Scout Exchange
Scout Exchange is hiring: Security Assessment Director in Raleigh
Scout Exchange, Raleigh, NC, United States
Role: Security Assessment Director
Location: Hybrid, Raleigh, NC
We are seeking a Cloud security engineer with experience in the healthcare industry. Must have Proven ability to secure cloud deployments and protect sensitive data. Adopt at working with senior management to develop and implement security strategy.
• Manage and support the implementation of AWS Cloud infrastructure for multiple clients, including design, deployment, maintenance, and troubleshooting.
• Create detail technical documentation to support the security management of client's cloud environments (e.g., network diagrams).
• Assist in developing privacy and security policies and procedures for new projects or enhancements to existing systems as well as providing guidance on best practices related to information technology security.
• Participate in regular status meetings with leaders and other stakeholders regarding current projects and future initiatives.
• Provide training to internal staff on topics such as Amazon Web Services (AWS) services, tools, etc..
• Create a cloud-based security platform that monitor and analyze data from multiple sources to identify potential threats
• Conduct penetration testing on the DHHS cloud infrastructure, identifying vulnerabilities in its security systems
• Develop an automated system for detecting anomalous behavior within the DHHS cloud environment using machine learning algorithms
• Conduct security assessments of web applications, networks, and systems to identify security vulnerabilities.
• Document findings and recommendations in security reports and presentations.
• Implement security controls to mitigate identified security risks.
• Conducted risk assessments to ensure compliance with NIST 800-53 frame work and HIPAA
• Design a comprehensive data loss prevention program that reduced sensitive information leakage
• Experience in performing penetration testing on the web applications deployed on the cloud platform.
• Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms.
Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.
CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP
Required / Desired Skills
Skill
Required / Desired
Amount
of Experience
CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP)
Required
Performing the security assessments using NIST 800-53 r4 security controlP
Required
5
Years
HIPAA Privacy & Security compliance
Required
3
Years
Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports
Required
3
Years
Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms
Required
Experience in performing the network, web and database security assessments.
Required
Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications
Required
Experience in performing penetration testing on the web applications deployed on the cloud platform
Required
Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.
Required
Location: Hybrid, Raleigh, NC
We are seeking a Cloud security engineer with experience in the healthcare industry. Must have Proven ability to secure cloud deployments and protect sensitive data. Adopt at working with senior management to develop and implement security strategy.
• Manage and support the implementation of AWS Cloud infrastructure for multiple clients, including design, deployment, maintenance, and troubleshooting.
• Create detail technical documentation to support the security management of client's cloud environments (e.g., network diagrams).
• Assist in developing privacy and security policies and procedures for new projects or enhancements to existing systems as well as providing guidance on best practices related to information technology security.
• Participate in regular status meetings with leaders and other stakeholders regarding current projects and future initiatives.
• Provide training to internal staff on topics such as Amazon Web Services (AWS) services, tools, etc..
• Create a cloud-based security platform that monitor and analyze data from multiple sources to identify potential threats
• Conduct penetration testing on the DHHS cloud infrastructure, identifying vulnerabilities in its security systems
• Develop an automated system for detecting anomalous behavior within the DHHS cloud environment using machine learning algorithms
• Conduct security assessments of web applications, networks, and systems to identify security vulnerabilities.
• Document findings and recommendations in security reports and presentations.
• Implement security controls to mitigate identified security risks.
• Conducted risk assessments to ensure compliance with NIST 800-53 frame work and HIPAA
• Design a comprehensive data loss prevention program that reduced sensitive information leakage
• Experience in performing penetration testing on the web applications deployed on the cloud platform.
• Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms.
Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.
CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP
Required / Desired Skills
Skill
Required / Desired
Amount
of Experience
CISSP / CISA / CCSP / Any security specialty certification on one of the leading cloud platforms (AWS/Azure/GCP)
Required
Performing the security assessments using NIST 800-53 r4 security controlP
Required
5
Years
HIPAA Privacy & Security compliance
Required
3
Years
Experience reviewing Soc2 Type2, FedRamp, HITRUST compliance reports
Required
3
Years
Knowledge of cloud native security services provided by the AWS/Azure/GCP cloud platforms
Required
Experience in performing the network, web and database security assessments.
Required
Familiar with the tools and techniques to find and remediate OWASP TOP 10 vulnerabilities of web applications
Required
Experience in performing penetration testing on the web applications deployed on the cloud platform
Required
Experience in Cloud Security Security architecture to ensure the department is meeting the federal, state, department and industry best practices.
Required