Title: Security Analyst - Health IT
Location: United States-Maryland-Woodlawn
Other Locations: null
Northrop Grumman is seeking an experienced Security Analyst to join our team of qualified, diverse individuals. The position is located in Woodlawn, Maryland. The qualified applicant will become part of Northrop Grumman''s Health Information Systems operating unit, an organization that serves the IT needs of state and local governments.
Roles and Responsibilities
The Security Analyst is responsible for managing program security, preventing unauthorized use of the system, maintaining system process controls, and logging all transactions. Additionally, this position shall provide security to limit availability to application functionality, software screens, data records, data elements, and data element values where appropriate.
The Security Lead is responsible for producing, implementing and monitoring a Security Plan that addresses the following:
· Ensure data confidentiality, including protection from unauthorized access, while:
a. In transit - either through execution of secure, authenticated, two-way transactions as well as ensuring that all other data is encrypted beyond the reasonable threat of a successful brute force attack, or comparable risk-based mechanisms;
b. In storage - ensure that confidential data in databases from which public data is being extracted will not be compromised.
· Preventive and detective access controls and reporting mechanisms, ensuring a timely and reliable process for notification to the user, custodian, owner, and/or customer in the event of a security breach.
· Ensure that access controls are strictly enforceable and auditable.
· Ensure data integrity - maintain data and transaction integrity and confidentiality; where applicable address legal and regulatory issues with regard to unauthorized access, misuse, or fraud audit trails, and options for resolution.
· Ensure data reliability - maintain sufficient detail and summary information to ensure statutory and regulatory reporting and compliance responsibilities.
· Ensure data availability - maintain data and network access continuity ensuring its availability for required business processes.
· Ensure physical and environmental control - working with the customer to identify mechanisms ensuring only authorized operations personnel access data or computer facilities unless expressly approved by the owner of the data, and determine environmental control required to mitigate the risk of loss.
· Ensure application audit capabilities - implement date-time stamp, or other mechanism sufficient to provide an audit trail for identifying critical data and resource application activity, and the reporting of unauthorized intrusions and activity or attempted breaches.
· Responsible for the implementation and monitoring of compliance with privacy and security policies and procedures.
· Will implement an operate a Security Program along with security training and awareness to ensure the Health Insurance Portability Act (HIPPA) security and confidentiality requirements, the Federal Information Security Management Act of 2002 (FISMA), the Health Information Technology for Economic and Clinical Health Act (HITECH Act), the Social Security Administration Office of System Security Operations management Guidelines, and the federal tax information safeguarding requirements defined by the IRS in the Title 26 of the United States Code (U.S.C) section 6103, and IRS Publication 1075 governing the safeguarding requirements for sensitive data are met.
Bachelors Degree in Information Technology, Business
Administration, or related field. Equivalent experience will be accepted in
lieu of a degree.
9 Years with Bachelors Degree; 7 Years with Masters; 4 Years with
Must have past experience as a Security Lead implementing a
Must have three (3)
years experience managing a staff of security professionals.
Must have strong experience using security management tools
Must have experience
working in a lead role within the IT Security Department of a large
organization or a large IT project
Must have three (3)
years experience securing data centers
Must be either US
Citizen or Green Card holder
Must be able to obtain
a Position of Public Trust
Excellent verbal and written communications skills are required
Experience with the Center of Medicare and Medicaid Services.
For a listing of all Northrop
Grumman open positions, please visit our website at
Northrop Grumman Corporation is a
leading global security company whose 75,000 employees provide innovative
systems, products, and solutions in aerospace, electronics, information systems
and technical services to government and commercial customers worldwide.
Northrop Grumman is an Equal Opportunity Employer committed to hiring and
retaining a diverse workforce regardless of age. U.S. Citizenship is required
for most positions.