Our goal is to solve problems and deliver results for our clients. At Cloud and Things, you can be a part of transforming the public sector’s IT environment. Our team is on the forefront of helping to solve the government's most complex IT challenges. If you are seeking a role that offers the opportunity to work on rewarding projects, consider a career with Cloud and Things.
Overview: We are seeking an experienced Security Engineer to protect and secure our organization’s information systems, with a strong focus on endpoint and network security. The ideal candidate will have extensive experience in vulnerability management, incident response, and secure network design, along with a deep understanding of relevant regulations such as HIPAA. This role will require a proactive approach to risk assessment, continuous monitoring of security controls, and the ability to work closely with cross-functional teams to align security measures with business objectives.
Duties
- Implement and manage comprehensive security measures to protect the organization’s information systems, with an emphasis on endpoint and network security.
- Use Security Information and Event Management (SIEM) tools for real-time monitoring, threat detection, and incident response.
- Continuously monitor and update security protocols to address emerging threats and vulnerabilities.
- Ensure the security of personal health information (PHI) and compliance with HIPAA regulations in Medicaid self-directed care systems.
- Maintain up-to-date knowledge of other relevant security regulations and ensure all practices align with compliance requirements.
- Conduct risk assessments, vulnerability scans, and penetration testing to identify and address potential security weaknesses.
- Develop, implement, and execute comprehensive incident response plans to minimize security risks and breaches.
- Perform root cause analysis, document findings, and implement preventive measures for identified security incidents.
- Work closely with IT, compliance, and business teams to align security measures with organizational goals.
- Deliver security awareness training to end users to promote a culture of security and ensure adherence to best practices.
- Design secure network architectures, including firewall configurations, access controls, and secure communication channels.
- Collaborate on the development of risk management strategies to protect critical systems and data.
- Maintain detailed security documentation, including risk assessment reports, incident response plans, and security protocols.
- Generate and present regular reports to management on the organization’s security posture and incident trends.
Mandatory Qualifications
- Bachelor's degree in Engineering, Computer Science, or a related field.
- 5+ years of experience with a strong foundation in cybersecurity principles, including endpoint and network security.
- Proficiency with SIEM tools for real-time monitoring and threat detection.
- In-depth understanding of HIPAA and other relevant regulations, ensuring the protection of personal health information (PHI) in Medicaid self-directed care systems.
- 5+ years of experience in vulnerability management, incident response, and secure network design including, conducting risk assessments, and penetration testing.
- Proven ability to develop and execute comprehensive risk assessments and incident response plans, minimizing security risks and breaches.
- Ability to work with IT, compliance, and business teams to align security measures with organizational goals.
- Excellent communication skills and the ability to deliver effective security awareness training to end users.
- Strong analytical and problem-solving skills for threat analysis and resolution of security issues.
- Experience in maintaining detailed security documentation and generating management reports on security posture and incident trends.
Preferred Skills
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- Certified Information Security Manager (CISM)
- Proactive and detail-oriented with a strong commitment to security.
- Ability to work independently and as part of a team.
- Strong organizational and multitasking skills.
- Ability to adapt to a fast-paced environment and stay updated on emerging security trends.
Cloud and Things complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws.
Cloud and Things complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws.