Lead and support FISMA Risk Management Framework (RMF) compliant security programs
Develop, maintain, and validate security documentation such as System Security Plans (SSPs) and Privacy Impact Assessments (PIAs)
Serve as the primary point of contact for third-party audits and security assessments
Perform detailed architectural and risk reviews
Conduct security and compliance reviews of contracts and Data Sharing Agreements
Collaborate with vendors and internal teams to ensure compliance with security initiatives
Utilize tools such as Archer (eGRC) and Microsoft Office Suite

Requirements

8+ years of experience in IT security, infrastructure, or system auditing
Strong working knowledge of FISMA, NIST, CMS MARS-E, and HIPAA Security & Privacy rules
Hands-on experience with Archer or other eGRC platforms
Proficiency in IBM System 390/zSeries, Linux and Windows Servers, Relational and NoSQL databases
Experience with network firewalls, IPS, routing, and switching infrastructure, SIEM solutions, IAM systems
Strong communication skills with technical and non-technical stakeholders
Certification: ISC(2), ISACA, SANS GIAC or other Information Security Certification is required.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

FISMANISTCMS MARS-EHIPAA Security & PrivacyIBM System 390zSeriesLinuxWindows ServersRelational databasesNoSQL databases

communication skills

ISC(2)ISACASANS GIAC