You will manage security compliance and risk mitigation for the NC FAST Application and Infrastructure Modernization project.
Responsibilities
Support the ISSO in managing system security plans and achieving Authorization to Operate (ATO) through the Assessment and Authorization (A&A) process.
Oversee security compliance for applications and systems in cloud environments, ensuring alignment with MARS-E, NIST, and HIPAA guidelines.
Collaborate with Enterprise Architecture, DBA, and Development teams to implement automated Disaster Recovery capabilities, including alerting, containment, and data recovery.
Perform internal assessments of security controls and monitor infrastructure assets using NIST 800-53 standards.
Track remediation efforts from audits and assessments using Plans of Actions and Milestones (POA&Ms) and Correction Action Plans (CAPs).
Required Skills
5+ years of related IT security work experience.
5 years of experience providing security compliance for applications in cloud environments (AWS, Azure, or Google).
5 years of experience updating and maintaining SSP/SSPP documentation.
5 years of experience participating in Assessment & Authorization (A&A/ATO) processes.
5 years of experience monitoring and testing system components utilizing NIST 800-53.
Proven experience with Disaster Recovery planning and implementation.
Knowledge of MARS-E, NIST, and HIPAA regulatory frameworks.
Ability to develop security event logging and monitoring processes.
Preferred Skills
Experience reviewing RFP, MOU, and MOA documents for privacy, security, Business Continuity Planning, and audit requirements.