Public Consulting Group, Inc. (PCG) is a leading public sector solutions implementation and operations improvement firm that partners with health, education, and human services agencies to improve lives. Founded in 1986 and headquartered in Boston, Massachusetts, PCG has over 2,500 professionals in more than 60 offices worldwide. PCG’s Technology Consulting practice offers a full spectrum of quality Information Technology (IT) services to help state and local government agencies at every stage of the IT life cycle. Through its specialized IT services, PCG’s Technology Consulting team finds cost-effective ways to help agency partners deliver successful IT systems that enhance the lives of the user base. To learn more, visit https://www.publicconsultinggroup.com/technology-consulting/
• Performs security assessments of information technology (IT) systems to verify they comply with applicable security standards.
• Performs reviews and assessments of organizational security controls (policies, processes, configurations) to verify they comply with applicable security standards.
• Coordinates and/or conducts penetration testing or simulates attacks to look for vulnerabilities in systems before they can be exploited.
• Coordinates with client organizations (state departments and federal agencies) to perform security audit activities.
• Prepares reports that document findings from security assessments and testing.
• Advises project managers of security and privacy requirements required by state and federal agencies.
• Assists with development and implementation of security standards and best practices.
• Interfaces with various architects, technicians, and business leaders to understand organizational needs, capabilities, and constraints related to IT security.
• Researches the latest IT security trends.
• Learns and adapts to new technologies in the ever-changing world of Information Security.
• Creates and documents security and privacy policies, procedures, or contractual language, as required.
• Recommends security enhancements.
• Excellent interpersonal, verbal and written communication, including good presentations
• Can multi-task, communicate clearly, learn new technologies and processes, and provide support to process/solution owners
• Strong analytical and conceptual skills
• Ability to thrive in various hierarchical situations
• Self-motivated and quick learner
• Pays close attention to detail
• Ability to work within high-performing virtual teams and highly collaborative
• Builds excellent relationships with key internal resources based on trust and confidence
• Interested in both short-term results and long-term goals
• Ability to work with resources in multiple locations and business units
• Ability to get results while maintaining a service orientation
• Broad knowledge and experience in project management methodologies including waterfall and agile (Scrum & Kanban).
• DevOps experience and automated deployment of applications
• Experience in working state and federal government agencies
• Experience in working with and communicating with technical staff and subject matter expert
• Experience with databases and SQL
• Experience with penetration testing
Education: B.S. or B.A. degree is a plus, with related business discipline experience.
Experience: 3+ year of experience in information security or information risk management. General operating knowledge of security for application and infrastructure, security threat/risk/data classification. Familiarity with industry standards NIST-800, HIPAA, HITECH, FERPA and various security protocols, such as PKI, SSL, Encryption, Data Redacting, DLP. Familiarity with FireEye, Qualys, Email Security Systems, DLP, Data Encryption Antivirus, SIEM (Log Analysis), IRS Publication 1075, and Minimum Acceptable Risk Standards for Exchanges (MARS-E) a big plus.
3+ years managing or developing IT systems/solutions
Understanding of various systems, like MS Active Directory, MS Windows, MS Exchange, Unix/Linux OS.
Certification: Information security professional certifications such as CEH, CISSP, SANS, CISA, GIAC or similar are highly desired
Public Consulting Group is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PCG, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PCG will not tolerate discrimination or harassment based on any of these characteristics. PCG believes in health, equality, and prosperity for everyone so we can succeed in changing the ways the public sector, including health, education, technology and human services industries, work.