Trigyn's direct government client has a contract to hire opportunity for Sr. Security Engineer in Baltimore, MD.

The particulars of the opportunity are below:

Description: The client is looking for a Senior Security Engineer Public Health. In this role, you will be responsible for ensuring that agencies who are responsible for processing public health information and other sensitive information are compliant with applicable regulations such as HIPAA, best practices, and the client’s IT security standards. The ideal candidate will have experience performing risk and compliance assessments, prioritizing the results, and implementing security controls.

Sr. Security Engineer Public Health responsibilities may include but are not limited to:

• Drive collaboration with client agencies such as Health Department, Office of Children and Family Services and others that are responsible for processing personal health information and other sensitive data to ensure compliance with HIPAA, best practices and the client’s IT standards.

• Document the use cases and requirements that describe how a system will be utilized, what processes it will support, and who will use the system.

• Perform a risk assessment and threat modeling to identify and quantify vulnerabilities against new systems and legacy systems.

• Identify HIPAA regulations, compliance standards, or IT security standards that must be met by the system.

• Document the security controls required to mitigate threats and vulnerabilities and to meet regulations, compliance or IT security standards.

• Review system design documentation to ensure security requirements are met, and to surface and address any additional vulnerabilities that are identified in the design phase.

• Review and contribute to test plans and test cases to ensure security requirements are tested.

• Review implementation plans and standard operating procedures to ensure controls and secure processes are being developed and implemented.

• Monitor system implementation to ensure security controls are operating effectively.

• Identify and address gaps in the client’s system engineering and security engineering processes to drive improvements.

• Collaborate effectively with all agencies, departments, and other federal, state, and local government partners and vendors.

• Provide regular status to client and Information Security leadership.

• Support analysis of security events and incident response as needed.

Minimum Education and Experience Requirements:

• Bachelor of Science degree in Information Technology, Computer Science, or Computer Engineering or related discipline from an accredited college or university; and

• Six years of security engineering experience including healthcare systems, compliance frameworks, and selection and implementation of security controls.

• Relevant certifications (e.g., CISSP, CCSP, GCED, CEH, CCNP) preferred.

Skills Requirements:

• Requires the utmost integrity, judgement, and discretion in carrying out duties and handling sensitive matters.

• Ability to pass background check by national law enforcement.

• Requires demonstrated understanding and experience with network and security architecture, multiple operating system platforms, databases, web applications, and other evolving mobile and cloud technologies, along with the following: malware inspection, traditional and application layer firewalls, VPN, identity management systems, data loss prevention, and network and host-based intrusion detection/prevention systems.

• Knowledge of HIPAA, NIST Cyber Security Framework, security risk assessment processes and other information security control frameworks.

• Knowledge network communication using TCP/IP protocols, basic system administration, virtual systems, active directory architecture, web proxies, etc.

• Requires excellent verbal and written communication skills.

• Ability to multi-task and work under pressure in a fast-paced environment.

• Attention to details and demonstrated problem-solving skills.

• Team player, self-confident, motivated, with excellent communication skills

• Current knowledge of technology capabilities and trends; types, and techniques of threat actors.