C-HIT

Role Description The Information Security Officer (ISO) will work closely with Project and Technical management to plan, design and implement Dynamic Application Security Testing (DAST) and/or Static Application Security Testing (SAST) security methodologies into the technical solution of a program within the Centers for Medicare and Medicaid Services (CMS). The ISO will be responsible for assuring all CMS security and privacy considerations and requirements are assessed, addressed and documented for the given application, designing the solution so that it passes the required Annual Security Assessment Testing (within CMS referred to ACT or Adaptive Capabilities Testing) and maintains the system Authority to Operate (ATO). - Promote a professional work ethic with the ability to meet commitments, scheduled timelines and take ownership of problems. - Lead, support and document all security incident response activities. - Perform annual security assessment audits (such as ACT, PenTest, etc.). - Perform Web Application Penetration and Continuous Diagnostic Monitoring (CDM) testing. - Mitigate and/or address the security specific vulnerabilities and document via Plan of Action and Milestones (POA&M). - Support ad hoc security requests from the customer and program management. - Conduct security impact assessments for new or existing architecture changes. Qualifications - 3+ years of experience with NIST and Federal security documentation. - Active CISSP or equivalent security related certification. - Capable of obtaining Level Five: Public Trust security clearance. - Proven experience with FISCAM and FedRAMP requirements. - Experience writing and maintaining security related documents, including the System Security Plan (SSP), Contingency Plan and Test (CP), Information System Risk Assessment (ISRA), Security Assessment Plan/Report (SAP/SAR) and the Privacy Impact Assessment (PIA). - Ability to resolve complex support issues by leveraging user forums, support forums, or opening support cases with vendors and following them to closure. Strong ability to find mitigation and alternative approaches. - Knowledge of current as well as emerging security threats. - Understanding of and experience with Agile Development and DevSecOps/DevOps. - Proven experience with Cloud Technologies (AWS). - Proven experience with Microsoft Office Tools (Outlook, Word, Excel, PowerPoint). Requirements - Working experience within CMS including with CMS Information Systems Security and Privacy Policy (IS2P2), NIST 800-53, NIST 800-63, CMS Acceptable Risk Safeguards (ARS), CMS Risk Management Handbook (RMH) and CMS Federal Information Security Management Act (FISMA) Controls Tracking System (CFACTS). - Proven experience with Security tools such as Burp, SonarQube, AWS Security Tools. - Proven experience with networking concepts, such as, DHCP, DNS, VLANs, Routing and VPNs. Benefits - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures. Company Description C-HIT, a CMMI Maturity Level 5 company, focuses on delivering information technology and professional services to Federal and State agencies. “C-HIT is an EOE, including disability and veterans.”

Role Description - UI/Interaction Design - Design wireframes, low‑fidelity mockups, and high‑fidelity UI prototypes using tools such as Figma, Sketch, or Adobe XD. - Develop design systems and reusable UI components that align with the U.S. Web Design System (USWDS). - Ensure accessibility compliance (WCAG 2.1 AA). - Create visually consistent, scalable UI layouts for API dashboards, developer portals, fraud analytics interfaces, and internal CMS tools. - Collaboration & Agile Delivery - Participate in agile ceremonies (sprint planning, grooming, demos). - Work directly with API architects and fraud analysts to visualize insights and streamline user flows. - Advocate for best practices in UX and design thinking across the team. - Communicate design rationale clearly to both technical and non‑technical stakeholders. Qualifications - Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience). - 2+ years of experience in UI/UX design with hands‑on UI development. - Strong understanding of Human‑Centered Design principles and demonstrated experience using them on federal or large‑scale enterprise projects. - Proficiency in Figma, Sketch, Adobe XD, or similar design tools. - Front‑end development proficiency in HTML5, CSS3, JavaScript/TypeScript. - Experience implementing USWDS. - Knowledge of accessibility standards (WCAG, Section 508). - Experience designing complex workflows (API management, analytics dashboards, identity/access management, etc.). Requirements - Experience with CMS, HHS, or federal health IT programs. - Familiarity with healthcare data (FHIR, claims data, provider enrollment). - Experience working in fraud, waste, and abuse prevention systems. - Experience with API Developer Portals, API documentation UX, or API lifecycle tools. - Understanding of design for data-rich interfaces (charts, maps, anomaly detection visualizations). - Knowledge of Agile, SAFe, Lean UX. - Implement responsive UI components using modern front‑end technologies (HTML5, CSS3, SASS, JavaScript/TypeScript). - Build front‑end functionality using frameworks such as React, Angular, or Vue, depending on project stack. - Develop reusable UI elements integrated with the design system and aligned with CMS/USWDS standards. - Collaborate with backend developers to consume APIs and present data effectively. - Optimize performance, accessibility, and security of front‑end code. Residency Requirements - Candidate must be US Citizen OR Green Card to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years. Benefits - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.

