Job Description :
Position: NETWORK ENGINEER – ADV (SECURITY)
SCOPE OF THE PROJECT:
Our Direct Client is responsible the Security and Compliance of Information Systems and Data. Client seeks an expert in Network Security Engineering and Solutions Design (strong hands-on experience is a must) to assist with the establishment, implementation and/or enhancement of Information Systems Security and Compliance efforts based on Client Agency Policy/Standards and Regulatory Guidance such as FISMA, NIST, CMS MARS-E, HIPAA, etc
Role Summary/Purpose
Overview:
The Network Security Engineer will report to the Office of Information Assurance and operate as an experienced consultant to Client leadership, business units, business partners and vendors.
Security Program Experience:
Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.
Experience with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Technical Knowledge:
Hands on experience with any or all of the following technologies would be considered a desirable for this position:
Secure Network Design – Layer 2 Security, Firewalls, Intrusion Prevention Systems (IPS), Switching and Routing Infrastructure
Network Monitoring expertise utilizing tools such as Solarwinds, Zabbix, etc.
Security Information and Event Management (SIEM) solutions such QRadar, Splunk, etc.
Vulnerability Assessment tools such as Nessus, ForeScout, etc.
IBM System 390/zSeries
Linux and Windows servers
Identity and Access Management (IAM) solutions
General Duties and Responsibilities:
1. Assist (and often lead) in the design, development, implementation and/or ongoing maturation of Client network security and compliance solutions
2. Provide hands-on support of Client Systems and Software
3. Participate in audit and assessment of internal agency systems as well as business partner/service provider information systems.
4. Utilize Microsoft Office software suite, eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other Client efforts.
5. Participate in third-party audits and/or assessments of agency and business partner systems
6. Collaborate with agency leadership, business partners and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts.
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
2. Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
3. 5+ years of hands-on experience in network design, implementation and support
PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Prior experience in working with any eGRC systems.
2. Prior Health Information Technology experience.
REQUIRED EDUCATION/CERTIFICATIONS:
1. BS degree in computer science or similar discipline is a MUST.
2. CCNA Security or equivalent (network security-centric) certification is required
PREFERRED EDUCATION/CERTIFICATIONS:
1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification.
Only w-2s accepted for this role.