Join the Code360 Team: Senior Security Specialist
Are you passionate about data and statistical analysis? Code360 is seeking a talented Security Specialist with Centers for Medicare & Medicaid experience (CMS) to enhance our diverse and innovative team. This is a remote position, offering flexibility and the opportunity to collaborate with professionals dedicated to excellence and impact.
Note: This position is contingent upon the award of the contract.
What We’re Looking For
The Information Security Manager is responsible for ensuring compliance with all CMS information security requirements throughout the contract lifecycle. This role leads the planning, implementation, oversight, and continuous monitoring of security controls to protect information systems, applications, and data in accordance with CMS, HHS, and Federal security policies. The Information Security Manager works closely with program leadership, system owners, developers, infrastructure teams, and security stakeholders to integrate security into all phases of the CMS TLC while supporting ongoing authorization, compliance, and risk management activities.
What You Should Know:
We value our culture and connection, plus flexibility to work from home. We are currently designing hybrid options. Due to the nature of the project, candidates must be a US Citizen.
We need your Software Development skills! What other skills will help you succeed at Code360? Glad you asked! We’re excited about candidates who can accomplish the following:
Responsibilities and Contributions:
- Oversee compliance with CMS ARS information security policies, standards, and contractual security requirements.
- Lead the implementation, documentation, and continuous monitoring of security controls in accordance with NIST RMF, FISMA, CMS ARS, and HHS security requirements.
- Provide technical guidance on secure system architecture, application security, cloud security, and secure software development practices.
- Ensure security requirements are integrated throughout the System Development Life Cycle (SDLC).
- Support Authority to Operate (ATO), security assessments, Plan of Action and Milestones (POA&M), vulnerability remediation, and continuous monitoring activities.
- Coordinate security risk assessments, audits, vulnerability management, and incident response activities.
- Develop and maintain system security documentation, including System Security Plans (SSPs), security policies, procedures, and supporting artifacts.
- Collaborate with CMS security officials, ISSOs, project teams, and stakeholders to resolve security findings and maintain compliance.
- Monitor emerging cybersecurity threats and recommend appropriate mitigation strategies.
- Provide security awareness guidance and support compliance reporting throughout the contract.
Qualifications
- Experience with CMS, HHS, or Federal information security requirements.
- Knowledge of NIST Risk Management Framework (RMF), FISMA, CMS Acceptable Risk Safeguards (ARS), FedRAMP, and Zero Trust principles.
- Professional certifications such as CISSP, CISM, Security+, CAP, or comparable cybersecurity certifications are preferred.
- Experience providing technical guidance in the development and implementation of IT security programs, security policies, standards, and System Development Life Cycle (SDLC) security practices.
- Experience supporting Federal information security compliance programs.
- Government experience preferred.
Education
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field from an accredited institution, or four (4) or more years of relevant experience in information security, cybersecurity, or IT security program implementation.
- Advanced degree preferred or equivalent combination of education and experience
Nice to have:
- Additional Certifications
Compensation:
We believe in paying people fairly, so we've established a compensation model that ensures everyone at Code360 — regardless of race, ethnicity, gender, sexual orientation, disability, religion, age, nationality, or negotiation skills — is given equal pay for equal work.
So What’s Next?
Code360 has good success rate in providing valuable resources to our customers in the past. This is primarily because of our robust hiring strategy. We believe in time well spent in finding the right candidate is time saved in getting the job done effectively. Our hiring process does not start with getting a job description, we engage with the hiring manager to understand the key expectation for an ideal candidate, and we strive hard to find the right candidates to get the job done.
Our hiring strategy involves identifying the experience levels of the candidates, multiple rounds of interviews are conducted with online hands-on coding exercise, diagramming skills, checking the candidate’s knowledge levels. We also engage certified Scrum Agile Practitioners and professionals certified in the relevant technology to screen the candidates. We make sure that the ideal candidate has the desired technical skill as well as the right attitude to blend into the team in order to achieve maximum productivity in short span of time.
Why Code360?
Our employees deserve a better life… better health! And, every member of the Code360 team has something to share, and we value the unique viewpoint you’ll bring to our community. Code360 offers signature benefits that helps our employees stays in balance with work and life.
Here are a few highlights of our benefits package:
- Signature benefits
- Family-friendly workplace
- 3 weeks accrued PTO + 11 federal holidays
- Excellent PPO and HSA health, dental and vision plans with the maximized Employer contribution
- Professional Development/Certifications and Tuition Reimbursement
- Employer sponsored LTD, STD and Basic Life Insurance
- 401(k) plan with employer contributions
About Code360:
Code360 Inc., is an IT Digital Services company providing software development and consulting services, specializing in advanced Health IT, IT Governance, Cloud, Software Development, Business Intelligence and Open Standards and technologies.
We are specialized in enabling seamless automation and best IT practices, agency governance into Solution Architecture, Health IT, Cloud, and Business Intelligence technologies to develop robust, secure, and stable 360-degree solutions to achieve greater results.
That’s not our only goal, though. We also strive to create a purple culture that makes our employees excited to come to work every day. That’s why we encourage our employees to pursue their passions, both in and out of the office.
Code360 believes in equal opportunity employment. We won’t discriminate against any employee or applicant on the basis of race, gender, nationality, age, religion, disability, military status, or sexual orientation. As a company and as individuals, we’re committed to providing an inclusive and welcoming environment for our team, our family members, our clients, our subcontractors, and our vendors.
Job Type: Full-time
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Professional development assistance
- Retirement plan
- Tuition reimbursement
- Vision insurance
Application Question(s):
Experience:
- Information Security: 5 years (Required)
- Risk Management Framework: 3 years (Required)
- FedRAMP: 3 years (Required)
- ARS: 2 years (Required)
- FISMA: 3 years (Required)
- HHS/Centers for Medicare & Medicaid (CMS: 2 years (Required)
Work Location: Hybrid remote in Catonsville, MD 21228