Job Description ECS is seeking an experienced
Computer Security System Specialist to work
remotely providing cybersecurity support for the work performed under this contract for
NIH NIAID Enabling and Advancing Technologies (NEAT) . All other tasks are intended to facilitate the implementation and operation of Enterprise Clinical Information Systems. This engagement provides a spectrum of management, technologies development, applications/software engineering, bioinformatics support, and professional development. The Computer Security System Specialist will provide professional support services, technical leadership, and ensure the efficient and effective delivery of services and projects.
Please Note: This position is contingent upon [contract win]. The NIAID NEAT Computer Security System Specialist will be responsible for cyber security incident resolution, monitoring of NIAID systems and components to detect potential threats, and project management and engineering support for the improvement and automation of security operation tools and processes.
Key Responsibilities: - Design, develop, engineer, and implement solutions to MLS requirements.
- Perform complex risk analyses which also include risk assessment.
- Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Support customers at the highest levels in the development and implementation of doctrine and policies.
- Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
- Perform analysis, design, and development of security features for system architectures.
Required Skills - Minimum 5 years of cybersecurity experience supporting Health IT software development initiatives.
- Bachelor's degree in computer science, Information Security or related field.
- Active Public Trust or higher security clearance.
- Proven ability to consistently understand threats, evaluate the impact of potential incidents, and recommend risk reduction techniques based on a knowledge of different operation threat environments, general attack stages, incident categories, cyber defense tool data collection, and playbooks for resolving common incidents.
- Demonstrated expertise in analyzing and providing clear and concise risk reports, dashboards, and other visualizations to federal risk executives, system operators, and system stakeholders.
- Knowledge of and experience overseeing the administration and configuration of workstation and infrastructure security tools including but not limited to: Anti-malware/Anti-virus software, Data Loss Prevention software, endpoint detection and response (EDR), vulnerability assessment tools, asset discovery and management software, SIEM, Cloud Access Security Broker (CASB).
- Experience with establishing and enhancing security operations capabilities and proactively identifying potential risks that may lead to an incident including coordination with multi-contractor teams and across agency groups.
- Experience in setting up, administering, and enhancing cybersecurity tools and security operations processes to reduce alerting on false positives, to proactively identify configurations that may lead to a potential incident, and to automate incident resolution playbooks.
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation state sponsored]); general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.); incident categories, incident responses, and timelines for responses; as well as penetration testing techniques and tools.
- Competency in verbal communication, technical written communication, and analytical skills.
- Reside within the Washington DC Metro area.
- Travel within the Washington DC Metro Area, and CONUS as needed.
Desired Skills - Ability to lead, mentor, and guide engineering teams to ensure adherence to best practices.
- Relevant Certifications (e.g. Certified Information System Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH), Certified Network Defender (CND), Systems Security Certified Practitioner (SSCP), etc.)
- Familiar with HHS Enterprise Life Cycle (ELPC) methodology.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Never miss an opportunity! Create an alert based on the job you applied for.
