Systems Security Specialist (Healthcare)

TL;DR

Systems Security Specialist (Healthcare): Managing the Medicare information security program and ensuring implementation of necessary safeguards with an accent on CMS compliance and federal security frameworks. Focus on conducting vulnerability assessments, managing POA&M in CFACTS, and coordinating incident response independently of IT operations.

Location: Remote, must be based in AZ, AR, DE, FL, GA, IL, IN, KS, KY, MA, MD, MI, MS, MO, MT, NC, NE, NV, NY, OH, OK, PA, SC, TN, TX, VA, DC, WI, or WV

Company

hirify.global is a data-centric healthcare technology company focused on value-based solutions that improve patient health outcomes and clinical efficiency.

What you will do

• Manage the Medicare information security program and ensure adherence to CMS IS2P2 and BPSSM standards.
• Conduct vulnerability scanning, configuration management, and patch remediation within strict CMS timelines.
• Maintain and update the Plan of Action and Milestones (POA&M) in CFACTS.
• Coordinate with the CMS Incident Response Team (IRT) regarding security incidents and breaches.
• Manage personnel security responsibilities, including onboarding and off-boarding documentation.
• Support Security Assessment and Authorization (SA&A) activities, including SSP and SAR maintenance.

Requirements

• Minimum 5 years of work experience, with at least 3 years in healthcare supporting Federal or commercial agencies.
• Deep familiarity with CMS security requirements, FISMA, FedRAMP, and HIPAA.
• Bachelor’s degree in Information Systems, Computer Science, or related field.
• Must operate independently of IT operations and hold no responsibility for system development or maintenance.
• Must be based in one of the approved US states listed in the location section.
• Ability to earn 40 hours of continuing professional education credits annually.

Nice to have

• Active CISSP, CISM, CISA, or Security+ certification.
• Prior experience as an SSO on a CMS contract.
• Experience with SCAP-compliant scanning and FIPS 199 Moderate impact level systems.

Culture & Benefits

• Purpose-driven culture focused on improving patient care.
• Commitment to merit-based personnel processes and equal employment opportunity.
• Support for professional development and continuing education.