Senior Security Consultant

About The Position

Requirements

• Minimum ten (10) years of combined, progressive experience in cybersecurity, information assurance, or IT security, including senior advisory, advanced practitioner, or program‑level leadership responsibilities.
• Demonstrated expertise in Security architecture
• Demonstrated expertise in Security and privacy risk assessments across the full Software Development Life Cycle (SDLC) and production environments
• Proven experience in IT governance, risk, and compliance (GRC), including Internal and external audit and compliance assessments
• Proven experience in IT governance, risk, and compliance (GRC), including Drafting and maintaining security and privacy documentation
• Proven experience in IT governance, risk, and compliance (GRC), including Conducting security and privacy risk assessments
• Extensive experience developing and supporting Security Incident Response Plans
• Extensive experience developing and supporting System Security & Privacy Plans (SSPPs)
• Extensive experience developing and supporting Risk Assessments and POA&M remediation strategies
• Strong experience evaluating, recommending, and supporting the implementation of cybersecurity tools and technologies.
• Demonstrated experience supporting U.S. Federal programs or agencies, particularly within regulated healthcare or public‑sector environments.
• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent practical experience).

Nice To Haves

• Master’s degree in Computer Science, Management Information Systems, Cybersecurity, or a related discipline.
• Strong working knowledge of Federal cybersecurity frameworks and standards, including FISMA
• Strong working knowledge of Federal cybersecurity frameworks and standards, including NIST SP 800‑53 (Moderate Baseline)
• Strong working knowledge of Federal cybersecurity frameworks and standards, including NIST/FIPS standards
• Strong working knowledge of Federal cybersecurity frameworks and standards, including HIPAA Security Rule
• Strong working knowledge of Federal cybersecurity frameworks and standards, including Privacy Act of 1974
• Strong working knowledge of Federal cybersecurity frameworks and standards, including FBI CJIS Security Policy
• Strong working knowledge of Federal cybersecurity frameworks and standards, including PCI DSS
• Strong working knowledge of Federal cybersecurity frameworks and standards, including SSAE 18 / SOC reporting requirements
• Holds one or more active security certifications, such as: CISSP
• Holds one or more active security certifications, such as: CISM
• Holds one or more active security certifications, such as: CISA
• Comprehensive understanding of security and privacy controls across enterprise systems and applications.
• Ability to clearly articulate cybersecurity and compliance concepts to technical and non‑technical stakeholders.
• Ability to translate complex security requirements into business, regulatory, and risk context.
• Experience acting as a cybersecurity Subject Matter Expert (SME) on large‑scale, government‑funded or highly regulated programs.
• Client and vendor collaboration experience within consulting or advisory environments.

Responsibilities

• Provides System Integration security architecture design
• Collaborate with the client to document security standards
• Provide security architecture advice and oversight to module vendors in support of module solution development, integration, and infrastructure
• Responsible for adherence to State security standards
• Communications with State Chief Information Security Officer (CISO)
• Compliance with HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) and NIST requirements
• Compliance with Internal Revenue Service (IRS) Federal Tax Information

Benefits

• medical, dental, and vision insurance with an employer contribution
• flexible spending or health savings account
• life and AD&D insurance
• short and long term disability coverage
• paid time off
• employee assistance
• participation in a 401k program with company match