Logo
Crescens

Security Assessment Director Job at Crescens in Raleigh

Crescens, Raleigh, NC, United States

Job Title: - Security Assessment Director
Location: Raleigh, NC
Duration: 11+ months

Description:
  • Manage and support the implementation of AWS Cloud infrastructure for multiple clients, including design, deployment, maintenance, and troubleshooting.
  • Create detail technical documentation to support the security management of client's cloud environments (e.g., network diagrams).
  • Assist in developing privacy and security policies and procedures for new projects or enhancements to existing systems as well as providing guidance on best practices related to information technology security.
  • Participate in regular status meetings with leaders and other stakeholders regarding current projects and future initiatives.
  • Provide training to internal staff on topics such as Amazon Web Services (AWS) services, tools, etc..
  • Create a cloudbased security platform that monitor and analyze data from multiple sources to identify potential threats
  • Conduct penetration testing on the DHHS cloud infrastructure, identifying vulnerabilities in its security systems
  • Develop an automated system for detecting anomalous behavior within the DHHS cloud environment using machine learning algorithms
  • Conduct security assessments of web applications, networks, and systems to identify security vulnerabilities.
  • Document findings and recommendations in security reports and presentations.
  • Implement security controls to mitigate identified security risks.
  • Conducted risk assessments to ensure compliance with NIST 800-53 frame work and HIPAA
  • Design a comprehensive data loss prevention program that reduced sensitive information leakage
  • Experience in performing penetration testing on the web applications deployed on the cloud platform.
  • Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms. Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices. CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP
Required/Desired Skills:
  • CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP)
  • Performing the security assessments using NIST 800-53 r4 security control
  • HIPAA Privacy & Security compliance
  • Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports
  • Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms
  • Experience in performing the network, web and database security assessments.
  • Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications
  • Experience in performing penetration testing on the web applications deployed on the cloud platform
  • Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.