Sign upLog in

Application Security Manager

Lancesoft

Quincy, MA

Apply
JOB DETAILS
SALARY
$55
SKILLS
Access Authorization, Amazon Web Services (AWS), Applications Security, Automation System Development, Best Practices, CCSP - Cisco Certified Security Professional, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Science, Computer Security, Department of Health and Human Services, Detail Oriented, Federal Information Processing Standards (FIPS), Government Organizations, HIPAA (Health Insurance Portability and Accountability Act), Identify Issues, Industry Standards, Information Architecture, Information Technology & Information Systems, Information/Data Security (InfoSec), Interpersonal Skills, Maintain Compliance, Management Strategy, On Call, Penetration Testing, Presentation/Verbal Skills, Privacy Controls, Problem Solving Skills, Process Improvement, Production Support, Quality Assurance, Regulations, Regulatory Compliance, Reporting Skills, Risk, Risk Management, Security Auditing, Security Compliance, Security Information and Event Management (SIEM), Security Monitoring, Software Migration, Software Testing, Systems Administration/Management, Systems Maintenance, Team Player, Technical Support, Test Requirements, Test Tools, Time Management, Training/Teaching, U.S. National Institute of Standards and Technology (NIST), Writing Skills
LOCATION
Quincy, MA
POSTED
3 days ago
Client: State of MA
Duration: 12 Months
Work Hours: 37.5hrs/week
Location: Quincy, MA
Position: Hybrid

SUMMARY:
Executive Office of Health and Human services is looking for a Security manager who will be responsible for ensuring the security of the company's infrastructure, networks, data and applications. Application Security manager will ensure that applications and services of an organization are secured and implemented with best security practices following the organization’s governance model.

JOB DUTIES (Detailed Statement of Duties and Responsibilities):
  • Implement Data Security Management and Operation models.
  • Establish various security compliance standards including (but not limited to) NIST(National Institute of Standards and Technology), FIPS(Federal Information Processing Standards), FedRAMP(Federal Risk and Authorization Management Program)
  • Engage with agency Privacy and Security office teams to exchange Compliance reports and obtain approvals as necessary.
  • Involve with auditors as necessary to provide compliance reports as requested and implement mitigation steps as required.
  • Implement process and tools for application vulnerability testing(SAST/DAST).
  • Establish and manage a vulnerability management including coordination of penetration testing and ongoing vulnerability remediation, tracking, and security compliance reporting.
  • Setup requirements for penetration testing and engage with vendors and agencies to perform/report pen tests.
  • Setup infrastructure audits and reports with the help of system admins and vendors as necessary.
  • Maintaining the system integrity and security by following the industry standard IT Controls
  • Implement automation of systems administration and software migration for QA and Production
  • Develop relationships with QA and application teams to establish quality and application compliance based on Organization standards.
  • Provide architecture and configuration recommendations to ensure hosted/deployed environments are security and best practices compliant.
  • Provide technical assistance/recommendations to agency users and other agency personnel throughout the Commonwealth.
  • Evaluate security and audit tools and support them as necessary.
  • Identify and successfully troubleshoot problems in all environments and work across teams to ensure problems get resolved in a timely manner
  • Available for off-hour incidents and provide 24x7 on-call production support on a rotation basis
  • Provide training to teams on security and compliance as necessary
  • Work towards continuous process improvements.
REQUIRED SKILLS (Special Skill Set, Abilities, Knowledge):
  • In-depth knowledge and experience working with common regulatory framework applications related to data security, including HIPAA, HITRUST, - General Data Protection Regulation (GDPR), National Institute of Standards & Technology (NIST) standards, and similar constructs are highly desired.
  • Previous knowledge and experience in designing and architecting information technology and security controls across complex and diverse networks, applications, and infrastructures are strongly preferred.
  • Technical aptitude, critical thinking skills, and the ability to think outside the box.
  • Demonstrated ability to solve complex information security problems, observe security risks and weaknesses, and provide security recommendations to the respective project and delivery teams.
  • Ability to translate technical risk issues to business leaders and upper management. Excellent verbal, written, and interpersonal communication skills.
  • Detail-oriented and value teamwork.
  • Ability to resolve problems as they arise and handle situations expediently.
  • Must be able to work a flexible schedule according to business needs, including evenings, weekends, and holidays.
QUALIFICATIONS (Education, Years’Experience, Certificates):
  • 10+ years of IT experience with at least 5+ years as a Security Manager/officer.
  • Bachelor's degree in Information Technology or computer science or related field or equivalent experience.
  • Preferred: AWS security and compliance. Security certifications, e.G., CISSP, CISA, CISM, CCSP.

About the Company

L

Lancesoft

We are a $125 Million, NMSDC-certified Minority & Woman owned Workforce Solutions Company headquartered in the DC metro area with presence across US with global presence - Canada, Mexico, India, UK, Malaysia, Indonasia, Hongkong, Singapore, UAE. We are specialized in providing Workforce Solutions, SOW project delivery, Engineering Solutions, Creative Services. We currently support 100+ Fortune companies globally and across multiple industry segments. We are currently supporting several massive programs across industry segment nationally/globally (Intel, Ally, AMD, QUALCOMM, Morgan Stanley, Kraft/ Mondelez, MNP, Amdocs, Dell, SanDisk, Medtronic, Becton Dickinson, GE, Lockheed Martin, UTC, L-3 Communications, Caterpillar, BMW, Mercedes Benz, National Grid, Dominion, Energy Future Holdings, PSEG, 3M, Fidelity, Aetna, Humana, Johnson & Johnson, Pfizer, Merck etc). 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, identity, national origin, disability, or protected veteran status.

COMPANY SIZE
2,000 to 2,499 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
2000
WEBSITE
http://www.lancesoft.com/

Resume Resources

Free Resume TemplatesFree Resume Builder