Information System Security Engineer
3B Staffing LLC, Austin, TX, United States
Qualifications
Minimum Requirements:
12 years of:
deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments
10 years of:
Proven experience owning SSP development end to end
Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks
Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management
8 years of:
Ability to translate technical security issues into compliance aligned remediation actions
Strong stakeholder management skills across security, infrastructure, and application teams
Excellent written and verbal communication skills, particularly for executive stakeholders
Knowledge of NIST 800 53, NIST RMF, and privacy controls
Knowledge of Secure SDLC and DevSecOps practices
Preferred:
5 years of:
Experience operating in multi-vendor, multi-platform environments
Demonstrated ability to reduce repeat audit findings and improve compliance maturity
Experience mentoring or guiding teams on security governance best practices
1 year of:
Experience supporting HHSC systems, including SSP development and compliance
Minimum Requirements:
12 years of:
deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments
10 years of:
Proven experience owning SSP development end to end
Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks
Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management
8 years of:
Ability to translate technical security issues into compliance aligned remediation actions
Strong stakeholder management skills across security, infrastructure, and application teams
Excellent written and verbal communication skills, particularly for executive stakeholders
Knowledge of NIST 800 53, NIST RMF, and privacy controls
Knowledge of Secure SDLC and DevSecOps practices
Preferred:
5 years of:
Experience operating in multi-vendor, multi-platform environments
Demonstrated ability to reduce repeat audit findings and improve compliance maturity
Experience mentoring or guiding teams on security governance best practices
1 year of:
Experience supporting HHSC systems, including SSP development and compliance