Job SummaryUnder IT Security, the staff shall operate, maintain, and enhance NICHD's computing environments so that all IT services to the end-users are provided without threats and vulnerabilities. The following areas shall be served:
• Cybersecurity
• FISMA Compliance Support
What you will do:CYBERSECURITY:
- Oversee routine vulnerability scanning capabilities across networks and systems.
- Oversees patching, hardening and baselining activities across networks; ensures other stakeholders are in compliance with established patching/hardening policies.
- Maintains, configures, and ensures the successful deployment of logging/auditing tools across the networks; ensures logging activities are functional across all networks.
- Maintains system baseline and configuration management items, including security event monitoring policies in a manner determined and agreed to by the program management.
- Interacts with both Systems engineers and O&M personnel to ensure a complete and functioning system that meets requirements.
- Ensures all Network Defense capabilities are kept current, patched, securely configured, and communicates status to management.
- Analyzes the data flows into, out of, and across networks to ensure security gaps do not exist and data exchange is in line with system classification level.
FISMA COMPLIANCE SUPPORT:
- Researching, analyzing, and reporting on different trends using publicly available or collected data.
- Ensuring effective implementation of annual FISMA reporting review requirements.
- Reviewing security documentation of various NICHD systems to assure FISMA Compliance is effectively implemented and monitored.
- Having the necessary organization, experience, and technical controls.
What you will bring: CYBERSECURITY:
- Four (4) to six (6) years of hands-on experience providing technology leadership for IT Security.
- Three (3) or more years of experience of new and emerging cybersecurity technologies including but not limited to: hands-on tool usage of BigFix, Splunk, Tripwire, Cylance, Tenable etc.
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Experience with incident response and handling methodologies.
- Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
FISMA COMPLIANCE SUPPORT:
- Four (4) to six (6) years of hands-on experience providing technology leadership for FISMA Compliance.
- Three (3) or more years of experience of new and emerging cybersecurity technologies including but not limited to: hands-on tool usage of BigFix, Splunk, Tripwire, Cylance, Tenable etc.
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Experience with Security Assessment and Authorization in Federal environment.
- Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment.
How you will wow us:- CISSP, CISA, CISM, and/or SSCP.
- Strong skills in the following key areas including strategic thinking, multi-tasking, negotiation, conflict management, time management, planning and executing to a defined schedule/budget.
- Able to communicate complex technical concepts and project information clearly and concisely to both technical and non-technical audiences.
- Ability to work effectively as a member of an integrated team and the ability to negotiate reasonable compromises among a diverse group of stakeholders.
- Ability to work in a fast paced, technically challenging area; ability to anticipate changes, problems, or activities, assess impacts and recommend sound solutions.
- Able to work independently and motivated, capable of working across teams and organizations.
- Prefer experience with data analytics and combining data sets from multiple sources to provide reports for identifying risk and measuring security posture.
- Prefer strong skills in the following key areas including strategic thinking, multi-tasking, time management, planning and executing to a defined schedule.
- Expert level of experience with Microsoft products Word, PowerPoint, Excel, and Visio.
- Prior experience using a helpdesk ticketing system such as ServiceNow is preferred.
- Prior federal government IT Security experience is preferred.
At JCS Solutions, compensation is based on a number of factors such as location, qualifications, and applicable contract terms. The general salary range for this position is as follows: $176,000.00 - $190,000.00
