Sr. Security Incident Response Engineer (697474)

Seeking Security Incident Response Engineer to develop and maintain standard operating procedures (SOPs) and condition the environment according to the security and compliance requirements of HHS and the eligibility system. This person will collaborate with the compliance team to develop security control implementation descriptions to meet compliance requirements. Additionally, monitors, investigates, and responds to threats and cybersecurity incidents in HHS infrastructure. The engineer should be comfortable working independently with guidance from a project manager and amongst a team.

The Sr. Security Incident Response Engineer will:

Review existing security documentation and processes to provide areas of improvement.

Provide investigation and remediation support to mitigate security threats and incidents.

Work with various teams to ensure best practices regarding information security

Responsibilities:

Detect and respond to agency wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.

Monitor and analyze emerging threats, vulnerabilities, and exploits.

Aid in developing and implementing scalable preventative security measures (detection, monitoring, exploitation)

Develop, execute, and track the performance of security measures to protect information and network infrastructure and Computer systems.

Design computer security strategy and engineer comprehensive cybersecurity architecture.

Identify, define, and document system security requirements and recommend solutions

Desired Background:

Possess a breadth of knowledge and experience across the information security domain, such as endpoint security, identity management, cloud security, detection engineering, vulnerability management, incident response, and threat intelligence.

Hands-on experience investigating security events and incidents across complex and heterogeneous environments, preferably including Microsoft Defender.

Certifications:

Security + Required*

CeH

CISA

CISM

Requirements

Skill
Required / Desired
Amount
of Experience
Candidate

Demonstrate experience integrating, deploying, and operating security information & event management (SIEM) systems & security orchestration,

Required

automation, and response (SOAR) systems

Required
6
Years

Strong knowledge of security technologies such as full packet capture, SIEM, NGFW, IDPS

Required
8
Years

Demonstrated proficiency in MS Office suite

Required
8
Years

Experience writing in explanatory and procedural styles for multiple audiences

Required
5
Years

Demonstrated proficiency reading and interpreting complex federal and state laws, rules, regulations, and requirements including, (but not limited to)

Required

HIPAA, IRS Publication 1075, CMS MARS-E 2.0, FedRAMP, NIST 800-53

Required
2
Years

Experience effectively communicating technical and nontechnical concepts to a variety of audiences

Required
5
Years

Excellent written and verbal communication skills

Required
5
Years

Experience working in an environment that is compliant with complex federal and state laws, rules, regulations, and requirements such as, HIPAA,

Desired

IRS Publication 1075, FedRAMP, NIST 800-53

Desired
2
Years

Ability to follow and comply with existing processes and procedures, and propose updates

Desired
5
Years

Ability to work with minimal supervision, set priorities, and give attention to detail and quality

Desired
5
Years

Demonstrated strong organizational and time-management skills: multitasking, working individually and with a team

Desired
5
Years

Experience to analyze Vulnerability reports (Web apps, Network scans, Policy scan, SOC alerts)& recommend a solution for the mitigation or remediation

Desired
5
Years

Skill Required / Desired Amount of Experience Candidate Demonstrate experience integrating, deploying, and operating security information & event management (SIEM) systems & security orchestration, Required automation, and response (SOAR) systems Required 6 Years Strong knowledge of security technologies such as full packet capture, SIEM, NGFW, IDPS Required 8 Years Demonstrated proficiency in MS Office suite Required 8 Years Experience writing in explanatory and procedural styles for multiple audiences Required 5 Years Demonstrated proficiency reading and interpreting complex federal and state laws, rules, regulations, and requirements including, (but not limited to) Required HIPAA, IRS Publication 1075, CMS MARS-E 2.0, FedRAMP, NIST 800-53 Required 2 Years Experience effectively communicating technical and nontechnical concepts to a variety of audiences Required 5 Years Excellent written and verbal communication skills Required 5 Years Experience working in an environment that is compliant with complex federal and state laws, rules, regulations, and requirements such as, HIPAA, Desired IRS Publication 1075, FedRAMP, NIST 800-53 Desired 2 Years Ability to follow and comply with existing processes and procedures, and propose updates Desired 5 Years Ability to work with minimal supervision, set priorities, and give attention to detail and quality Desired 5 Years Demonstrated strong organizational and time-management skills: multitasking, working individually and with a team Desired 5 Years Experience to analyze Vulnerability reports (Web apps, Network scans, Policy scan, SOC alerts)& recommend a solution for the mitigation or remediation Desired 5 Years