Conexess – Conexess Design Skip to main content

Risk Assessment Engineer (Remote)

Job Title
Risk Assessment Engineer (Remote)
Job ID
Work From Home
Pittsburgh,  PA 15275
Other Location
Our History:
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record.

Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project-based work.

Conexess Group is aiding a large healthcare client in their search for a Risk Assessment Engineer in a remote capacity. This is a long-term opportunity with a competitive compensation package.

******We are unable to work C2C on this role******

  • Partners with the enterprise to develop and implement security solutions and capabilities that are aligned with business, technology and threat drivers.
  • Performs critical security reviews of application and systems on enterprise projects.
  • Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends security enhancements.
  • Assists project teams in the implementation of security measures to meet corporate security policies, standards and external regulations, e.g., Sarbanes-Oxley, HIPAA.
  • Maintains appropriate security documentation for applications and systems.
  • Communicates risk assessment findings to information security customers or business partners.
  • Serves as an Information security expert and trusted advisor to partners in IT and the business to enable them to make informed risk management decisions.
  • Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing residual risk.
  • Maintains strong working relationships with individuals and groups involved in managing information risks across the organization.
  • Stays up-to-date on current and emerging security threats and designs security architectures to mitigate them.

  • 5-10 of experience with regulatory, compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)
  • BS or MA in Business, Computer Science, or Information Security is PREFERRED or a related field or equivalent work experience with certifications outlined below 
  • PREFERRED Certifications (if candidate does not have a bachelor’s degree of higher they MUST have one of the following)  Certified Information Systems Security Professional (CISSP), Certified Cloud Information Professional (CCSP), Certified Information Security Manager (CISM), and/or Certified Risk and Information Systems Control (CRISC), Security+, Network+, etc.
  • Experience of working in an agile environment and Secure Software Development Lifecycle (SSDLC)
  • Working knowledge or understanding of following technologies/solutions/methodologies:
    • Secure application architecture design and review
    • Secure web services and mobile app design and review
    • Encryption, hashing and key management
    • Multifactor authentication, logging and vulnerability management
    • Cloud Computing (AWS, Azure, Google, Private)
    • OpenStack, ACI, OpenShift, Docker


Option 1: Create a New Profile