Introduction
Maryland Benefits (MD Benefits) is a dynamic, cloud-based platform. This enterprise-wide digital service allows organizations to build, test, host, operate, and integrate mission-driven applications, data, and emerging technologies. MD Benefits offers cloud-based Platform-as-a-Service (PaaS) capabilities, a shared data architecture, and product development services, all developed by the State of Maryland to help multiple agencies deliver and manage health, human, and social service benefits and programs. On July 1, 2025, the operation of the MD Benefits shared platform and statewide applications transitioned from the Department of Human Services (DHS) to the Department of Information Technology (DoIT).
***This is a contractual position, with limited benefits***
***All hires need to be eligible to work in the U.S., either as a U.S. Citizen or those who have a Permanent Resident or green card, as the state of Maryland does not have the ability to sponsor employees***
***Applicants are required to submit an up-to-date and accurate resume.***
Main Purpose
Responsible for identifying, assessing, and mitigating vulnerabilities in an organization's IT infrastructure. This involves conducting regular scans, analyzing results, prioritizing risks, and collaborating with teams to implement remediation strategies. The role also includes maintaining an inventory of assets and their vulnerabilities, and reporting on vulnerability status and trends.
Responsibilities
- Vulnerability Scanning and Assessment: Utilizing tools and techniques to identify vulnerabilities in systems, networks, and applications.
- Risk Assessment and Prioritization: Evaluating the potential impact and likelihood of identified vulnerabilities and prioritizing remediation efforts.
- Remediation and Mitigation: Working with IT and development teams to implement security patches, updates, and other solutions to address vulnerabilities.
- Vulnerability Tracking and Reporting: Maintaining a system for tracking vulnerabilities, their status, and remediation progress, and generating reports for stakeholders.
- Staying Updated: Keeping abreast of the latest vulnerabilities, security threats, and best practices in vulnerability management.
- Collaboration and Communication: Effectively communicating with various teams, including IT, development, and security, to ensure vulnerabilities are addressed promptly and effectively.
Minimum Qualifications
- Technical Expertise: Strong understanding of cybersecurity concepts, vulnerability assessment tools, and security technologies.
- Analytical Skills: Ability to analyze scan results, assess risks, and develop effective remediation strategies.
- Communication Skills: Ability to communicate technical information clearly and concisely to both technical and non-technical audiences.
- Problem-Solving Skills: Ability to identify and resolve complex security issues.
- Organizational Skills: Ability to manage multiple tasks, track vulnerabilities, and maintain accurate records
