Security Consultant – Staff
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Consultant providing security leadership across application modernization and database migration. Establishing compliance standards and guiding technical teams in security best practices.
Responsibilities:
- We are seeking a Security Consultant (Staff) to provide security leadership and guidance across application modernization and database migration workstreams.
- This role will establish security, logging, observability, and compliance standards while ensuring the modernized environment aligns with public sector and healthcare data protection requirements.
- As the primary security resource supporting multiple workstreams, the consultant will focus on defining patterns, governance, and best practices rather than implementing every security control directly.
- Define and oversee security, logging, and observability standards throughout modernization and migration efforts
- Establish secure architecture patterns for AWS-based target environments
- Develop and promote IAM, secrets management, and least-privilege access strategies
- Ensure proper handling and protection of PHI and PII data within healthcare and Medicaid-related systems
- Advise teams on compliance requirements applicable to state government workloads
- Review application security controls, authentication and authorization approaches, and secure coding practices
- Assess converted database access patterns and connection security, including Aurora PostgreSQL endpoints
- Provide guidance on encryption, monitoring, logging, and auditability requirements
- Support risk identification, remediation planning, and security governance activities
- Collaborate with technical teams to embed security best practices throughout the delivery lifecycle
Requirements:
- Security & Application Modernization
- Strong experience performing secure code reviews and application security assessments
- Expertise with ASP.NET Core security best practices
- Experience migrating authentication and authorization frameworks, including: Forms Authentication System.Web.Security Membership ASP.NET Core Identity OIDC / OAuth 2.0 JWT-based authentication
- Knowledge of: CORS configuration Anti-forgery protections ASP.NET Core Data Protection APIs (MachineKey replacement)
- AWS Security
- Hands-on expertise with: IAM Roles and Policies AWS Secrets Manager AWS Systems Manager Parameter Store AWS Key Management Service (KMS) Security Groups AWS WAF Amazon GuardDuty AWS CloudTrail
- Experience securing cloud-native applications and database workloads
- Observability & Monitoring
- Experience implementing structured logging solutions using: Serilog Microsoft.Extensions.Logging
- Knowledge of: OpenTelemetry CloudWatch Logs CloudWatch Metrics Distributed tracing and correlation IDs across modernized application stacks
- Data Protection & Compliance
- Experience supporting environments containing PHI and PII
- Knowledge of: Encryption in transit (TLS) Encryption at rest Database and field-level protection strategies
- Familiarity with healthcare and government compliance requirements, including: HIPAA NIST 800-53 State government security frameworks StateRAMP and FedRAMP concepts
- Preferred Qualifications AWS Certified Security – Specialty certification
- Prior experience supporting Medicaid, healthcare, health-and-human-services, or other public sector programs
- Experience securing large-scale modernization or cloud migration initiatives
- Familiarity with AWS-based application modernization and database migration projects
Benefits:
- Important Screening Requirements
- Due to client and clearance requirements
- Candidates must be U.S. Citizens or U.S. Permanent Residents (Green Card holders) and able to work in the United States without current or future visa sponsorship.
- Undergo fingerprinting as part of the onboarding process
- Successfully complete a government background investigation (CJIS-type clearance)
Similar Jobs
Senior SailPoint App Security Specialist
Senior SailPoint App Security Specialist managing identity solutions within international projects for IRIUM. Ensuring security and integrity of corporate applications with a remote working model.
SAILPOINT App Security Specialist
SailPoint App Security Specialist managing identity solutions for corporate applications. Ensuring security and integrity while working fully remotely in Spain.
Security Brand Program Manager
Security Brand Program Manager implementing security initiatives and promoting a security culture at Jamf. Collaborating with cross-functional teams to strengthen security values for Apple customers worldwide.
Cybersecurity Engineer
Cybersecurity Engineer responsible for designing and implementing secure solutions at Apollo Information Systems. Working remotely, collaborating with teams to enhance cybersecurity for clients.
Cybersecurity Advisor II
Cybersecurity Advisor II developing business-aware security strategies for clients and guiding compliance efforts. Engaging in long-term advisory relationships with strong focus on business outcomes.
Cybersecurity Engineer
Cyber Security Engineer enhancing security posture and automating protection in healthcare settings. Responsibilities include incident response and vulnerability management across IT environments.
Security & Compliance Engineer
Security & Compliance Engineer improving operational security for SaaS products at Grant Street Group. Focused on vulnerability management and compliance in AWS and Linux environments.
Business Information Security Officer
Business Information Security Officer at Blip Global facilitating communication between security and product teams. Engaging deeply in product cycles and technical discussions for effective security integration.
Information Security Compliance Associate
Information Security Compliance Associate maintaining compliance and security documentation for Case IQ. Supporting internal and external audits while collaborating with IT and Security teams.
Learning Facilitator – Security and Property Protection – m/f/d
Trainer:in at WBS TRAINING focusing on competency development in security education. Conducting lessons and supporting learners in their professional growth.
Principal Cloud Security Architect – Azure
Cloud Security Architect at Tamnoon engaging with customers and remediating cloud vulnerabilities. Collaborating with teams to enhance security practices and share technical knowledge.
Associate Architect, SAP Security, Threat Mitigation
Associate Architect supporting Rimini Protect! Security Services to research threats and vulnerabilities. Collaborating closely with team and Client Success Managers to enhance ERP solution security.
CyberSecurity Engineer
CyberSecurity Engineer collaborating with teams to secure products and applications for a global technology company. Delivering security solutions across technologies with a focus on various security practices.
Senior UX Designer – Zero Trust Security
Senior UX Designer at Akamai responsible for user-centered design processes and innovative solutions for data-driven B2B SaaS products. Lead ideation, research, design, and validation for complex product areas.
Cyber Advisor, Managed Security
Cyber Advisor responsible for advising SMBs on cybersecurity risks and improving security postures at At-Bay. Liaising with clients and underwriting teams to enhance cybersecurity services.
Workday HCM Security Administrator
Workday HCM Security Administrator optimizing and securing HR systems for HHS. Driving continuous improvements and enhancing employee experience with Workday HCM capabilities.
Cybersecurity Graduate Adjunct
Adjunct faculty teaching graduate level courses in cybersecurity at Houston Christian University. Engaging students in an interactive online environment within a Christian educational context.
Senior AI Security Engineer
Senior AI Security Engineer at bunny.net focused on building AI security solutions. Collaborating with Product and AI leadership to develop detection systems and security architecture for AI products.
Cyber Security Intern – GRC
Cyber Security Intern assisting in vulnerability management and security compliance for federal projects. Gaining practical cybersecurity experience in a full-time internship role.
Cyber Security Intern
Cyber Security Intern supporting the Department of Energy cybersecurity team at Hanford Site. Collaborating on vulnerability management, security operations, and awareness activities in a critical federal environment.