NIH Cyber Security Engineer II


Job Location:

Bethesda, MD - USA

Monthly Salary: Not Disclosed
Posted on: 3 days ago
Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Cyber Security Engineer II to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science Information Technology or a related field
  • 3 years of experience implementing enterprise cybersecurity technologies.
  • Experience supporting Federal cybersecurity programs.
  • Experience engineering enterprise security solutions across Windows Linux cloud and hybrid environments.
  • Experience implementing NIST cybersecurity controls and Federal security requirements.
  • Active CISSP CCSP Security CEH GSEC GCIH or AWS Certified Security - Specialty

Duties:
  • Engineer deploy configure and maintain enterprise cybersecurity technologies supporting NIH information systems.
  • Support security monitoring and operational cyber defense activities across on-premises hybrid and cloud environments.
  • Administer endpoint security endpoint detection and response (EDR) anti-malware and host-based security solutions.
  • Implement secure configurations and system hardening in accordance with NIST HHS and NIH security standards.
  • Configure and maintain enterprise identity and access management (IAM) security technologies.
  • Support implementation and enforcement of Zero Trust Architecture (ZTA) principles.
  • Assist with enterprise log management security monitoring and event correlation capabilities.
  • Perform technical security assessments of servers workstations cloud resources databases and applications.
  • Coordinate with system administrators and application owners to implement security controls and corrective actions.
  • Support enterprise cybersecurity modernization initiatives.
  • Perform enterprise vulnerability assessments using approved vulnerability scanning platforms.
  • Analyze vulnerability scan results and prioritize remediation activities based on risk.
  • Coordinate vulnerability remediation with system administrators application teams and infrastructure personnel.
  • Verify remediation activities through follow-up validation testing.
  • Perform security configuration reviews against DISA STIGs CIS Benchmarks and NIH security baselines.
  • Monitor compliance with organizational vulnerability remediation timelines.
  • Develop remediation recommendations for operating systems applications databases network devices and cloud services.
  • Support development of Plans of Action & Milestones (POA&Ms) related to identified vulnerabilities.
  • Conduct risk analysis associated with newly discovered vulnerabilities and emerging threats.
  • Develop vulnerability metrics and executive reporting supporting enterprise cybersecurity risk management.
  • Design engineer implement and maintain enterprise security architectures supporting NIH mission systems.
  • Engineer secure cloud environments within Microsoft Azure Microsoft 365 AWS and hybrid infrastructures.
  • Support implementation of network security technologies including firewalls IDS/IPS web application firewalls secure gateways and network segmentation.
  • Implement secure authentication encryption privileged access management and certificate management solutions.
  • Engineer secure infrastructure supporting NIST Risk Management Framework (RMF) security controls.
  • Evaluate emerging cybersecurity technologies and recommend improvements to enterprise security architecture.
  • Support secure system lifecycle engineering activities throughout system development and modernization efforts.
  • Participate in technical architecture reviews and security design assessments.
  • Develop engineering documentation implementation guides standard operating procedures and technical diagrams.
  • Support implementation of Cybersecurity Supply Chain Risk Management (C-SCRM) controls where applicable.

Required Experience:

Senior IC

cFocus Software seeks a Cyber Security Engineer II to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.Qualifications:Public Trust ClearanceB.S. Computer Science...

About Company

Company Logo

Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.

View Profile View Profile