Lead Security Officer - eSimplicity Remote Bookmark Share Print 274 0 1

Listing Description

eSimplicity is modern digital services company that delivers innovative federal and commercial IT solutions designed to improve the health and lives of millions of Americans while defending our national interests. Our solutions and services improve healthcare for millions of Americans, protect our borders, and defend our country on the battlefields supporting the Air Force, Space Force, and Navy.
 
eSimplicity's people-centric approach aims to transform the American healthcare experience through innovative technologies. Our team’s experience spans various federal civilian customers on diverse projects across its core competencies. Our priority is to safeguardour community by leading the government’s cloud migration, developing artificial intelligencemodelsto identify fraudulent Medicare claims, and accelerating access to data and insights.


We’re seeking a Lead Security Officer responsible for taking the lead on implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, setting program policy all the while ensuring a successful program ATO. The Lead Security Officer provides oversight and is the subject matter expert to lower-level Security personnel. The Security Engineer is responsible to monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, networks, databases, and Web-based assets. 

Responsibilities
  • Conducts vulnerability assessments and monitors systems, networks, databases and Web-based assets for potential system breaches. Recommends and takes the lead on implementing changes to enhance security systems and prevent unauthorized access.
  • Responds to alerts from information security tools. Reports, investigates, and resolves higher level security incidents. 
  • Responds to security tool outages, degradations in service, tune security rules and alerts, and setup/maintain security tool dashboards and reporting.
  • Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. Ensures compliance with regulations and privacy laws.
  • Educates and communicates security requirements and procedures to all users and new employees.
  • Sets program strategy for a continuous security practice and designs all security and privacy policies across an entire large-scale program.
  • Develop, prepares (and engages with other Security SME’s) a continuous security training curricula used across the program to encourage a security mindset across the team.
  • Applies iterative security automation to all program aspects increasing overall security posture iteratively and never accepts the status quo.
  • Responsible for program Security and Privacy strategies across all teams. Ensures a consistent approach and management across the program.
  • CISO leader will mentor, coach and establish Security and Privacy best practices used across all delivery programs.
  • CISO leader will participate in business development activities, technical challenges and contribute to technical business development responses.

    • Required Qualifications
  • A Bachelor’s degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline. With ten years of general information technology experience and at least four years of specialized experience, a degree is not required.
  • Expert in setting program level security strategy (Privacy and Security Policies)
  • Cloud, AWS EMR, Databricks Content Management Systems, Big Data, AI/ML
  • Understands continuous automated security practices applied to data and application engineering teams.
  • Expert in designing security “baked-in” to any architecture: Cloud and IaC, Applications, Web application, Data Processing, Data Centric Applications, AI/ML, CICD Pipelines; seeks automation driven designs.
  • Experience with Agile methodologies
  • Experience with Atlassian Jira/Confluence
  • Experience with Security Information and Event Management (SIEM) systems.
  • Demonstrated work experience and conceptual expertise with the following: computer networking, cryptography, security engineering and architecture patterns, vulnerability assessments, or operating systems required. 
  • Broad experience using cloud services, Linux systems, and Development/Data engineering core tools Github, GitHub Actions, Security Tools, etc.
  • Demonstrated working knowledge of vulnerability assessment and penetration testing tools.
  • Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system.
  • Proven ability to work effectively both independently and/or in a team setting. 
  • Ability to communicate technical information to a non-technical audience. 
  • Must possess strong analytical and problem-solving abilities; and strong critical-thinking skills in complex communication environments. 
  • Strong attention to detail. Required to manage/follow-through of multiple independent tasks, dependencies across intra/inter-project teams
  • Excellent organizational and time-management skills in a fast-paced environment. 
  • Excellent customer service skills with the ability to deal tactfully, confidently, and ethically with both internal and external customers.
  • Expert in Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary.
  • Experience with Centers for Medicare and Medicaid Services security practices or industry certification such as the CISSP, CEH, GIAC, etc.
  • A driven security/privacy policy and engineering SME with an interest to drive their own career and corporate strategy through the business development engagement process.
  • A passionate security and privacy leader that brings this passion to mentor other Security SMEs and promotes a security mindset across all engineering roles through continuous training engagements on/off the programs.
  • Proven experience establishing a multi-program strategy for security and best practices (policy, process and technology).
  • Excellent command of written and spoken English.  
  • Ability to obtain and maintain a Public Trust; residing in the United States

    • Desired Qualifications
  • Experience working in the healthcare industry or Government Agency: CMS.
  • Federal Government contracting work experience
  • Highly preferred industry certification such as the CISSP, CEH, GIAC, etc.
    • eSimplicity supports a remote work environment operating within the Eastern time zone so we can work with and respond to our government clients. Expected hours are 9:00 AM to 5:00 PM Eastern unless otherwise directed by your manager.

    Benefits:
    We offer highly competitive salary, full healthcare benefits, performance bonus, and a flexible leave policy.

    Equal Employment Opportunity:
    eSimplicity is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Starfish Logo

    A Starfish Partners Company

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!