IRG's State Clients NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Specialist to perform & support privacy, security, and continuity of operations goals, policies and practices, Contract reviews, Risk assessments based on NIST 800-53 rev 5
NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid Division of Child and Family Well-Being (DCFW) to be in compliance with Federal, NC State and NC DHHS requirements.
Duties Include, Are Not Limited To
- Perform Business Impact Analysys
Create Business Continuity Planing (BCP), Disaster Recovery Testing (DR), Continuity of Operations (COOP) for the division
- Conduct Access Control Reviews
- Moniter Employee HIPAA and Security Training
- Perform NIST and HIPAA based risk assessments - NIST 800-53 rev 5 and remediate identified gaps
- Review CAPS\\POAMS and vulerabiltiy scanner findings and assist with remediation
- Respond to privacy and security incidents
review and approve contracts based on Federal, State and DHHS Privacy and Security requirements
- Review security exception requests and Privacy Threshhold Analasys
- Participate in system reviews/audits while administering security policies, activities, and standards in accordance with Federal, State and Departmental (DHHS) regulations and policies affecting DHHS applications.
The ideal candidate will have experience working with current and emerging information security technologies and development methodologies. Bachelor's degree in computer science, management information systems, or related field preferred. Good analytical and creative problem solving skills, and relies on experience and judgment to plan and accomplish goals, independently performs a variety of complicated tasks, with a wide degree of creativity and latitude is expected. Required/Desired Skills Skill Required /Desired Amount of Experience Risk Management - Must be able to Identify gaps through risk management and assist in the development of mitigation strategies. Required 5 Years Must be able to assist in reviewing projects and systems throughout all phases of their life cycle in an effort to identify Privacy and sec org needs Required 5 Years Must be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies. Required 5 Years HIPAA Experience Required 6 Years Risk Assessments based on NIST 800-53 Required 5 Years Good Management and presentaion skills Required 5 Years Must be able to develop BCP, COOP, DR and BIA Required 5 Years