Job ID: NC-759792 (911390327)
Hybrid/Local Security Analyst (12+) with Risk Management, compliance, mitigation, HIPAA, NIST, BCP, COOP, DR, BIA Experience
Location: Raleigh, NC (NCDHHS – Privacy and Security Office)
Duration: 12 Months
Position: 1(1)
Skills:
Risk Management – Must be able to Identify gaps through risk management and assist in the development of mitigation strategies. Required 5 Years
Must be able to assist in reviewing projects and systems throughout all phases of their life cycle in an effort to identify Privacy and sec org needs Required 5 Years
Must be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies. Required 5 Years
HIPAA Experience Required 6 Years
Risk Assessments based on NIST 800-53 Required 5 Years
Good Management and presentation skills Required 5 Years
Must be able to develop BCP, COOP, DR and BIA Required 5 Years
Description:
NCDHHS-Privacy and Security Office (PSO) requiring services of an IT Security Specialist to perform & support privacy, security, and continuity of operations goals, policies and practices, Contract reviews, Risk assessments based on NIST 800-53 rev 5
NC DHHS – Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid Division of Child and Family Well-Being (DCFW) to be in compliance with Federal, NC State and NC DHHS requirements.
Duties include, are not limited to:
– Perform Business Impact Analysis
Create Business Continuity Planning (BCP), Disaster Recovery Testing (DR), Continuity of Operations (COOP) for the division
– Conduct Access Control Reviews
– Monitor Employee HIPAA and Security Training
– Perform NIST and HIPAA based risk assessments – NIST 800-53 rev 5 and remediate identified gaps
– Review CAPS\POEMS and vulnerability scanner findings and assist with remediation
– Respond to privacy and security incidents
review and approve contracts based on Federal, State and DHHS Privacy and Security requirements
– Review security exception requests and Privacy Threshold Analysis
– Participate in system reviews/audits while administering security policies, activities, and standards in accordance with Federal, State and Departmental (DHHS) regulations and policies affecting DHHS applications.
The ideal candidate will have experience working with current and emerging information security technologies and development methodologies. Bachelor’s degree in computer science, management information systems, or related field preferred. Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected.