NLM Security Specialist

About The Position

Requirements

• Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, Information Systems or a related field
• 6 years of relevant professional experience, or a combination of education and experience that is equivalent to nine years
• 3 years of experience supporting information systems in a federal or regulated environment
• Hands-on experience with FISMA and the NST Risk Management Framework (RMF)
• Experience supporting security control implementation/operation, continuous monitoring activities (ISCM) and incident response support
• Familiarity with network and system security controls including access control mechanisms for wired and wireless networks.
• Intermediate knowledge of Microsoft Office productivity software and collaboration tools such as Microsoft Teams and SharePoint.

Nice To Haves

• Proven success reducing POA&M backlog and accelerating ATO timelines through process improvements
• Experience embedding security into cloud, platform, or DevSecOps pipelines early in the system lifecycle
• Ability to scale security operations through tooling rather than manual processes
• Previous experience with NIH, especially NLM

Responsibilities

• Support the implementation, monitoring, and ongoing maintenance of information system security controls, including day‑to‑day security monitoring (vulnerability scanning, log review, and event analysis) and incident response activities such as evidence collection, documentation, and coordination with stakeholders, under senior direction.
• Support continuous monitoring (ISCM) activities to assess the effectiveness of security controls, assist with risk assessments and remediation planning to address vulnerabilities and findings, and track remediation actions through validation and closure in alignment with federal cybersecurity requirements.
• Implement and maintain security controls across networked environments, including wired and wireless networks, while supporting access control, identity management, and system hardening efforts in coordination with engineering and operations teams to ensure secure configurations are maintained throughout the system lifecycle.
• Lead or contribute to security architecture and compliance activities by integrating security requirements into system and platform designs, providing authoritative guidance on risk management strategies, control selection, and best practices, and advising project teams on aligning technical solutions with security and compliance expectations.
• Produce clear and accurate security documentation to support audits, assessments, and ongoing operations, while collaborating with system owners, developers, engineers, and stakeholders to embed security into delivery processes and contribute to continuous process improvements that enhance security effectiveness and operational efficiency.

Benefits

• competitive pay and exceptional benefits to a range of work/life programs based on your employment classification and personalized preferences