It Security and Compliance Specialist II

This position will have responsibility to consult in security related planning, management, monitoring and support multiple cloud infrastructures, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), and Salesforce. It will also provide consulting services around the security design, deployment, maintenance, and troubleshooting of the department’s cloud solutions and infrastructure including:

• Create detailed technical documentation to support cloud security across multiple environments. 
• Aid in developing privacy and security policies, procedures, and reference documents. Serve as a subject matter expert to projects or solution teams by providing guidance on best practices related to information security. 
• Conduct security assessments and compliance checks on cloud solutions and environments. 
• Work with vendors and third-party service providers to ensure their services meet security requirements.
• Participate in regular status meetings with IT leadership as well as other stakeholders regarding current projects and future initiatives security posture.
• Provide training to internal staff on cloud platforms and services.
• Work to create a cloud-based security platform that monitors and analyzes data from multiple sources to identify potential threats. 
• Develop an automated system for detecting anomalous behavior within cloud environments using machine learning algorithms. 

The North Carolina Department of Health and Human Services (DHHS) is one of the largest, most complex agencies in the state, and has approximately 17,000 employees. It is responsible for ensuring the health, safety, and well-being of all North Carolinians, providing human service needs for special populations including individuals who are deaf, blind, developmentally disabled, and mentally ill, and helping poor North Carolinians achieve economic independence.

About the NC Division of Information Technology: 

DHHS Information Technology (IT) Division provides enterprise information technology leadership and solutions to the department and their partners so that they can leverage technology, resulting ultimately in delivery of consistent, cost effective, reliable, accessible, and secure services. DHHS IT Division works with business divisions to help ensure the availability and integrity of automated information systems to meet their business goals. DHHS IT Division’s primary information technology services are Application Management, Project Management, Privacy and Security, Financial Management, Health Information Technology, Infrastructure and Service Management.

Compensation and Benefits:

The State of North Carolina offers excellent comprehensive benefits. Employees can participate in health insurance options, standard and supplemental retirement plans, and the NCFlex program (numerous high-quality, low-cost benefits on a pre-tax basis). Employees also receive paid vacation, sick, and community service leave. In addition, paid parental leave is available to eligible employees. Visit website for benefits: https://oshr.nc.gov/state-employee-resources/benefits.

For more information about DHHS: https://www.ncdhhs.gov/

Listed below are the knowledge, skills and abilities (KSAs) associated with the position.  These KSAs, along with the minimum education and experience listed, are required in order to be deemed "eligible" for the position therefore you must provide supporting information, within the body of your application, to demonstrate your possession of each KSA listed.    

Qualified applicants must possess, and application must clearly reflect work experience that demonstrates the following:

• Demonstrated experience applying knowledge of security engineering concepts related to cloud platform solutions to meet operational requirements, such as scalability, security, reliability, extensibility, and manageability
• Experience applying knowledge of cloud native security technologies
• Hands-on experience implementing various cloud technologies including networking, security and compliance, compute, storage, and databases
• Experience with cloud security and implementation features; OS, multi-tenancy, virtualization, orchestration, elastic scalability, etc.
• Proven experience in articulating complex technical problems to a non-technical audience
• Demonstrated demonstrated experience working with compliance frameworks such as PCI, SOX, SOC 2, ISO 27001, NIST 800-53 and applying their concepts to a complex environment
• Demonstrated experience in accurately assessing risk, forecast both long and short-term outcomes, and evaluating the implications in a complex business environment.
• Experience with micro-services and serverless technologies
• Hands-on experience in designing and implementing multi and hybrid cloud security solutions
• Proven experience with security tool configuration tuning to maximize capabilities, minimize false positives and optimize resources

Some state job postings say you can qualify by an “equivalent combination of education and experience.” If that language appears below, then you may qualify through EITHER years of education OR years of directly related experience, OR a combination of both. See https://oshr.nc.gov/experience-guide for details.

The North Carolina Department of Health and Human Services (DHHS) is an Equal Opportunity Employer who embraces an Employment First philosophy which consists of complying with all federal laws, state laws and Executive Orders. We are committed to reviewing requests for reasonable accommodation at any time during the hiring process or while on the job.

For more information about DHHS: https://www.ncdhhs.gov/.

DHHS uses the Merit-Based Recruitment and Selection Plan to fill positions subject to the State Human Resources Act with the most qualified individuals. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position. 

It is critical to our screening and salary determination process that applications contain comprehensive information. Information should be provided in the appropriate areas to include the beginning and end dates of jobs worked, education with the date graduated, all work experience, and certificates /licenses. Resumes will not be accepted in lieu of completing this application. Answers to Supplemental Questions must refer to education or work experience listed on this application to receive credit. Degrees must be received from appropriately accredited institutions.

• Applicants seeking Veteran's Preference must attach a DD-214 Member-4 Form (Certificate of Release or Discharge from Active Duty) to their applications.
• Applicants seeking National Guard Preference must attach a NGB 23A (RPAS) if they are a current member of the NC National Guard in good standing. If a former member of the NC National Guard, who served for at least 6 years and was discharged under honorable conditions, they must attach either a DD256 or NGB 22.
• If applicants earned college credit hours but did not complete a degree program, they must attach an unofficial transcript to each application to receive credit for this education.
• Applicants may be subject to a criminal background check. All candidates selected for positions considered "Positions of Trust" will be subject to a criminal background check.

Applications for positions requiring specific coursework must be accompanied by a copy of the applicant's transcript. Applicants with degrees not conferred at a United States college or university must attach verification that their degree is equivalent to a similar degree from a U.S. institution. The Office of State Human Resources uses the National Association of Credential Evaluation Services (NACES) as a referral resource for applicants who need to have their credentials certified as equivalent. For a list of organizations that perform this specialized service, please visit the NACES membership website at https://www.naces.org/members. Transcripts, degree evaluations and cover letters may be uploaded with your application.

NOTE: Applicants will be communicated via email only for updates on the status of their application or any questions on their application. If there are any questions about this posting other than your application status, please contact HR at 919-855-4930.

To check the status of an application, please log in to your NC Government Job Opportunities account and click "Application Status".