About The Position
We are seeking a Security Consultant (Staff) to provide security leadership and guidance across application modernization and database migration workstreams. This role will establish security, logging, observability, and compliance standards while ensuring the modernized environment aligns with public sector and healthcare data protection requirements. As the primary security resource supporting multiple workstreams, the consultant will focus on defining patterns, governance, and best practices rather than implementing every security control directly.
Requirements
- Strong experience performing secure code reviews and application security assessments
- Expertise with ASP.NET Core security best practices
- Experience migrating authentication and authorization frameworks, including: Forms Authentication, System.Web.Security Membership, ASP.NET Core Identity, OIDC / OAuth 2.0, JWT-based authentication
- Knowledge of: CORS configuration, Anti-forgery protections, ASP.NET Core Data Protection APIs (MachineKey replacement)
- Hands-on expertise with AWS Security: IAM Roles and Policies, AWS Secrets Manager, AWS Systems Manager Parameter Store, AWS Key Management Service (KMS), Security Groups, AWS WAF, Amazon GuardDuty, AWS CloudTrail
- Experience securing cloud-native applications and database workloads
- Experience implementing structured logging solutions using: Serilog, Microsoft.Extensions.Logging
- Knowledge of: OpenTelemetry, CloudWatch Logs, CloudWatch Metrics, Distributed tracing and correlation IDs across modernized application stacks
- Experience supporting environments containing PHI and PII
- Knowledge of: Encryption in transit (TLS), Encryption at rest, Database and field-level protection strategies
- Familiarity with healthcare and government compliance requirements, including: HIPAA, NIST 800-53, State government security frameworks, StateRAMP and FedRAMP concepts
- U.S. Citizens or U.S. Permanent Residents (Green Card holders) able to work in the United States without current or future visa sponsorship
- Undergo fingerprinting as part of the onboarding process
- Successfully complete a government background investigation (CJIS-type clearance)
Nice To Haves
- AWS Certified Security ā Specialty certification
- Prior experience supporting Medicaid, healthcare, health-and-human-services, or other public sector programs
- Experience securing large-scale modernization or cloud migration initiatives
- Familiarity with AWS-based application modernization and database migration projects
Responsibilities
- Define and oversee security, logging, and observability standards throughout modernization and migration efforts
- Establish secure architecture patterns for AWS-based target environments
- Develop and promote IAM, secrets management, and least-privilege access strategies
- Ensure proper handling and protection of PHI and PII data within healthcare and Medicaid-related systems
- Advise teams on compliance requirements applicable to state government workloads
- Review application security controls, authentication and authorization approaches, and secure coding practices
- Assess converted database access patterns and connection security, including Aurora PostgreSQL endpoints
- Provide guidance on encryption, monitoring, logging, and auditability requirements
- Support risk identification, remediation planning, and security governance activities
- Collaborate with technical teams to embed security best practices throughout the delivery lifecycle
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Career Level
Senior
Education Level
No Education Listed
