Computer Security System Specialist

About The Position

Requirements

• Minimum 5 years of cybersecurity experience supporting Health IT software development initiatives.
• Bachelor’s degree in computer science, Information Security or related field.
• Active Public Trust or higher security clearance.
• Proven ability to consistently understand threats, evaluate the impact of potential incidents, and recommend risk reduction techniques based on a knowledge of different operation threat environments, general attack stages, incident categories, cyber defense tool data collection, and playbooks for resolving common incidents.
• Demonstrated expertise in analyzing and providing clear and concise risk reports, dashboards, and other visualizations to federal risk executives, system operators, and system stakeholders.
• Knowledge of and experience overseeing the administration and configuration of workstation and infrastructure security tools including but not limited to: Anti-malware/Anti-virus software, Data Loss Prevention software, endpoint detection and response (EDR), vulnerability assessment tools, asset discovery and management software, SIEM, Cloud Access Security Broker (CASB).
• Experience with establishing and enhancing security operations capabilities and proactively identifying potential risks that may lead to an incident including coordination with multi-contractor teams and across agency groups.
• Experience in setting up, administering, and enhancing cybersecurity tools and security operations processes to reduce alerting on false positives, to proactively identify configurations that may lead to a potential incident, and to automate incident resolution playbooks.
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]); general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.); incident categories, incident responses, and timelines for responses; as well as penetration testing techniques and tools.
• Competency in verbal communication, technical written communication, and analytical skills.
• Reside within the Washington DC Metro area.

Responsibilities

• Design, develop, engineer, and implement solutions to MLS requirements.
• Perform complex risk analyses which also include risk assessment.
• Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Support customers at the highest levels in the development and implementation of doctrine and policies.
• Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Perform analysis, design, and development of security features for system architectures.