NIH Cyber Security Engineer II
Job Location:
Bethesda, MD - USA
Monthly Salary:
Not Disclosed
Posted on:
3 days ago
Vacancies:
1 Vacancy
Job Summary
cFocus Software seeks a Cyber Security Engineer II to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science Information Technology or a related field
- 3 years of experience implementing enterprise cybersecurity technologies.
- Experience supporting Federal cybersecurity programs.
- Experience engineering enterprise security solutions across Windows Linux cloud and hybrid environments.
- Experience implementing NIST cybersecurity controls and Federal security requirements.
- Active CISSP CCSP Security CEH GSEC GCIH or AWS Certified Security - Specialty
Duties:
- Engineer deploy configure and maintain enterprise cybersecurity technologies supporting NIH information systems.
- Support security monitoring and operational cyber defense activities across on-premises hybrid and cloud environments.
- Administer endpoint security endpoint detection and response (EDR) anti-malware and host-based security solutions.
- Implement secure configurations and system hardening in accordance with NIST HHS and NIH security standards.
- Configure and maintain enterprise identity and access management (IAM) security technologies.
- Support implementation and enforcement of Zero Trust Architecture (ZTA) principles.
- Assist with enterprise log management security monitoring and event correlation capabilities.
- Perform technical security assessments of servers workstations cloud resources databases and applications.
- Coordinate with system administrators and application owners to implement security controls and corrective actions.
- Support enterprise cybersecurity modernization initiatives.
- Perform enterprise vulnerability assessments using approved vulnerability scanning platforms.
- Analyze vulnerability scan results and prioritize remediation activities based on risk.
- Coordinate vulnerability remediation with system administrators application teams and infrastructure personnel.
- Verify remediation activities through follow-up validation testing.
- Perform security configuration reviews against DISA STIGs CIS Benchmarks and NIH security baselines.
- Monitor compliance with organizational vulnerability remediation timelines.
- Develop remediation recommendations for operating systems applications databases network devices and cloud services.
- Support development of Plans of Action & Milestones (POA&Ms) related to identified vulnerabilities.
- Conduct risk analysis associated with newly discovered vulnerabilities and emerging threats.
- Develop vulnerability metrics and executive reporting supporting enterprise cybersecurity risk management.
- Design engineer implement and maintain enterprise security architectures supporting NIH mission systems.
- Engineer secure cloud environments within Microsoft Azure Microsoft 365 AWS and hybrid infrastructures.
- Support implementation of network security technologies including firewalls IDS/IPS web application firewalls secure gateways and network segmentation.
- Implement secure authentication encryption privileged access management and certificate management solutions.
- Engineer secure infrastructure supporting NIST Risk Management Framework (RMF) security controls.
- Evaluate emerging cybersecurity technologies and recommend improvements to enterprise security architecture.
- Support secure system lifecycle engineering activities throughout system development and modernization efforts.
- Participate in technical architecture reviews and security design assessments.
- Develop engineering documentation implementation guides standard operating procedures and technical diagrams.
- Support implementation of Cybersecurity Supply Chain Risk Management (C-SCRM) controls where applicable.
Required Experience:
Senior IC
About Company
Our exclusive ATO as a Service⢠software & expert services automate FISMA RMF & FedRAMP compliance.