Request ID: IN-8791-1 (98890613)
Network Security Engineer (CCNA must) with health information technology experience and ISC(2)/CISA/SANS GIAC certification
Location: Columbia SC
Resume: 5 pages max
Duration: 12 Months
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. 5+ years of HANDS-ON experience in network design, implementation and support
2. Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Prior experience in working in regulatory environment
2. Prior Health Information Technology experience.
3. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
1. BS degree in computer science or similar discipline.
2. CCNA Security or equivalent (network security-centric) certification is required
1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification.
A strong candidate for this position should possess HANDS-ON experience in the following:
• Data network design and engineering
• Strong understanding of routing and switching protocols
• Network perimeter protection technologies
Security Program Experience:
Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.
Experience with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
HANDS-ON experience with any or all of the following technologies would be considered a desirable for this position:
• Secure Network Design – Layer 2-7 Security
• Network Firewalls
• Intrusion Detection/Prevention Systems (IDPS)
• Network Security Monitoring expertise
• Security Information and Event Management (SIEM) experience such QRadar, Splunk, etc. (**Plus )
• Vulnerability Assessment tools such as Nessus, Qualys, etc.
• Cloud Infrastructure Security (**Plus)
General Duties and Responsibilities:
1. Assist (and often lead) in the design, development, implementation and/or ongoing maturation of SCDHHS network security and compliance solutions
2. Provide HANDS-ON support of SCDHHS Network Security Tools/Appliance
3. Participate in audit and assessment of internal agency systems as well as business partner/service provider information systems.
4. Utilize Microsoft Office software suite, eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other OIA efforts.
5. Participate in third-party audits and/or assessments of agency and business partner systems
6. Collaborate with agency leadership, business partners and other parties/stakeholders to provide recommendations for Network security and compliance risk mitigation efforts.
Education Bachelor of Science Degree Yes 1 Lead Currently Using 4 – 6 Years
Education Technical Certifications Yes 1 Lead Currently Using 4 – 6 Years
Miscellaneous Experience in designing and implementing enterprise level systems architectures. Yes 1 Lead Within 1 Year 4 – 6 Years
Network Security Security Information Event Management (SIEM) systems development / configuration Yes 1 Lead Within 1 Year 2 – 4 Years
Network Security Federal Information Security Management Act (FISMA) No 1 Intermediate Within 1 Year 4 – 6 Years
Network Security HIPAA Security No 1 Advanced Within 1 Year 4 – 6 Years
Network Security MARS-E No 1 Advanced Within 1 Year 4 – 6 Years
Network Security SECURITY TOOLS – Ability to install and use various security tools No 1 Lead Within 1 Year 4 – 6 Years
Protocols Firewall Yes 1 Lead Within 1 Year 4 – 6 Years
Specialties Network Engineering experience Yes 1 Lead Within 1 Year 4 – 6 Years
Specialties eGRC solutions No 1 Advanced Within 2 Years 2 – 4 Years
Specialties Router No 1 Lead Within 1 Year 4 – 6 Years
Specialties Switches No 1 Lead Within 1 Year 4 – 6 Years