HHS Security Engineer

Rockville, MD - USA

Monthly Salary: Not Disclosed

Posted on: 4 days ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Security Engineer to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:

Bachelors degree in Cybersecurity Information Technology Engineering or related discipline.
Minimum 69 years of experience in security engineering or enterprise infrastructure engineering.
Hands-on experience engineering SIEM EDR vulnerability management and forensic platforms.
Strong knowledge of Windows Server Linux (RedHat) networking and virtualization technologies.
Experience integrating security tools across on-premises and cloud environments.
Strong understanding of NIST SP 800-53 NIST SP 800-37 and federal cybersecurity requirements.
Experience supporting change management and system documentation in regulated environments.
Strong written and verbal communication skills.
CISSP GSEC CCSP AWS certification preferred

Duties:

Engineer deploy configure and maintain infrastructure supporting SOC security tools and platforms.
Design and implement high-availability and redundancy architectures for critical security systems.
Perform capacity planning performance tuning and optimization for security infrastructure.
Design and implement integrations between SOC tools and HRSA IT infrastructure to improve visibility and automation.
Engineer automation solutions to streamline security operations and reduce manual processes.
Follow HRSA change management processes including development of technical implementation and rollback plans.
Coordinate with HRSA Hosting and Network Operations teams to implement and maintain security tools.
Create and maintain architecture diagrams system inventories SOPs and configuration baselines.
Document engineering workflows deployment procedures testing protocols and change records.
Support compliance with FISMA OMB A-130 NIST SP 800-53 and NIST SP 800-160.
Participate in engineering support for incident response and vulnerability remediation activities.
Implement and maintain secure configurations aligned with CIS Benchmarks and DISA STIGs.
Support Zero Trust Architecture initiatives including segmentation identity integration and tool alignment.
Coordinate with CISA on applicable directives and critical infrastructure protection initiatives.

Required Experience:

Senior IC

Bachelors degree in Cybersecurity Information Technology Engineering or related discipline.
Minimum 69 years of experience in security engineering or enterprise infrastructure engineering.
Hands-on experience engineering SIEM EDR vulnerability management and forensic platforms.
Strong knowledge of Windows Server Linux (RedHat) networking and virtualization technologies.
Experience integrating security tools across on-premises and cloud environments.
Strong understanding of NIST SP 800-53 NIST SP 800-37 and federal cybersecurity requirements.
Experience supporting change management and system documentation in regulated environments.
Strong written and verbal communication skills.
CISSP GSEC CCSP AWS certification preferred

Duties:

Engineer deploy configure and maintain infrastructure supporting SOC security tools and platforms.
Design and implement high-availability and redundancy architectures for critical security systems.
Perform capacity planning performance tuning and optimization for security infrastructure.
Design and implement integrations between SOC tools and HRSA IT infrastructure to improve visibility and automation.
Engineer automation solutions to streamline security operations and reduce manual processes.
Follow HRSA change management processes including development of technical implementation and rollback plans.
Coordinate with HRSA Hosting and Network Operations teams to implement and maintain security tools.
Create and maintain architecture diagrams system inventories SOPs and configuration baselines.
Document engineering workflows deployment procedures testing protocols and change records.
Support compliance with FISMA OMB A-130 NIST SP 800-53 and NIST SP 800-160.
Participate in engineering support for incident response and vulnerability remediation activities.
Implement and maintain secure configurations aligned with CIS Benchmarks and DISA STIGs.
Support Zero Trust Architecture initiatives including segmentation identity integration and tool alignment.
Coordinate with CISA on applicable directives and critical infrastructure protection initiatives.