High Priority Requirement PL - Senior Security Consultant

Job Description: Maximum Budgeted Bill Rate: $110 SCOPE OF THE PROJECT: The Office of Information Assurance is tasked with securing the Agency cloud infrastructure and performing ongoing enterprise cybersecurity threat monitoring and incident response capabilities. A strong candidate for this position should possess experience in the following: Cyber Threat Response and Incident Handling Cyber Security Operations Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud Platform (Google Cloud Platform) Cloud Security Cloud Security tools and best practices DAILY DUTIES / RESPONSIBILITIES: The Cloud CyberSecurity Analyst will help Applications Team build and manage a Secure Cloud Infrastructure by adhering to Agency policy and industry best practices. This position will report directly to the CISO to drive innovation and maturation of the Agency's Cloud Cyber threat detection and response capabilities. We are looking for candidates who are highly organized, can work independently in a fast-paced environment and produce multiple quality deliverables within defined deadlines. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and drive efficiencies through the process. Essential Responsibilities 1. Perform threat identification and analysis of risks to the Medicaid Enterprise Cloud environments 2. Provide input and feedback on cloud/hybrid architectures related to Security 3. Assist in the implementation and advancement of Continuous Monitoring and Incident Response processes and procedures 4. Assist in investigation and remediation of Compliance policy violations, security incidents and related issues 5. Serve as a Security Point of Contact for matters related to Securing Cloud Infrastructure 6. Consult on, and provide requirements for critical projects and initiatives 7. Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels 8. Create documentation that can readily to be added to Agency procedures 9. Revise documents and artifacts as tactics and techniques evolve to address new and emergent threats and trends 10. Work with Information Technology, Application Development and Business Teams to advance security efforts of the Medicaid Enterprise 11. Raise the awareness level of cloud security in the agency 12. Conducts security assessments to identify areas of risk and ensure gaps are remediated 13. Effectively communicates to management and business stakeholders the status of projects and issues as they relate to Cloud Security REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): 1. 5+ years of experience of I.T. working with Windows, Linux, Cloud technologies and Web-based applications 2. A firm understanding of the offerings and capabilities within Amazon Web Services (AWS) and/or Google Cloud Platform and Microsoft Azure platforms 3. Cyber Threat Response and Incident Handling 4. Ability to communicate clearly, verbally and in writing; to interact effectively with internal and external vendors, project team members, management and agency departments; to build relationships and use facilitation skills with both technical and non-technical personnel 5. Ability to write, edit, and prepare graphic presentations of technical information for both technical and business personnel 6. Experience in organizing information in a way that is appropriate for technical explanations without losing sight of the needs and aptitude of the audience 7. Ability to collaborate and coordinate with multiple teams and vendors 8. Ability to work independently and as a member of a team 9. Ability to multitask and prioritize tasks effectively in order to meet deadlines 10. Must be intermediate to advanced skills in additional Microsoft Office products (Word, Excel, PowerPoint, Visio) and working with templates and style guidelines for branding consistency 11. Keen attention to detail while maintaining the ability to see the big picture 12. Ability to absorb and retain complex processes 13. Strong verbal and written communication skills 14. Experience with the evaluation and selection of products and vendors to support initiatives. 15. Ability to accept changes and constructive criticism in a fast turn-around environment PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): 1. 3+ years of experience with Cloud platforms such Amazon Web Services (AWS), Azure, Google Cloud Platform (Google Cloud Platform) 2. Prior experience working with cloud security and governance tools, cloud access security brokers (CASBs), and infrastructure as a code 3. Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, CloudFormation, Terraform, Ansible) preferred 4. Experience with full-stack deployment 5. Experience with Prisma Cloud or Dome9 REQUIRED EDUCATION/CERTIFICATIONS: ANY ONE OR COMBINATION OF: CERTIFIED CLOUD SECURITY PROFESSIONAL (CSSP) COMPTIA CLOUD + AWS CERTIFIED CLOUD PRACTITIONER SECURITY + OR SIMILAR WITH VALID EXPERIENCE PREFERRED EDUCATION/CERTIFICATIONS: BS degree in computer science, information technology, engineering or similar discipline Cloud certification (i.e. CASP +) Network security certifications Additional Sills: REQUIRED EDUCATION/CERTIFICATIONS: ANY ONE OR COMBINATION OF: CERTIFIED CLOUD SECURITY PROFESSIONAL (CSSP) COMPTIA CLOUD + AWS CERTIFIED CLOUD PRACTITIONER SECURITY + OR SIMILAR WITH VALID EXPERIENCE Skills: Category Name Required Importance Level Last Used Experience Administrative Verbal Communication Skills Yes 2 Expert Currently Using 4 - 6 Years Administrative Written Communication Skills Yes 2 Expert Currently Using 4 - 6 Years Cloud cloud platforms / environments Yes 1 Advanced Within 1 Year 4 - 6 Years Education Technical Certifications Yes 1 Advanced Currently Using 1 - 2 Years Education Bachelor of Science Degree No 1 Advanced Currently Using 2 - 4 Years Miscellaneous Configuration management No 1 Advanced Within 1 Year 1 - 2 Years Network Security Cybersecurity Yes 1 Advanced Within 1 Year 2 - 4 Years Network Security IT Security Yes 1 Advanced Within 6 Months 4 - 6 Years Networking & Directories INCIDENT MANAGEMENT Yes 1 Advanced Within 1 Year 2 - 4 Years Operating Systems/APIs Linux Yes 1 Advanced Within 6 Months 1 - 2 Years Operating Systems/APIs Windows Yes 1 Advanced Within 6 Months 1 - 2 Years Packaged Applications Microsoft Office Suite Yes 1 Advanced Currently Using 4 - 6 Years Specialties Azure Cloud and Virtualization Yes 1 Advanced Within 6 Months 1 - 2 Years Specialties Experience in system analysis and information technology Yes 1 Expert Currently Using 4 - 6 Years