Skills

Penetration Testing Incident Response Firewalls Cloud Security Forensics DevOps Monitoring Assessment and Evaluation Risk Assessment Linux Operating Systems Windows Azure AWS Project Management AWS Cloud

Job Specifications

Title: Systems Security Specialist (Senior)

Duration: 2 years

Work Location: Hybrid (2 days onsite at 750 East Pratt Street, 6th Floor, Baltimore, MD 21202 and 3 days remote).

Any visa is fine

Need candidate’s resume, completed skill matrix and references only.

Duties and Responsibilities:

• Develop and implement cloud security controls, cloud-based processes and tools, and cloud

security task automation.

• Perform security assessments, working closely with DevOps and Developer teams on identifying

security and privacy issues in AWS or Azure and finding solutions to provide required

functionality securely.

• Continuously monitor the Health Benefit Exchange (HBX) and ancillary systems, not limited to

cloud security operations, responding to security issues and escalating as necessary.

• Conduct security impact analysis of controls on proposed system changes.

• Conduct cloud security assessments and Penetration testing.

• Perform Incident Response and Forensics evaluation using security information and event

management (SIEM) tools.

• Ensure that the MHBE system security requirements are addressed during all phases of the

system development life cycle.

• Review and update systems security documentation and artifacts such as Systems Security Plan,

Information Security Risk Assessment, Privacy Impact Assessment, Systems Security Report,

Correction Action Plan, Plan of Action & Milestones (POA&M).

• Create and track POA&M requirements for resolving security findings.

• Administer cloud-based and physical firewalls.

• Deploy and administer Identity and Access Management products in various operating systems.

• Perform monitoring and operations of Identity and Access Management implementation.

• Design enhancements in Identity and Access Management products ForgeRock and SailPoint.

• Maintain, monitor, and provide operational support for IAM products, computer programs,

systems, and other security technologies and revise system design and quality standards.

• Make changes to IAM and underline applications for enhancing enterprise security and ensure

safe and secure operation to enable access to our systems for our employees, contractors,

consumers, and stakeholders.

• Perform Security Incident Response and Forensics evaluation using security information and

event management (SIEM) tools.

• Provide operational support for other security technologies.

• Perform account/access management with IAM and other security tools.

• Adhere to all security, change control, and MHBE Project Management Office (PMO) policies,

processes, and methodologies.

Note: The candidate must be flexible to work overtime as needed, including weekends, holidays, and off-hours

Minimum Qualifications:

• A minimum of eight (8) years of experience analyzing, defining, deploying, monitoring, and

administering security requirements and controls for large and mission-critical IT systems.

• A minimum of five (5) years performing day-to-day security operations functions, including

administration, troubleshooting, and resolution of various security components.

• A minimum of four (4) years of hands-on experience in performing cloud security functions.

• A minimum of four (4) years of experience in defining computer security requirements for highlevel applications and evaluating approved security product capabilities.

• A minimum of four (4) years of demonstrated production experience using AWS Cloud

supporting security operations.

• A minimum of four (4) years of experience with administering security for Windows and Linux

operating systems.

• Experience in performing Security Incident Response and Forensics evaluation with SIEM tools.

• Working knowledge of AWS security features such as Security Groups, Network Access Control

List, Firewall, WAF, Guard Duty, Macie, CloudTrail, CloudWatch, Control Tower, etc.

• Experience with assessment and evaluation of information systems to recommend changes and

mitigate threats, risks, and vulnerabilities.

• Demonstrated ability to perform scheduled maintenance activities such as patching, performance

tuning, and backups.

• Demonstrated ability to perform user provisioning and de-provisioning activities.

• Experience in monitoring the security infrastructure for operational effectiveness.

Preferred Qualifications:

• A minimum of five (5) years of experience implementing, administering, and monitoring Security

Controls and Governance for public-facing complex IT systems.

• A minimum of five (5) years of specialized experience in defining computer security

requirements for high-level applications, evaluating approved security product capabilities, and

developing solutions to multilevel security problems.

• A minimum of five (5) years of hands-on experience providing operational support for

ForgeRock and Sailpoint IAM products.

• A minimum of five (5) years of experience with the assessment and evaluation of information

systems to recommend changes a

About the Company

Innovate, Implement, Transform - Your Trusted Partner in Cloud and Software Innovation Unlock the power of cutting-edge technology with Ark, your go-to Amazon AWS certified consulting partner. Our expert team specializes in solving complex IT infrastructure challenges for businesses of all sizes, from small enterprises to large corporations and government agencies. Leveraging our 15-year track record in IT, we excel in cloud services and comprehensive software solutions. We specialize in cloud migration, implementation, and ... Know more