We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search

Job posting has expired

#alert
Back to search results / More jobs like this
Back to search results
New
Quadrant, Inc. jobs

Security - Security Engineer

Quadrant, Inc.
United States, Maryland, Windsor Mill
May 06, 2025
Security Engineer

Remote

MUST:

Experienced Security Engineer

5+ years of experience conducting security assessments for complex systems and applications.

Past experience supporting CMS and/or HHS security requirements, including obtaining and maintaining ATO, performing full and 1/3 security assessments, and knowledge of CFACTS.

Expert knowledge of FISMA, NIST, HIPAA, ARS, CMS OIS policies and standards, and best practices for CMS applications.

Security testing, including knowledge of application architecture, code, SDLC.

Excellent communication skills (verbal and written).

Portswigger BurpSuite, QualysGuard, HP Fortify, JAVA

DUTIES:

Provide expert analysis and review to ensure that systems supported by SCG comply with CMS and HHS security requirements, including NIST, FISMA, HIPAA, ARS, and CMS policies and standards.

Provide guidance and assist development teams in obtaining Authorization to Operate (ATO) for new applications.

Perform Annual and On Demand ACT Security Assessments for SCG supported contracts, including developing a Test Plan, Executing the Test Plan, Interviewing the CISO, System Administrator (s), Business Owner, and other critical stakeholders. Also document findings and assessment results and upload that information to CFACTS.

Create POAMs in CFACTS for all security findings, then monitor and update findings in CFACTS until all issues are resolved and closed.

Advise CMS and HHS on security requirements throughout XLC/TLC System Lifecycle Development (SDLC) process.

Support transitions from current CFACTS and ARS Control versions to higher versions.

Create and maintain system security documentation for all supported applications, including SSP, ISRA, SDD, etc.

Perform security risk analysis to assess all application vulnerability, then recommend technical solutions to help mitigate vulnerabilities.

Serve as trusted security advisor to CMS/HHS and all project stakeholders.

*Quadrant, Inc. is an equal opportunity and affirmative action employer. Quadrant is committed to administering all employment and personnel actions on the basis of merit and free of discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or status as an individual with a disability. Consistent with this commitment, we are dedicated to the employment and advancement of qualified minorities, women, individuals with disabilities, protected veterans, persons of all ethnic backgrounds and religions according to their abilities.

(web-94d49cc66-tl7z6)