Information Technology Security Officer
: Job Details :

Role: Information Technology Security OfficerLocation: Jackson, MS - Onsite in MS a minimum of 1 week per month plus during an emergency defined by the State Health Office or as negotiated between the contractor and the agency.Contract positionRequired Skills/Experience Provide the minimum required skills and/or experience the contractor must possess to qualify for this position. These requirements will be transferred to the Score Sheet and candidates without these requirements reflected on their resume will NOT be presented to the manager for consideration. - Minimum of 5 years' experience cybersecurity, including 2+ years in leadership Must be a Certified Information Security Manager (CISM) or a Certified Information Systems Security Professional (CISSP) - Must be a Certified HIPAA Professional (CHP) - Must have technical experience with the following Security Toolset Areas: Patch/Vulnerability Management, EDR/XDR, Microsoft Defender 365, Supply Chain Monitoring, and SIEM/SOAR - Experience leading or participating in security program development, revision, and continuous improvement activities Position Description and Job Skill Set Description of the job functions the contractor will be expected to perform. Under 45 CFR §164.308, as a covered entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), MSDH is required to identify a Security Officer responsible for the development and implementation of policies and procedures to ensure the integrity of electronic Protected Health Information (ePHI) created, transmitted, received and/or stored by the agency. This individual, designated as the IT Security Officer (ITSO), also is required by the state Department of Information Technology Services (ITS) under Rule 1.6 of the ITS Enterprise Security Policy. Under this rule, the ITSO is responsible for: - Developing and maintaining agency-specific security plans, policies, and procedures. - Interacting with ITS as the primary contact for security related issues. - Ensuring MSDH is adhering to the State of Mississippi Enterprise Security Policy. - Participating in the state information security threat intelligence feeds. - Researching IT industry for security related issues and how it affects MSDH specifically. - Monitoring security applications, activity logs, resources and issues within the agency utilizing approved security software and hardware. - Facilitating the State Auditor's Information Systems Audit and any Third-Party Risk Assessments. - Manage the agency's Vulnerability Management and Supply Chain risk programs Preferred/Not Required Provide any skills/experience that would be helpful for the candidate to possess but not required. Examples: Previous supervisory experience, WebLogic experience helpful, etc. Governmental data modernization or project management experience AI/ML development experience in cybersecurity initiatives (next-generation firewalls, threat hunting, cyber risk, etc).