Our History:From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record.Who We Are:Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project-based work.Conexess Group is aiding a large healthcare client in their search for a Controls Scoping Advisor in a hybrid capacity. This is a long-term opportunity with a competitive compensation package.
- This is a hybrid position requiring a candidate local to Bloomfield, CT. Onboarding/training the worker would be required to be onsite 5 days a week and then can move to a 3 day in office schedule**
Responsibilities:
- This position requires strong communication abilities, technical expertise in the areas of application, cloud and infrastructure security; the ability to work well in a team; and the ability to multitask and work on assignments
- Pull intake requests from a backlog queue
- Engage with internal customers
- Meet with the project teams to discuss and document project scope and impacted solution components
- Validate data types and classifications
- Deliver self-attestation exemption forms and self-assessment questionnaires to project teams
- Manage workflow for handoff to the Validation Advisor teams
Qualifications:
- BS or MA/MS in Computer Science, Information Security, or a related field is preferred OR equivalent work experience with the preferred certifications outlined below:
Certified Information Systems Security Professional (CISSP), Certified Cloud Information Professional (CCSP), Certified Information Security Manager (CISM), and/or Certified Risk and Information Systems Control (CRISC), Security+, Network+, etc.
- 5-10 of experience with information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.) & some regulatory compliance background is a plus.
- GRC tool experience and Issues Governance processes is desired.
- Working knowledge or understanding of following technologies/protocols/methodologies:
- Physical and Virtual Infrastructure
- Network Security
- Cloud Computing (AWS, Azure, Google, Private)
- Containerization
- API and Microservices
- Static & Dynamic Code Scans
- Prisma
- OpenStack, ACI, Openshift, Docker
- Software Defined Network
- Virtualization