Role Description - UI/Interaction Design - Design wireframes, low‑fidelity mockups, and high‑fidelity UI prototypes using tools such as Figma, Sketch, or Adobe XD. - Develop design systems and reusable UI components that align with the U.S. Web Design System (USWDS). - Ensure accessibility compliance (WCAG 2.1 AA). - Create visually consistent, scalable UI layouts for API dashboards, developer portals, fraud analytics interfaces, and internal CMS tools. - Collaboration & Agile Delivery - Participate in agile ceremonies (sprint planning, grooming, demos). - Work directly with API architects and fraud analysts to visualize insights and streamline user flows. - Advocate for best practices in UX and design thinking across the team. - Communicate design rationale clearly to both technical and non‑technical stakeholders. Qualifications - Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience). - 5+ years of experience in UI/UX design with hands‑on UI development. - Strong understanding of Human‑Centered Design principles and demonstrated experience using them on federal or large‑scale enterprise projects. - Proficiency in Figma, Sketch, Adobe XD, or similar design tools. - Front‑end development proficiency in: - HTML5, CSS3, JavaScript/TypeScript - React, Angular, or Vue - Experience implementing USWDS. - Knowledge of accessibility standards (WCAG, Section 508). - Experience designing complex workflows (API management, analytics dashboards, identity/access management, etc.). Requirements - Experience with CMS, HHS, or federal health IT programs. - Familiarity with healthcare data (FHIR, claims data, provider enrollment). - Experience working in fraud, waste, and abuse prevention systems. - Experience with API Developer Portals, API documentation UX, or API lifecycle tools. - Understanding of design for data-rich interfaces (charts, maps, anomaly detection visualizations). - Knowledge of Agile, SAFe, Lean UX. - Implement responsive UI components using modern front‑end technologies (HTML5, CSS3, SASS, JavaScript/TypeScript). - Build front‑end functionality using frameworks such as React, Angular, or Vue, depending on project stack. - Develop reusable UI elements integrated with the design system and aligned with CMS/USWDS standards. - Collaborate with backend developers to consume APIs and present data effectively. - Optimize performance, accessibility, and security of front‑end code. Residency Requirements - Candidate must be US Citizen OR Green Card to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years. Benefits - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.

Role Description - Data Architecture & Design: - Design and maintain enterprise data architecture for structured and semi-structured healthcare data. - Define logical, conceptual, and physical data models. - Establish data standards, naming conventions, and metadata management practices. - Support event-driven and API-based data architectures. - Align data architecture with CMS interoperability mandates (FHIR, HL7). - Data Analysis & Insights: - Analyze large healthcare datasets to identify patterns, trends, and anomalies. - Support fraud, waste, and abuse (FWA) detection efforts through data analysis. - Develop analytical datasets and data marts for reporting and investigations. - Partner with business stakeholders to translate requirements into data solutions. - API & Streaming Integration: - Support data design for API Gateway integrations (MuleSoft or similar). - Ensure data consistency across Kafka streaming pipelines and batch sources. - Define data contracts and schemas for real-time data exchange. - Validate data transformations and mappings across source and target systems. - Data Governance & Quality: - Implement data governance, lineage, and stewardship practices. - Monitor and improve data quality, accuracy, and completeness. - Support data audits, validations, and remediation efforts. - Ensure compliance with HIPAA, CMS, FISMA, and NIST standards. - Reporting & Visualization: - Design and support reports, dashboards, and analytics for program integrity and operations. - Support ad-hoc data requests from investigators and oversight teams. - Collaboration & Documentation: - Work closely with architects, developers, QA, and security teams. - Participate in Agile ceremonies and data design reviews. - Maintain comprehensive documentation of data models, mappings, and architecture decisions. Qualifications - Bachelor’s degree in Computer Science, Data Science, Information Systems, or related field. - 5+ years of experience in data architecture and/or data analysis. - Strong experience with data modeling (ER, dimensional, normalized models). - Proficiency in SQL and data analysis techniques. - Experience working with large enterprise data environments. Requirements - Experience supporting CMS, Medicaid, or federal healthcare programs. - Knowledge of HL7 FHIR and healthcare data standards. - Knowledge of CMS CPI systems like PECOS; APS. - Understanding of CMS Medicare Program Integrity Manual. - Experience with API-driven data integration (MuleSoft preferred). - Familiarity with Kafka or streaming data platforms. - Experience with cloud data platforms like AWS. Benefits - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match & Profit sharing, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures. Company Description C-HIT, a CMMI Maturity Level 5 company, focuses on delivering information technology and professional services to Federal and State agencies. "C-HIT is an EOE, including disability and veterans.”

