Healthcare Security Operations Consultant

Guidehouse•Los Angeles, CA

20h•Hybrid

About The Position

Guidehouse is a global AI-led professional services firm delivering advisory, technology, and managed services to the commercial and government sectors. With an integrated business technology approach, Guidehouse drives efficiency and resilience in the healthcare, financial services, energy, infrastructure, and national security markets. Built to help clients across industries outwit complexity, the firm brings together approximately 18,000 professionals to achieve lasting impact and shape a meaningful future. The Healthcare Security Operations Consultant will support vulnerability management and secure configuration operations, ensuring alignment with federal cybersecurity mandates. This role involves managing, monitoring, and coordinating remediation of vulnerabilities across NIH/HHS systems using tools like Tenable. The consultant will also develop vulnerability prioritization models, create secure configuration baselines, ensure compliance with patching timelines and federal directives, and collaborate with various teams to validate remediation actions. Additionally, the role includes preparing reports for leadership and federal oversight bodies, and developing KPI metrics for vulnerability and compliance tracking.

Requirements

Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse.
Minimum of THREE (3) years of cybersecurity or IT risk management experience.
Minimum of a Bachelors Degree is required.
Hands-on experience with Tenable.
Deep understanding of HIPAA and cybersecurity frameworks.
Strong communication and analytical thinking; ability to manage multiple concurrent priorities and deadlines.

Nice To Haves

Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance are preferred.
Experience focused on vulnerability management and/or secure configuration are preferred.
Experience with ServiceNow or Splunk Security Essentials.
Experience supporting security hardening of infrastructure supporting EHR systems.
Active CompTIA Security+ CE preferred.
Other certifications (CISSP, CEH, or cloud-related) are a plus.
Familiarity with ServiceNow or Splunk Security Essentials.
Knowledge of MITRE ATT&CK framework and vulnerability prioritization methodologies (e.g., EPSS, CVSS v3).
Prior experience within a federal or HHS environment.

Responsibilities

Support vulnerability management and secure configuration operations, ensuring alignment with federal cybersecurity mandates.
Manage, monitor, and monitor vulnerabilities across NIH/HHS systems using tools such as Tenable and coordinate timely remediation activities.
Develop vulnerability prioritization models based on risk, exposure, and asset criticality.
Develop secure configuration baselines and monitoring processes based on CIS Benchmarks.
Ensure compliance with patching timelines and federal vulnerability directives.
Collaborate with infrastructure, application, and security teams to validate remediation actions.
Support preparation of reports for leadership and federal oversight bodies.
Develop KPI metrics for vulnerability and compliance gap closure rates, asset risk scoring, and compliance tracking.

Benefits

Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Position may be eligible for a discretionary variable incentive bonus
Parental Leave and Adoption Assistance
401(k) Retirement Plan
Basic Life & Supplemental Life
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Student Loan PayDown
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Emergency Back-Up Childcare Program
Mobility Stipend