.
    
  • Strong background in web application development and/or code auditing.
    
  • Strong consensus building and interpersonal communications skills
    
  • Strong analytical abilities.
    
  • Strong writing and technical documentation skills.
    
    -
    Preferred Knowledge, Skills, and Abilities:
    
    
    • 
      
    • Extensive hands-on experience with implementing best security practices for AWS cloud
      
    • Extensive hands-on experience with implementing best security practices for AWS cloud hosted applications including the appropriate utilization of AWS security and networking tools and resources.
      
    • Experience with DevOps practices and Continuous Integration/Continuous Development (CI/CD) using GitLab and pipelines.
      
    • Experience with web and API development technologies.
      
    • Knowledge of current development practices, including containerized applications, microservice architectures, serverless architectures, etc.
      
    • Experience with Medicaid systems or in IT healthcare settings desired
      
      -
      -
      -
      -
      -

Keywords: TalentBurst, Inc., Quincy , Cloud Security Engineer, Engineering , Quincy, Massachusetts