BASIC QUALIFICATIONS

· Bachelor’s degree in computer science, IT or equivalent
· 3+ years of experience in IT Risk or IS or Compliance
· Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
· Demonstrated experience in implementing compliance frameworks for financial services organizations with similar information security needs and requirements
· Familiarity and understanding of a broad range of IT hardware and software products
· Strong project and time management abilities
· Excellent presentation, verbal communication, and written skills
· Excellent analytical, problem-solving and organizational skills
· Experience managing typical enterprise security and intrusion detection systems, especially in a regulated environment
· Ability to work in a collaborative environment across business and technology teams
· Experience in producing clear and actionable reports for technical and non-technical stakeholders

PREFERRED QUALIFICATIONS

· Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
· Experience or knowledge with healthcare, health insurance, managed care, or regulated industries
· Knowledge of CMS and HIPAA related vendor standards and requirements
· Working knowledge of Security SDLC tools
· Familiarity or experience with the following tools:
o Security Scorecard, BitSight, SSL Labs
o Nessus Pro, Qualys
o Splunk, JIRA
o HCL AppScan, or similar code scanning and vulnerability tools
Job Types: Contract, Temporary
Pay: $36.50 - $38.00 per hour
Expected hours: 40 per week

Schedule:

• 8 hour shift

Ability to Commute:

• Mason, OH 45040 (Preferred)

Ability to Relocate:

• Mason, OH 45040: Relocate before starting work (Preferred)

Work Location: In perso

· Monitor and analyze vulnerability assessment data to identify and communicate technical risks to the organization
· Support the identification and impact classification for new vulnerabilities identified in the environment
· Execute and support vulnerability assessments, penetration testing and social engineering activities
· Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
· Facilitate vulnerability management processes by tracking and coordinating remediation efforts across multiple teams
· Ensure timely closure of security gaps by working with application, infrastructure, and operations teams
· Support IS in achieving the vision and strategic objectives of the vulnerability program
· Provide regular updates and risk summaries to leadership regarding the status of remediation efforts
· Support leadership to identify capability gaps in vulnerability management services
· Support responses to client and third-party security inquiries, questionnaires, and audit requests related to vulnerability management
· Manage and utilize IS tools such as DLP, Code scanner, external security profile, internal and external scanning tools and scoring platforms etc. to analyze gaps in security controls
· Participate in the IT SDLC program to ensure that security is included in project by default and by design
· Develop strong working relationships across business, technology units and potentially clients to ensure a high degree of alignment and accountability in remediation, security compliance and client satisfaction.
· Collaborate with cross-functional teams to improve security posture and embed security into existing IT and operational workflows
· Assist with regulatory and compliance requirements, contributing to security audits, attestations, and certifications
· Brief IS leadership on vulnerability assessment results and potential risks
· Conduct analysis, aggregate and report on vulnerability data from various scanning tools and platforms
· Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function