Sr. Security Engineer
- Coordinate with IT Operations and Software Development teams to design and build secure AWS architectures and services in standardized and automatable patterns
- Collaborate with Infosec team to develop security requirements for Cloud infrastructure
- Develop processes and procedures for managing and maintaining systems
- Communicate progress, updates, and any obstacles or support requirements to Infosec leadership
- Hands-on experience on Amazon AWS cloud infrastructure related to security is required, including but not limited to IAM, Security Groups, VPCs, EC2, ELB/ALB, KMS, CloudTrail, CloudWatch, and Lambda
- Ability to configure AWS-specific logging for information security requirements
- Strong background in infrastructure and networking, Windows, and Linux
- Knowledge of network based, system level, and application layer attacks and mitigation methods, and how they apply in a Cloud environment
- Knowledge of Authentication and Authorization (AD, OAuth, SAML)
- Ability to translate functional and technical business requirements into secure technical implementations
- Familiarity with common compliance requirements such as FISMA, HIPAA, and PCI
- Minimum 2 years hands-on AWS experience
- Minimum 6 years information security experience
- One or more AWS certifications of at least Associate level
- One or more common security certifications, such as CISSP, CISM, or GIAC, etc.
- Experience in DevOps environments and maintaining security in CI/CD pipeline
- Experience with Cloud automation such as CloudFormation, Chef, Puppet, or Ansible
?Owings Mills, MD
? Months Contract
?? (High possibility for extension)
This position will work in collaboration with the Manager of Regulatory Compliance in coordinating internal audits; conduct regular review and audit of internal controls within each functional area for strengths and weaknesses ensuring special focus allocation to the specific risk areas creating the highest exposure. Coordinate the follow-up process for audit findings; develop and implement a corrective action plan for any areas identified as risk exposure.
Provide regular monitoring and control of the corrective action plan implementation. Communicate the risks associated with the control deficiencies identified along with regular investigative, analytic and audit reporting data to all stakeholders. This position has responsibility for the preparation and communication of the monthly status report for the State of Compliance. Integrate processes designed to support the implementation of all state and federal mandates to include work necessitated by future changes in the dynamic ACA environment. Incorporate complete transparency and accountability through the creation and maintenance of auditable supporting documentation such as Policies and Procedures, SOPs, workflows, and training materials.
Supports the compliance program by developing the control architecture to achieve and maintain compliance with new federal and state regulations.
- Assist the Manager in the development and implementation of the compliance program to ensure compliance and alignment with Federal, State regulatory statutes.
- Ensure correct interpretation of the Federal and State regulatory operational requirements in the changing ACA environment, mitigating risk of exposure in the event of a conflict between the two.
- Assists the Manager and Director in developing and implementing a comprehensive risk-based audit program to effectively test controls, continuously review, and improve departmental policies and procedures to achieve greater efficiencies and effectiveness.
- Provide support to the Manager and Director in the interpretation of regulations and regulatory rules/guidelines to demonstrate division compliance with state and federal standards.
- Maintain a central content repository by gathering and organizing compliance-related policies, applicable insurance laws and regulations and ensure a department policy and procedure exists for each law/regulation.
Under the general direction of the Manager of Regulatory Compliance
- Coordinate and schedule internal audits assigned by the Compliance Manager and the Director of Performance, Development, Compliance and Analysis.
- Continuously analyze and align all functional area Policies and Procedures, SOPs, workflows, and systems and ensure they are in compliance and alignment with regulations and remain updated and current
- Review complex business processes, systems, workflows, SOPs, Policies and Procedures and policies to identify, document, and elevate the presence of risks and trends within, that may be non-compliant with contracts and or statutory requirements especially in the claims processing, enrollment and service arenas – all jurisdictions, all products, all processing platforms to include our subsidiaries and vendors.
- Review internal controls, both manual and automated, and/or management controls in each functional area to remove any risk or exposure.
- Analyze controls for strengths and weaknesses ensuring special focus allocation to the specific risk areas creating the highest exposure to the Business Unit.
- Implement process and forum to review audit findings with stakeholders. Review audit findings with appropriate management staff to ensure accuracy. Perform follow-up activities related to audits/reviews and special projects and ensure corrective action and remediation occurs. Perform internal follow-up audits on each functional group to ensure that the department has implemented corrective actions. Prepare audit report on follow-up audit activities.
- Work with management to establish and implement corrective action plan as an outcome of any audit findings.
- Assist management in discharging their responsibilities by mitigating risks, safeguarding assets, identifying fraudulent activities, complying with laws and regulations directly tied to operational efficiency.
- Monitor, assess, and report significant matters to the Compliance Manager and the Director of Performance, Development, Compliance and Analysis.
- Remain abreast of emerging issues and developments that have direct impact on the Business Unit.
- (15%) Apply continuous Quality Improvement principles to system, processes, departmental data and other relevant problems affecting audit and reporting requirements using analytical and problem resolution skills. Determines most appropriate solution and provides recommendations for solutions and/or corrective action.
- (15%) Update and maintain several departmental reports for internal use and for distribution to senior management.
- A Bachelor’s degree in Business Administration, Accounting, or Healthcare Compliance with a minimum of 4+ years working experience in health insurance industry, managed care and government programs, health insurance compliance programs, or related fields.
- Experience in project management, business process analysis, work flow, and task analysis
- An ability to read and interpret insurance laws, regulations and policies
- Experience in state, federal regulatory oversight is required.
- An ability to gather and analyze data and generate reports with knowledge of local systems (such as Facets, PEGA, SMARTS, MOS, CFD, BX, HWS, etc.) and experience with hardware and software required to understand how they interface with the compliance regulatory statutes
- Must be experienced and proficient with Word, Advanced Excel and database management and related software applications
- Must display leadership qualities, functional expertise, and business perspective with considerable judgment, tact, initiative, accuracy and trustworthiness
- Should bring excellent interpersonal skills with ability to build consensus and agreement and bring resolution to contentious issues and entrenched interests.
- An ability to present and discuss regulatory compliance goals in a way that establishes rapport, persuades others, and gains commitment
- An ability to research complex issues, interpret regulations and regulatory rules/guidance
- Must exhibit sound judgment in determining a recommendation or solution to a problem, with a demonstrated ability to lead problem-solving discussions
- Flexibility and the ability to adapt to shifting priorities; able to work independently as well as part of a team
- Should possess strong organizational, coordination skills and interpersonal skills for facilitating Compliance audits
- Must have excellent oral and written communications, able to communicate and make presentation to all levels of management and associates at all levels throughout the Company
- Must be able to effectively work in a fast-paced environment with frequently changing priorities, deadlines, and workloads that can be variable for long periods of time.
- Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence.
- Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.
- Knowledge of organization, operations, and systems used of the business areas being supported.
- Experience in claims, enrollment and billing and service.
- An understanding of legal requirements and expectations for health insurance operations.
- Travel is necessary to coordinate audit primarily in both the DC and MD offices and other sites as required.
Job Status: Contract/Temporary