Job Type : W2

Experience : 1-2 YRs

Location : Raleigh, NC

Posted Date : 24-Oct-2018

Description :

   Job Description:

Looking for IT Security Engineer for 
Multi year Project in Raleigh, NC.


  • Design, Perform analysis and implementation of secure solutions for new and existing environments.

  • Reviewing Infrastructure security vision, Medicaid Transformation road map as well as high level information related to the work currently in-flight

  •  Act as a liaison between enterprise (North Carolina Department of Health and Human Services, Privacy and Security Office) and vendors to mediate on security matters and to ensure appropriate solutions are in place, addressing controls and standards.

  •  Performing Security risk assessments aligning with Industry standards such as NIST, HIPAA, PCI, SSA, IRS, PUB 175, etc.; Provide recommendations and remediation plan for the found gaps.

  • Monitoring Vulnerability scan reports to ensuring Network Perimeter Protection is consistently enforced (ex. establishing security enterprise patterns), Web application security; Provide policies for inspection, logging, security testing, etc.

  • Validating top 10 OWASP (Open Web Application Security Project) are addressed; Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.

  • Review Request for proposal (RFP), Request for Quote (RFQ), Memorandum of Understanding (MOU) and Memorandum of Agreement (MOA) for privacy and security architecture requirements. Define and review Business Continuity Plan and Disaster Recovery Testing.

  • Create, maintain and update Plan of Actions and Milestones (POA&M) for various systems/LANs. Coordinated with senior leadership for mitigating vulnerabilities included in the POA&M.

  •  Determines appropriate settings for security policies/values, applied programmatically by DevOps Teams.


  • The minimum education requirements to perform the above job duties are a Bachelor’s degree in Computer Science, Applications, or related technical field. 

  • Good understanding of Cyber security, Risk Management, Compliance, Vulnerability, Security Architecture.