MARS-E / NIST Medicaid IT Security Auditor/Consultant - State Healthcare

About The Position

Requirements

• Minimum 8 years of combined experience in IT Internal Audits, Independent Third-Party and Risk Assessments, and Vulnerability management.
• Experience assessing firewalls, networks, including VPN, DLP, IDS/IPS.
• Familiarity with CMS MARS-E and NIST Security and Privacy control frameworks.
• Experience in IT Governance, Risk, Compliance (GRC), drafting security policies, plans, gap analysis, and recommendations.
• Bachelor's or Master's Degree in a relevant field.
• Hold one or more security certifications such as CISA, CISM, or CISSP.

Nice To Haves

• Comprehensive understanding of security and privacy controls.
• Exceptional analytical, communication, and collaboration skills.
• Thorough understanding of NIST, MARS-E, ARC-AMPE Frameworks and CMS Certification Requirements.
• Ability to understand and translate technical jargon.
• Advanced client and vendor relationship management skills.
• Working knowledge of cloud security (AWS/Azure).

Responsibilities

• Analyze and comprehend state business practices and IT system processes.
• Evaluate security and privacy controls to ensure correct implementation and operation.
• Identify artifacts and processes for each privacy and security control to be examined.
• Determine test methods and objects for security assessments.
• Identify personnel/roles to be interviewed during audits.
• Contribute to the discovery, assessment, analysis, and management of network and application vulnerabilities.
• Determine risk exposures and develop detailed remediation strategies.
• Support the planning and execution of internal audit procedures and report creation.

Benefits

• 401(k) matching
• AD&D insurance
• Dental insurance
• Disability insurance
• Health insurance
• Health savings account
• Paid time off