The Office of Cybersecurity is tasked with securing the Agency cloud infrastructure and performing ongoing enterprise cybersecurity threat monitoring and incident response capabilities. A strong candidate for this position should possess experience in the following by priority:
- Cyber Threat Response and Incident Handling
- Cloud platforms such as Amazon Web Services (AWS)
- Cloud Security
- Security Architect and/or Engineering
- Azure, Google Cloud Platform (GCP)
DAILY DUTIES / RESPONSIBILITIES:
The Cloud CyberSecurity Specialist will help Applications Team build and manage a Secure Cloud Infrastructure by adhering to Agency policy and industry best practices.
This position will report directly to the Security Operations Manager to drive innovation and maturation of the Agency Cyber threat detection and response capabilities. We are looking for candidates who are highly organized, can work independently in a fast-paced environment and produce multiple quality deliverables within defined deadlines. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and drive efficiencies through the process.
Essential Responsibilities
- Perform threat identification and analysis of risks to the Medicaid Cloud Based Systems
- Provide input and feedback on cloud/hybrid architectures related to Security
- Assist in the implementation and advancement of Continuous Monitoring and Incident Response processes and procedures
- Perform regular security audits of resources deployed in the Medicaid Cloud Based Systems
- Assist in investigation and remediation of security incidents and issues
- Serve as Security Subject Matter Expert for Secure Cloud Infrastructure
- Consult on, and provide requirements for critical projects and initiatives
- Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels
- Create documentation that can readily to be added to Agency procedures
- Revise documents and artifacts as tactics and techniques evolve to address new and emergent threats and trends
- Work with Information Technology, Application Development and Business Teams to advance security efforts of the Medicaid Enterprise
- Raise the awareness level of cloud security in the agency
- Conducts security assessments to identify areas of risk and ensure gaps are remediated
- Effectively communicates to management and business stakeholders the status of projects and issues as they relate to Cloud Security
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
- 10+ years of experience of I.T. working with Windows, Linux, Cloud technologies and Web-based applications
- 2-4 years of experience with Cloud Security monitoring and incident response
- A firm understanding of the offerings and capabilities within Amazon Web Services (AWS) and/or GCP and Microsoft Azure platforms
- Ability to communicate clearly, verbally and in writing; to interact effectively with internal and external vendors, project team members, management and agency departments; to build relationships and use facilitation skills with both technical and non-technical personnel
- Ability to write, edit, and prepare graphic presentations of technical information for both technical and business personnel
- Ability to collaborate and coordinate with multiple teams and vendors
- Ability to work independently and as a member of a team
- Ability to multitask and prioritize tasks effectively in order to meet deadlines
- Keen attention to detail while maintaining the ability to see the big picture
- Ability to absorb and retain complex processes
- Experience with the evaluation and selection of products and vendors to support initiatives.
- Ability to accept changes and constructive criticism in a fast turn-around environment
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
- 3+ years of experience with Cloud platforms such Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP)
- Prior experience working with cloud security and governance tools, cloud access security brokers (CASBs), and infrastructure as a code
- Experience with deployment orchestration, automation, and security configuration management of AWS native tools
- Experience with full-stack deployment
REQUIRED EDUCATION/CERTIFICATIONS:
ANY ONE OR COMBINATION OF:
- CLOUD CERTIFICATION (I.E CCSP)
- GIAC CERTIFIED INCIDENT HANDLER (GCIH)
- SECURITY +
- OR SIMILAR WITH VALID EXPERIENCE
PREFERRED EDUCATION/CERTIFICATIONS:
- BS degree in computer science, information technology, engineering or similar discipline
- Network security certifications