Job Description
The Medicaid Data Governance and Security Consultant will serve as a key cybersecurity, privacy, and data governance leader supporting the Connecticut Medicaid Enterprise Transformation Services (CT METS) modernization program. This individual will be responsible for ensuring the security, integrity, privacy, and regulatory compliance of Medicaid data and systems throughout the Design, Development, and Implementation (DDI) and Maintenance & Operations (M&O) phases of the Medicaid Enterprise System (MES). Working closely with the CT METS Director, Associate Director, Bureau of Information Technology Services (BITS), Agency Information Security Officer (AISO), solution architects, vendors, and CMS stakeholders, the consultant will lead security architecture reviews, data governance initiatives, risk assessments, and compliance activities across all MES modules and integrations. The role will ensure adherence to CMS ARC-AMPE, CMS MARS-E, HIPAA, NIST, IRS 1075, and State of Connecticut security standards while overseeing secure data exchanges, cloud security controls, identity and access management, encryption, incident response readiness, vulnerability management, and audit preparedness. The consultant will also support CMS certification efforts, Operational Readiness Reviews, Security Authorization to Operate (ATO) documentation, SSA accreditation activities, and triennial audits. Additionally, this individual will evaluate AI-enabled solutions for compliance with organizational security requirements, assess algorithmic and operational risks, oversee application security testing activities including SAST, DAST, and SCA, and provide executive-level reporting on security posture, risk exposure, and remediation progress to ensure the secure and responsible operation of the Medicaid enterprise environment.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
8+ years of experience in cybersecurity, data governance, information security, or compliance within large-scale healthcare, Medicaid, or government programs.
Strong knowledge of CMS security frameworks including CMS ARC-AMPE, CMS MARS-E, HIPAA, NIST, and IRS 1075 compliance requirements.
Experience supporting Medicaid Enterprise Systems (MES/MMIS), healthcare data platforms, or large-scale government modernization initiatives.
Experience conducting risk assessments, security control reviews, SSP and POA&M development, vulnerability remediation oversight, and audit support activities.
Nice to Have Skills & Experience
Experience with Azure and/or AWS cloud security controls.
Professional certifications (CISSP, CISM, CCSP).
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.