Client: Human Services
Location: Honolulu, Hawaii
Education: Bachelor’s degree from an accredited four (4) year college or university in computer science, information systems, or other related field of information technology.
Specialized training or equivalent work experience can substitute for the education requirement.
Information security related certification(s) such as CISSP, CISA, CISM desired, but not required.
Information security-related certification (e.g., incident handling, security essentials, information systems auditing, etc.) desired but not required.
Security operations and Centers for Medicare & Medicaid Services (CMS) security standards; Information security principles, methodologies and practices as they relate to the following information security activities: access control, application security, business continuity and disaster recovery planning, cryptography, risk management, legal and regulatory constraints, compliance, investigations (eDiscovery), operations security, security architecture and design, telecommunications and network security; good understanding of information security aspects of large, complex IT systems and applications; MARS-E, MITA, NIST Special Publications 800 Series (preferred); and public sector or human services business domain (preferred).
- Perform security-related activities to include responding to security incidents, assessing and reviewing security controls, and reporting findings to management.
- Perform activities that comply with enterprise standards and requirements, and achievement of operational goals and objectives.
- Works with other individuals within the Privacy and Security Compliance Office, DHS divisions and offices to adhere and comply with documented security policies, procedures, standards, and guidelines.
- Conducts operational security activities and assess security controls. Works closely with consultants and DHS staff to resolve problems/barriers encountered during assessments.
- Ensures risks and issues are identified and are properly analyzed, discussed and mitigated, and when necessary are escalated to the appropriate decision-making body.
- Works with system designers, engineers, users, architects to resolve any problems related to security incidents and security operations.
- Assists in the development of workable solutions regarding staff utilization, facilities and procedural matters.
- Participates in a variety of activities with Office of Enterprise Technology Services (ETS) to understand and contribute to the State’s overall management of security incidents and DHS security operations
- Contributes to project status reports to the DHS teams, Operations Committee and Executive Steering Committee. Identifies areas of risk and recommends action items that should be implemented to mitigate risks.
- Utilizes appropriate departmental staff as well as outside resources to seek the proper knowledge, skills and abilities required to carry out the objectives/activities of assigned projects and tasks.
- Maintains active and open communications with security team and consultants/contractors as needed ensuring effective coordination and integration of projects. Provides teams with constructive feedback as it pertains to project security.
- Tracks industry trends and maintain knowledge of new technologies to better serve the enterprise’s security operations and incident response needs.
- Attends team meetings and collaborate with management.
- Review and ensure the quality of security artifacts; obtain and analyze facts, identify risks and potential mitigation strategies; resolve conflicts fairly and consistently; exercise judgment and make logical and objective decisions; work independently and in a team; gain the confidence and cooperation of others; juggle multiple/conflicting priorities; and communicate effectively both orally and in writing.
8251 Greensboro Drive, Suite 250
(703) 373-7330 Ext.319