Job description

Requirements

  • Entry level
  • No Education
  • Salary $6,851.00 - $8,916.00 gross per month
  • DENVER METRO, CO

Description

Department Information

What We Do:
The Governor's Office of Information Technology (OIT) strives to impact the lives of all Coloradans to create a safer, happier and healthier state. We work to empower the State of Colorado with flexible technology that will drive sustainable and intelligent business decisions. We envision a future where the end-user experience shapes design, and data analytics transform how state government serves its residents.

At OIT, we recognize that "how" we deliver is as important as "what" we deliver. Our core values define our character, and each employee is expected to embody these values in all the work we do:

SERVICE: Serving the people of Colorado
Intentionally and generously serving others for a better Colorado.

INTEGRITY: Demonstrating credibility and sincerity in our work
Inspiring confidence and trust in the Governor's Office of Information Technology through our personal conduct.

TEAMWORK: Collaboratively working together at OIT and across the state
Working cooperatively with others and engaging in constructive dialogue to overcome difficult challenges

RESPECT: Appreciating and acknowledging the role, diversity, and contribution of those with whom we work.
Consistently conducting ourselves in a way that shows regard and thoughtfulness to others.

COURAGE: Pushing boundaries to foster positive change
Proactively and positively pursuing the transformations necessary to address tough issues and drive innovation.

INNOVATION: FOSTERING NEW IDEAS
We foster new ideas. We challenge the status quo and continuously ask, "How can we do this better?" Then we take action and make a difference through novel processes and technology.

Why We Want You:
We want your expertise, positive energy, drive to succeed and love of this great state as we work to elevate the expectations Coloradans have of their government.

What You'll Get From Us:
At OIT you will find an opportunity to contribute meaningful work to support and serve Colorado residents. It's your chance to combine your love of technology with public service. Plus, you'll have great benefits, motivated team members, and opportunities for advancement.

Check out this video to see why our employees love working for the Governor's Office of Information Technology:

https://www.youtube.com/watch?v=gkvsAxCwoxs&feature=youtu.be


Description of Job
Job Summary

The purpose of the CBMS unit is to administer the Colorado eligibility and enrollment systems for food, medical and cash benefits, CBMS and PEAK, which are jointly owned by Health Care Policy and Financing (HCPF) and the Colorado Department of Human Services (CDHS). The Colorado Governor's OIT, Colorado's Connecting Entity, manages CBMS, PEAK, and the CBMS-associated OIT Gateway, a single connection to the FDSH for use by COHBE and CBMS. CBMS and PEAK applications are hosted in Amazon Web Services (AWS) and Salesforce FedRAMP certified data centers, respectively.

This role services as the SME or Lead for Agency level engineering project initiatives. For small to large initiatives, this role may work in the capacity of participate or leader. On complex initiatives, they will work in a participate capacity. This role provides leadership and mentorship to Engineers assigned to their project initiatives and oversee the completion of all milestones apart of the initiatives they are leading. This role reviews all progress reports submitted by their engineer initiative teams and prepares a summary report and presents it to Agency leadership. In this role, you will work on new and innovative solutions; developing and testing possible solutions to determine practical options to be presented at the agency and enterprise level for consideration.

As an experienced security, risk and compliance professional, this position identifies and defines technical and security related projects that support the operation and maintenance of the Colorado Benefits Management System, PEAK and associated systems. More specifically, the Senior Security Engineer is a senior technology solutions leader, providing forward-looking recommendations for applications solutions and development across a broad scope of responsibility. The Senior Engineer will have a primary focus and be a subject matter expert for a specific technology platform and/or a specific agency. This position provides guidance to agency leadership, OIT senior managers and senior developers on technical solutions to customer requests, best practices and enterprise standards for operational support and maintenance.

