Vacancy expired!
- Refine and lead security strategy for the overall IDR Cloud program using industry best practices and the CMS AWS shared responsibility model
- Build, manage, and implement security polices for IDR cloud infrastructure by applying CMS security standards in alignment with NIST 800-53 and Acceptable Risk Safeguards security controls
- Define and implement capabilities to detect and remediate malicious activity.
- Assist in developing continuous monitoring solutions at all levels to validate systems against baselines and respond to violations
- Leverage DevSecOps practices and tools to ensure reliability, integrity and security of the IDR Cloud system
- Ensure compliance to standards (e.g. NIST sp800-53, DISA STIG, CIS, FedRAMP)
- Knowledge of Cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management in the Cloud.
- Experience executing tasks and sub-tasks to design, build, and integrate IT solutions and network and system security tools in the Cloud, including network firewalls, vulnerability scanning, encryption, monitoring, and Identity, Credential, or Access Management (ICAM).
- Experience in applying native Cloud security and monitoring services in AWS, such as Security Groups, Network Access Control Lists, KMS, WAF, IAM, CloudTrail and Secrets Manager
- Experience implementing AWS security and hardening, especially in a large or complex CMS environment.
- Deep knowledge of AWS and how to configure and maintain least-privilege and segregation of duty across boundaries
- Hands-on experience in driving end to end security for cloud product - vulnerability scanning of application and infrastructure, penetration testing.
- Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
- Experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security).
- Experience with DevSecOps and CI/CD Pipeline implementation.
- Ability to distill complex security problems and drive toward creative solutions.
- Ability to communicate, both orally and written, with all levels of management and end users across varying levels of technical backgrounds.
- Experience in scripting automation using tools such as Python & Bash, JSON.
- Experience with Security Incident response, continuous monitoring/audit logging (Splunk)
- Experience in Creating and testing a disaster recovery plan and platform for cloud infrastructure
- Evaluating vendor security posture (e.g. AWS, Snowflake, Databricks, etc.)
- Creating guidelines and standards for secure use of cloud technologies
- Previous experience in working on CMS programs
- Experience with the CMS Security Playbook and Acceptable Risk Safeguards
- Medicare, Medicaid or private healthcare experience
Vacancy expired!