Role Description Automation/Manual Tester is responsible for planning, executing, and automating test activities across APIs, integrations, and data pipelines. The role validates functional, regression, and integration requirements while supporting performance, security, and compliance needs in a federal healthcare environment. Key Responsibilities - Manual Testing - Create and execute manual test cases based on business and technical requirements. - Perform functional, regression, smoke, and integration testing. - Validate API responses, data accuracy, and error handling. - Execute test scenarios across multiple systems and environments. - Log, track, and retest defects using defect management tools. - Test Automation - Develop and maintain automated test scripts for APIs and applications. - Automate regression and smoke test suites. - Execute automated tests and analyze results. - Integrate automated tests into CI/CD pipelines where applicable. - Maintain reusable automation components and test data. - Extensive hands-on experience with Python-based test automation frameworks. - Proven experience integrating AI tools into QA workflows for test generation, analysis, and automation acceleration. - Hands-on experience using VS Code and modern development and debugging tools. - Familiarity with AI-assisted IDE capabilities, including VS Code Instructions and custom AI-driven workflows. - Proven experience testing APIs, microservices, and cloud-native applications. - Solid knowledge of CI/CD tools and integrating automated tests into deployment pipelines. - Demonstrated ability to mentor team members and drive adoption of AI-enabled testing practices. - Experience with test reporting, quality metrics, and building actionable quality dashboards. - API & Data Testing - Test API Gateway integrations (MuleSoft or similar). - Validate request/response payloads and data mappings. - Verify near real-time data movement and system-to-system integrations. - Support testing of event-driven and batch data processes. - Quality Assurance & Compliance - Ensure solutions meet CMS quality, security, and compliance standards. - Support UAT activities with business stakeholders. - Assist with documentation required for audits and ATO processes. - Validate logging, monitoring, and access controls. - Collaboration & Reporting - Work closely with developers, business analysts, and Scrum teams. - Participate in Agile ceremonies and sprint planning. - Provide clear test status updates and quality metrics. - Document test plans, test cases, and execution results. Qualifications - Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience). - 3+ years of experience in manual and automation testing. - Experience testing APIs and integration-heavy applications. - Familiarity with automation tools such as Selenium, REST Assured, Postman, Karate, or Cypress. - Strong understanding of SDLC and Agile methodologies. Preferred Qualifications - Experience supporting federal or healthcare IT programs. - Knowledge of API Gateways (MuleSoft preferred). - Familiarity with Kafka or streaming data platforms. - Experience with CI/CD tools (Jenkins, GitHub Actions). - Exposure to performance or security testing. Key Skills - Manual & Automated Testing - API & Integration Testing - Defect Tracking & Reporting - Agile QA Practices - Healthcare & Federal Compliance - Test Documentation & Execution Education Candidate must be able to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years. Salary & Benefits Information - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.

Key Responsibilities: Scrum Master / Agile Delivery - Facilitate SAFe Agile ceremonies (Program Increment Planning, Sprint Planning, Daily Stand-ups, Reviews, Retrospectives). - Coach teams on Agile and SAFe best practices. - Remove impediments and manage dependencies across teams. - Track sprint metrics (velocity, burndown, capacity). - Promote continuous improvement and team accountability. Business Analysis - Elicit, analyze, and document business and technical requirements. - Develop user stories, acceptance criteria, and backlog refinement artifacts. - Translate CMS program integrity needs into API and data requirements. - Support requirements for fraud detection, data sharing, and interoperability. - Identify opportunities where AI / GenAI (e.g., intelligent routing, anomaly detection, API analytics, automated documentation, chatbot interfaces) can add business value. - Collaborate with architects and engineers to define: - API Gateway capabilities (security, throttling, monitoring, versioning) - AI/GenAI use cases (prompt workflows, model integration, governance) - Ensure AI features meet ethical, security, privacy, and compliance standards. - Support definition of data requirements for AI models (inputs, outputs, training vs inference usage). - Assist in evaluating AI tools, platforms, and vendors from a business and value perspective. Stakeholder Engagement - Act as the primary point of contact between CMS stakeholders, program integrity teams, and development teams. - Facilitate workshops, requirement reviews, and solution walkthroughs. - Manage expectations and ensure alignment with project goals. API & Data Enablement - Support requirements related to API Gateway integrations (MuleSoft or similar). - Collaborate with architects and developers on data flows and API contracts. - Validate functional requirements through UAT planning and execution. Governance & Compliance - Ensure deliverables align with CMS, HIPAA, FISMA, and NIST standards. - Maintain project documentation and Agile artifacts. - Support audit readiness and ATO processes. Required Education and Qualifications: - Bachelor’s degree in Business, Information Systems, or related field. - 4+ years of experience as a Scrum Master, Business Analyst, or hybrid role. - Strong knowledge of Agile / Scrum methodologies. - Experience gathering and documenting requirements for IT systems. - Excellent communication and facilitation skills. Preferred Qualifications: - Experience supporting federal or healthcare IT programs. - Familiarity with API-based integrations and data platforms. - Experience working with MuleSoft, Kafka, or cloud platforms requirements. - Scrum Master certification (CSM, SAFe Scrum Master, PMI-ACP) preferred. - Experience with JIRA, Confluence, or similar tools. Key Skills: - Agile Scrum Facilitation - Business & Systems Analysis - API & Data Requirements - Stakeholder Management - Healthcare & Federal Compliance - Continuous Improvement Residency Requirements: Need US Citizen OR Green card to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years. Salary & Benefits Information: - The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location. - C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match & Profit sharing, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! - Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures. C-HIT, a CMMI Maturity Level 5 company, focuses on delivering information technology and professional services to Federal and State agencies. "C-HIT is an EOE, including disability and veterans”