Security Engineer (IMC00553)

The security engineer will support and provide expertise to a successful cybersecurity and privacy program for a Government customer serving as the principal advisor to the system owner on all matters, technical and otherwise, involving the security of an information system.

Duties/Responsibilities: This position will include, but is not limited to, the following tasks:

• Support the planning, designing, and architecting of a multi-technology cyber solution.
• Develop and maintain security policies.
• Investigate to determine root causes of security issues to perform troubleshooting and problem resolution to restore services.
• Develop, present, and implement sound recommendations for remediation.
• Provide guidance and support security activities while building relationships with key personnel.
• Document and inform management with information about security information and event management.
• Remote management and troubleshooting of workstations and servers.
• Provide research and analysis in support of expanding programs and area of responsibility.
• Assess information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Perform analysis of security features for system architectures.
• Provide agency with knowledge and guidance in following NIST, FISMA, Agency Information Security and Privacy, and Cloud Guidelines.

Basic Required Qualifications and Skills:  Note: These are mandatory items that all candidates must have when making application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.

• Bachelor's degree in business, information technology, or related field of study.
  • 10 years of experience in computer security may substitute for degree.
• Minimum five years of experience in cybersecurity.
• At start date, must possess one of the following professional certifications:
  • CISM, CISSP, GSLC, CEH, LPT, CPT
  • Similar certifications considered on a case-by-case basis.
• Experience with Splunk and Splunk Certified Power User.
• Experience with administration of Linux and Windows.
• Experience with AWS Architecture.
• Possess a current AWS Architect Associate Certification or achieve within one year of start date.
• Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for cybersecurity.
• Excellent in oral, written, and verbal communication skills.
• Knowledge of
  • NIST Cybersecurity and Risk Management frameworks and associated requirements.
  • Risk management processes (e.g., methods for assessing and mitigating risk).
  • Cybersecurity/privacy principles and cyber threats and vulnerabilities.
• A background check will be required for employment.
• Pursuant to a government contract, this specific position requires U.S. Citizenship.
• Must possess or be able to obtain a federal background investigation of Tier 2 Critical Non-Sensitive (Form SF 85P).

Desired Qualifications and Skills:  It is desirable that the candidate has the following qualifications:

• Experience in HHS as a Government employee or contractor.
• Experience with Scripting, Python, PowerShell, Ansible, and/or Terraform.