IT Security & Compliance Specialist I
Salary undisclosed
Checking job availability...
Original
Simplified
Description of Work
As of January 1, 2025, the new salary range will be $72,993 - $109,490
NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid Division for Public Health (DPH) to be in compliance with Federal, NC State and NC DHHS requirements. IT Security Specialist should perform & support privacy, security, and continuity of operations goals, policies and practices, Contract reviews, Risk assessments based on NIST 800-53 rev 5. Should participate in the planning and implementation of privacy and security program for DPH.
This position is to aid Division for Public Health (DPH) in the identification of gaps through risk analysis, risk management and assist in the development of mitigation strategies. This position is to achieve and support program privacy, security, and continuity of operations goals, policies and practices with responsibility for analyzing and developing privacy, security, and continuity of operations related activities for DPH.
Duties Include, Are Not Limited To
Listed below are the knowledge, skills and abilities (KSAs) associated with the position. These KSAs, along with the minimum education and experience listed, are required in order to be deemed "eligible" for the position therefore you must provide supporting information, within the body of your application, to demonstrate your possession of each KSA listed.
Qualified applicants must possess, and application must clearly reflect work experience that demonstrates the following:
Some state job postings say you can qualify by an “equivalent combination of education and experience.” If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See https://oshr.nc.gov/experience-guide for details.
Qualified applicants must possess, and application must clearly reflect work experience that demonstrates the following:
Bachelor's degree in computer science or a related IT related field or closely related field from an appropriately accredited institution and one year experience in IT Security;
OR
Associate's degree in computer science or a related IT related field or closely related field from an appropriately accredited institution and two years of experience in IT Security; OR
an equivalent combination of education and experience.
Supplemental and Contact Information
The North Carolina Department of Health and Human Services (DHHS) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders. We are committed to reviewing requests for reasonable accommodation at any time during the hiring process or while on the job.
For more information about DHHS: https://www.ncdhhs.gov/.
DHHS uses the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified individuals. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position.
It is critical to our screening and salary determination process that applications contain comprehensive information. Information should be provided in the appropriate areas to include the beginning and end dates of jobs worked, education with the date graduated, all work experience, and certificates /licenses. Resumes will not be accepted in lieu of completing this application. Answers to Supplemental Questions must refer to education or work experience listed on this application to receive credit. Degrees must be received from appropriately accredited institutions.
NOTE: Applicants will be communicated via email only for updates on the status of their application or any questions on their application. If there are any questions about this posting other than your application status, please contact HR at 919-855-4930.
To check the status of an application, please log in to your NC Government Job Opportunities account and click "Application Status".
For technical issues with your application, please call the NeoGov Helpline at 877-204-4442. If you have a technical issue with your Government Jobs account, please call their Help Line at 1-855-524-5627.
As of January 1, 2025, the new salary range will be $72,993 - $109,490
NC DHHS - Privacy and Security Office (PSO) requiring services of an IT Security Specialist to aid Division for Public Health (DPH) to be in compliance with Federal, NC State and NC DHHS requirements. IT Security Specialist should perform & support privacy, security, and continuity of operations goals, policies and practices, Contract reviews, Risk assessments based on NIST 800-53 rev 5. Should participate in the planning and implementation of privacy and security program for DPH.
This position is to aid Division for Public Health (DPH) in the identification of gaps through risk analysis, risk management and assist in the development of mitigation strategies. This position is to achieve and support program privacy, security, and continuity of operations goals, policies and practices with responsibility for analyzing and developing privacy, security, and continuity of operations related activities for DPH.
Duties Include, Are Not Limited To
- Respond to privacy and security incidents/breaches and vulnerabilities.
- Assist in patching and remediation of vulnerability scans.
- Evaluate contracts, agreements and projects.
- Create and maintain privacy and security training and awareness efforts.
- Participate in system reviews/audits while administering security policies, activities, and standards in accordance with Federal, State and Departmental (DHHS) regulations and policies affecting DHHS applications.
- Discover, evaluate, assess, and document organizational systems, networks, and components using Qualys, Tenable Nessus vulnerability scanning.
- Experience with risk assessment methodology best practices and tools.
- Configure and schedule scans; ensure vulnerability assessment results are generated, accurate, clear, actionable, and available to appropriate personnel.
- Configure risk assessment tools to perform various NIST 800-53, HIPAA, FDA assessments.
- Follow-up and tracking of remediation issues arising from vulnerability scanning and serve as technical expert for vulnerability assessment processes and reports.
Listed below are the knowledge, skills and abilities (KSAs) associated with the position. These KSAs, along with the minimum education and experience listed, are required in order to be deemed "eligible" for the position therefore you must provide supporting information, within the body of your application, to demonstrate your possession of each KSA listed.
Qualified applicants must possess, and application must clearly reflect work experience that demonstrates the following:
- Documented experience with vulnerability assessments and communicating results in accurate, clear, actionable, and available way to appropriate personnel
- Experience with vulnerability scanning and network security best practices
- Background experience serving as a knowledge base for organizations as it relates to Federal and state compliance requirements & mitigation strategies.
- Prior experience Performing risk assessments based on NIST 800-53 Rev 4. HIPAA, SSA and IRS Pub 1075.
- Demonstrated experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.
- Documented experience in reviewing RFP, RFQ, MOU and MOA for privacy and security architecture requirements.
- Demonstrated experience in reviewing the Business Continuity plans, Disaster Recovery Testing plans
- Experience with North Carolina DHHS business and IT functions.
- Demonstrate a working knowledge of HIPAA.
Some state job postings say you can qualify by an “equivalent combination of education and experience.” If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See https://oshr.nc.gov/experience-guide for details.
Qualified applicants must possess, and application must clearly reflect work experience that demonstrates the following:
Bachelor's degree in computer science or a related IT related field or closely related field from an appropriately accredited institution and one year experience in IT Security;
OR
Associate's degree in computer science or a related IT related field or closely related field from an appropriately accredited institution and two years of experience in IT Security; OR
an equivalent combination of education and experience.
Supplemental and Contact Information
The North Carolina Department of Health and Human Services (DHHS) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders. We are committed to reviewing requests for reasonable accommodation at any time during the hiring process or while on the job.
For more information about DHHS: https://www.ncdhhs.gov/.
DHHS uses the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified individuals. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position.
It is critical to our screening and salary determination process that applications contain comprehensive information. Information should be provided in the appropriate areas to include the beginning and end dates of jobs worked, education with the date graduated, all work experience, and certificates /licenses. Resumes will not be accepted in lieu of completing this application. Answers to Supplemental Questions must refer to education or work experience listed on this application to receive credit. Degrees must be received from appropriately accredited institutions.
- Applicants seeking Veteran's Preference must attach a DD-214 Member-4 Form (Certificate of Release or Discharge from Active Duty) to their applications.
- Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if they are a current member of the NC National Guard in good standing. If a former member of the NC National Guard, who served for at least 6 years and was discharged under honorable conditions, they must attach either a DD256 or NGB 22.
- If applicants earned college credit hours but did not complete a degree program, they must attach an unofficial transcript to each application to receive credit for this education.
- Applicants may be subject to a criminal background check. All candidates selected for positions considered "Positions of Trust" will be subject to a criminal background check.
NOTE: Applicants will be communicated via email only for updates on the status of their application or any questions on their application. If there are any questions about this posting other than your application status, please contact HR at 919-855-4930.
To check the status of an application, please log in to your NC Government Job Opportunities account and click "Application Status".
For technical issues with your application, please call the NeoGov Helpline at 877-204-4442. If you have a technical issue with your Government Jobs account, please call their Help Line at 1-855-524-5627.