Primary Job Responsibility - Monitoring


- Monitor different levels of security
- Notify appropriate personnel of any discrepancies, security breach, suspicious activity, etc.
- Ensure IT environment domains are secure.
- Address any issues, events, incidents, vulnerabilities, or weaknesses.
- Continually evaluate the gaps in compliance with applicable security and privacy standards (including NIST, MARS E, and IRS 1075).
- Comply with OIT CISO policies and procedures.
- Update application specific security policies and training. Publish to all staff and contractors that support or use the CBMS, PEAK and associated systems. Monitor service provider policy compliance. Monitor for compliance within the CBMS and PEAK teams.
- Update required compliance gap documentation (includes, but not limited to CMS POA&M, audit findings, scan reports and IRS CAP) with risk severity, mitigation plan and timeline for mitigating and status.
- Keep management informed of compliance status and risks.
- Identify and address issues and risks that impact compliance with the policies and procedures.
- Identify opportunities for improvement and employ current systems' strengths to leverage those opportunities as well as investigate new technologies, methodologies, and advancements that can facilitate developing more secure designs and reaching new security objectives.


Primary Job Responsibility - Implementing
- Implementand follow cyber security policies, standard pools, and best practices.
- Adjust to changing environments and ensure tools, controls, and monitoring are in place.
- Respond to project deliverables.
- Agency level specific research and validation of functionality of current and emerging technologies.
- Interpret business, technical, security, regulatory, and architectural requirements in researching and recommending solutions at the agency level.
- Collaborate with other teams within the Chief Technology Office to determine technology fit within the agency and portfolio levels.
- Pilot or build proof of concept for agency and portfolio level technologies proposed for adoption in partnership with sustaining resources.
- Manage solution workflow within at agency or portfolio level.
- Develop high-level agency specific estimates of the team work effort needed to deliver solutions based on the project specifications provided.
- Implement highly technical advisory duties associated with the design, implementation, and support of technical solutions.
- Responsible for providing Subject Matter Expertise (SME) or Lead level of experience for agency or portfolio solutions.
- Provide hands-on support and participation in an on-requested basis for specific projects requiring intervention or additional support.
- Validate the implementation of technical projects that are not tested by SIT/UAT
- Participate in regular status meetings to review everyone's accomplishments from the previous week, objectives, for the coming week, and roadblocks that could undermine reaching objectives.
- Assist in alleviating roadblocks by providing suggestions for resolution.


Primary Job Responsibility - Remediation
- With audit findings, remediate compliance issues and vulnerabilities that have been found via analysis.
- Provide technical risk assessments that will inform the customer and provide a path for a secure environment.
- Conduct security research in keeping abreast of the latest security enclave.
- Work with peers or supervisors to help research/test issues that arise.
- Initiate dialog with appropriate support teams to troubleshoot issues/problems.

Additional Duties As Assigned
- Perform any other duties as assigned.


Minimum Qualifications, Substitutions, Conditions of Employment & Appeal Rights
Minimum Job Requrements

Work Experience


- Three years' experience in a lead or supervisory role in an IT environment
- Advanced understanding of the NIST security and privacy requirements or experience implementing the standard
- Five years' experience in security compliance design or auditing

Education/Training
- BA, BS degree or equivalent work experience
- Three years experience in IT security

Preferred Qualifications
- Security Certification preferred
- Experience as an auditor, facilitating audits, or regularly responding to audits in an IT environment
- Understanding of the MARS E security and privacy requirements or experience implementing the standard


Supplemental Information

- Conditions of employment:A pre-employment criminal background check will be conducted as part of the selection process, and/or other department-specific screens as required. Felony convictions or conviction of crimes of moral turpitude or conviction of misdemeanors related to job duties may disqualify you from being considered for this position.
- Some details to be aware of:Former employees of the State of Colorado who have not left in good standing will be reviewed on a case-by-case basis.
- Comparative Analysis Process:is the selection process used to identify the applicant that fits the job the best from a qualified applicant pool. Applications and applicants are compared to others in the pool to identify a top group. Appl

  • cap
  • ms project