Job Description :
Scope of the project:
The role of the candidate will be implementation and on-going support of security related technology not limited to firewall, intrusion prevention, web proxy, multi factor authentication, data classification, user behavior analytics, vulnerability scanning and log monitoring.
This is not a short-term task. We are looking for individuals that are ready to take a step up in their careers to join a team that is focused on doing it right the first time.
Daily duties / Responsibilities:
This is a HANDS-ON Role
The position will report to the Office of Information Assurance and operate as an experienced consultant and may have opportunities to work with client leadership, business units, business partners and vendors.
Technical Knowledge:
HANDS-ON experience with any of the following would be considered a desirable for this position:
Security Information and Event Management (SIEM)
Identity and Access Management (IAM) solutions
Cloud service security
Big Data solutions
Network or Host based Intrusion Prevention
Automation
Linux Engineering
Network Engineering
Layer 7 firewall tuning
Infrastructure hardening to regulatory frameworks
Forensics
Security Program Experience:
Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliance programs is not required, but may be considered desirable in the event that strong parity in technical skills is identified in multiple candidates.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be desirable for this position.
General Duties and Responsibilities:
Assist (and often lead) in the design, development, implementation and/or ongoing maturation of our client network security and compliance solutions
Provide HANDS-ON support of client Security Systems and Software
Mentor and share knowledge with junior teammates to increase the value of the team
Create procedure documentation to support new systems as they are built
Look for opportunities to automate any repetitive tasks
Participate in third-party audits and/or assessments of agency and business partner systems
Continually improve existing technologies under our control to be more effective
Required skills (rank in order of importance):
Deep technical knowledge of secure system design principles, security architecture, network and system compliance tools, data protection schemes and access models
5+ years of HANDS-ON experience in large enterprise systems implementation and support
Ability to independently research and troubleshoot technology problems
Preferred skills (rank in order of importance):
Prior experience in working with any distributed logging systems.
Prior Health Information Technology experience.
Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
Required education/certifications:
BS degree in computer science or similar discipline. Equivalent experience will be considered for candidates with strong HANDS-ON experience.
Security+ or equivalent certification is required
Preferred education/certifications:
CCNA or higher level networking certification
Microsoft, Linux or other platform certification
ISC (2), ISACA, SANS GIAC and/or other Information Security Certification