"Alerted.org

NIST SSPS Cyber Security Expert

(Jobs in Lincoln, NE)

Requirement id 153637

Job title Expert

Job location in Lincoln, NE

Skills required NIST, ISO 27001, PCI DSS, SSPS Cyber Security

Open Date 30-May-2025

Close Date

Job type Contract

Duration 23 Months

Compensation DOE

Status requirement ---

Job interview type ---

Email Recruiter:coolsoft

Job Description Expert: NIST, ISO 27001, PCI DSS, SSPS Cyber Security

Start Date :6/30/2025

End Date :05/30/2027

Submission Deadline :06/12/2025

Client Info : NeDHHS

Note:

* Job Title: Medicaid Senior IT Privacy and Security Analyst

* Job Type: Full-Time

* Work Location: Remote

Description:

Job Description Summary:

The resource will be responsible for developing the States Medicaid Data Warehouse system security plan, supporting audits, and third-party assessments. The resource will focus on ensuring the States security posture meets compliance standards by actively participating in internal and external audits, reviewing third-party vendor security practices, and identifying potential risks to mitigate during assessments.

Job Responsibilities:

• Create and maintain System Security Plans for the State of Nebraskas Data Warehouse.

• Develop standard operating procedures, controls-related documentation, and other required security documents.

• Prepare for audits: Gather necessary documentation, review security controls, and address any identified gaps before an audit occurs.

• Collaborate with auditors: Provide access to systems and information, answer questions about security practices, and explain control implementation details.

• Collaborate with the State team to prepare for audits and internal assessments.

• Responding to audit findings: Analyzing audit results, developing remediation plans, and tracking progress on addressing identified issues.

• Third-party vendor risk assessment:

• Evaluating the security posture of third-party vendors by reviewing their security policies, procedures, and controls.

• Identifying potential security risks associated with vendor relationships.

• Communicate security concerns to vendors and work with them to implement necessary security improvements.

Required Credentials and Experience:

• Expertise in security frameworks, including NIST Cybersecurity Framework, NIST 800-53, and other industry standards such as ISO 27001, PCI DSS, and CIS Controls.

• Experience in developing System Security Plans (SSPs) aligned with NIST guidelines.

• Strong ability to identify, analyze, and prioritize security risks, along with a solid understanding of audit methodologies and compliance reporting requirements.

• Broad understanding of network security, system administration, application security, vulnerability management, and data protection technologies.

• Experience interpreting vulnerability assessment reports and remediating security findings.

• Ability to effectively communicate security risks and recommendations to both technical and non-technical audiences, including leadership.

• Minimum of seven years in IT security roles, with a preference for candidates who have held management or leadership positions.

• Bachelors degree in cybersecurity, computer science, information technology, or a related field.

Preferred Credentials and Experience:

• Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).

Experience in MARS-E security guidelines from CMS.

Call502-379-4456 Ext 100for more details. Please provide Requirement id: 153637 while calling.