Skip Navigation

Job Description

Apply Now

Senior Information Security Analyst

Job ID 613-2

One of the foremost public policy research organizations in the United States, Mathematica Policy Research is leading the way in providing health care research services to federal agencies, including the Centers for Medicare & Medicaid Services (CMS).

Mathematica seeks a Senior Information Security Analyst based in our Woodlawn, MD or Washington, DC  office to lead our health IT security services. The information security analyst will lead the business unit applying their expertise in program analysis, operational support, and client services.  S/he will advise devlopment teams on best practices for securing applications deployed in the cloud and on premises, test applications according to prescribed security test plans, recommend specific tools and procedures to enhance application security, describe system security, processes and procedures, and analyze and document compliance with security and privacy standards.  In addition, s/he will serve as the liaison to Health clients, including CMS and the Social Security Administration (SSA), and lead internal efforts for executing contractual requirements.


  • Provide security and privacy program analysis and operational support to the Health unit (including support to business development, legal/contractual, proposal, and project activities)
  • Monitor, plan/prepare for, and execute contractual requirements at the proposal and project phases

  • Act as a face-to-face liaison with Health clients, including CMS, SSA, large federal IT integrators, and states

  • Contribute to and execute enterprise security guidelines by teaming across business units and with corporate infrastructure management

  • Develop and operationalize Health IT security processes, including management of accesses to CMS systems

  • Research, summarize, and operationalize prevailing security standards, guidelines, and best practices that promote compliance with Health clients (CMS, SSA and other relevant federal agencies, state and local agencies, FISMA, and OMB Circulars)

  • Drive Health IT security at the project level, including consulting on the design and development of software systems (includes assisting in preparations for security-related training and evaluations of information technology systems)

  • Develop and maintain a list of client-accepted languages and platforms (e.g., where are open source languages acceptable at CMS, SSA, and other Health clients)

  • Develop and review security authorization documentation for Health work (e.g., security policies and procedures, security plans, risk assessments, test reports, contingency plans, responses to audits)

  • 10 or more years of experience in Health information security and privacy analysis and compliance (experience directly with CMS is required and SSA preferred)

  • Certification from any of the following organizations: (ISC)2, ISACA, IAPP or other reputable certification organization

  • Ability to work on-site at CMS and travel to meet with other federal, state and commercial clients

  • Demonstrated ability to work in teams across business units as a partner to staff at all levels of the organization

  • Demonstrated ability to bring a customer service mindset to the execution of job responsibilities

  • Demonstrated ability leading teams of IT staff (scheduling, budgeting, staffing, etc.)

  • Knowledge of programming languages, operating systems, and platforms commonly used in Health policy evaluation and program improvement work

  • Strong educational background, with a BA/BS in a relevant discipline preferred

  • Excellent written and verbal communication skills

To apply, please submit a cover letter, resume, writing sample, and salary expectations. We offer our employees a stimulating, team-oriented work environment, competitive salaries, and a comprehensive benefits package, as well as the advantages of employee ownership. 

Various federal agencies with whom we contract require that staff successfully undergo a background investigation or security clearance as a condition of working on the project. If you are assigned to such a project, you will be required to obtain the requisite security clearance. 

Available Locations: Woodlawn, MD; Washington, DC

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

Apply Now

Sign Up for Job Alerts

Select InterestsSign up for alerts by choosing a category and/or location. Start typing for suggestions and click the button to add your alerts before submitting. You must have at least one alert in the list below in order to subscribe.

  • Public Policy, Washington, Washington, D.C., United StatesRemove
  • Computer Infrastructure, Washington, Washington, D.C., United StatesRemove

View All Jobs