Job Department: Information Technology

Zero Trust is currently seeking a Senior Cybersecurity Compliance Analyst to join our team. The Senior Cybersecurity Compliance Analyst will support the day-to-day and project-based security activities, POA&M remediations, vulnerabilities impact, and remediation process for the on-premises and cloud environments.

 

The Senior Cybersecurity Compliance Analyst will use his/her expertise to effectively manage security compliance activities, security waivers, documentation by working and providing guidance to all the stakeholders.

 

PRIMARY RESPONSIBILITIES:

· Manage daily Cybersecurity compliance activities.

· Proactively Manage Cybersecurity projects and tasks.

· Take initiatives to identify compliance weaknesses and present reports to the management.

· Lead and mentor the NCATS CSS Cybersecurity compliance team.

· Must be familiar with Risk Management Framework (RMF), NIST 800-53 and other Government mandates.

· Lead NCATS Cybersecurity compliance efforts to follow the Risk Management Framework (RMF).

· Have a solid understanding of the ATO preparation and assessment process.

· Schedule and coordinate compliance activities, sessions, and meetings with the stakeholders.

· Provide security controls implementation guidance.

· Be able to effectively work with stakeholders to manage and close POA&Ms.

· Provide effective guidance to the stakeholders on secure baseline configurations.

· Manage compliance documentation in NIH GRC tools.

· Ensure on time delivery of task order deliverables for cybersecurity compliance.

· Manage work through tools such as NIH incident response (IRT) portal, Splunk, ServiceNow, Jira, Confluence etc.

· Provide guidance on ATO package preparations and security controls implementation.

· Establish communications with vendors for the release of newly identified vulnerabilities and to ensure they understand the specialized requirements of the client’s information systems.

· Develop daily, weekly, and annual NCATS security landscape metrics.

· Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities.

· Provide notification of potential threats by tracking vulnerabilities and exploits, propagation of worms and viruses.

· Monitor the progress of internal and external organizations to ensure operational requirements are fulfilled for audits and reviews.

 

BASIC QUALIFICATIONS:

· Bachelor’s degree in a relevant technical discipline and 8+ years of overall related experience. 5+ years of additional related years of experience is accepted in lieu of a degree.

· Experience working with NIST 800-xxx series guidance.

· Project management experience a must.

· Familiarity with different encryption types.

· Familiarity with Windows/Unix/Linux platforms.

· Familiarity with DevOps pipelines, code scanning, penetration testing etc.

· Proven experience with incident and change management systems such as ServiceNow and Jira.

· Well versed in Active Directory, Office 365 and other platforms.

· Experience in Threat and Vulnerability scanning and remediation methodologies.

· Familiarity with System Incident and Event Management (SIEM) and other logging and monitoring tools.

· Experience in Vulnerability management and threat management tools such as Tenable Nessus, Netsparker, McAfee suite, Palo Alto, Amazon inspector and Cloud Watch etc.

· Experience in a hybrid operations environment providing leadership specified reports based on information received from other system owners and operations team.

 

PREFERRED QUALIFICATIONS:

· BS or MS degree in computer science, computer engineering, information systems, privacy engineering or related field of study.

· CEH, Security Plus. Splunk Power User.

· Excellent communication and presentation skills and the ability to effectively communicate designs, proposals, and results; and negotiate options at management levels

· Proficient in developing briefing materials, administrative, and logistic support.

 

Responsibilities:

• Provide on-site in-person support for team, client and corporate meetings 
• Supervise a team of 15-20 systems engineers and subject matter experts; recruit, hire, mentor, and manage personnel with diverse technical skill sets.
• Lead cross functional teams specializing in server administration (Linux, Mac, and Windows), cloud services, web and application hosting, storage, backup and recovery, desktop engineering, and systems administration.
• Analyze infrastructure support needs, evaluate technical solutions, and apply industry best practices to provide responsive and effective solutions that align with customer goals and mission.
• Work with multiple stakeholders to identify, recommend, develop, implement, and support cost-effective technology solutions to operations challenges.
• Develop, implement, communicate, and enforce IT policies, procedures, and process improvements.
• Establish guidelines to monitor systems performance and ensure service stability; track progress and report on status of systems operations as well as infrastructure capacity, integrity, and availability.
• Create, implement, manage, and maintain the disaster recovery/ continuity of operations program (DR/COOP).
• Monitor physical inventory levels and virtual capacity; recommend purchases of equipment and supplies as needed to meet operational requirements and maintain agreed upon standby levels.
• Raise issues and exceptions; follow-through to resolution.
• Devise clear risk mitigation strategy and engage appropriate stakeholders.
• Research emerging trends and new technologies to identify potential improvements; develop business case justifications and cost/benefit analyses for IT spending and initiatives.
• Ensure the efficient utilization of IT resources, personnel, and equipment.
• Manage on-call rotation and infrastructure maintenance schedules.

 Qualifications: 

• Bachelor’s degree in Computer Science, Information Systems, or other related business, scientific, or technical discipline.
• 7+ years managing enterprise IT operations in a complex, research-based environment.
• 4+ years direct supervisory experience.
• Past experience in Federal Civilian / Health / Bio-Sciences Research space a big plus.
• Past experience with weekly/monthly corporate presentations to C-level executives.
• Experience with hardware and software for networking; distributed computing; virtualization; large-scale, high-performance storage systems; databases; telephony; and cloud computing.
• Ability to adapt to rapidly changing requirements with a flexible and creative approach to brainstorming, troubleshooting, and problem solving.
• Outstanding leadership, team building, and consensus building skills across diverse skill sets and stakeholder perspectives.
• Ability to think analytically and independently, providing the thought leadership necessary to introduce incremental and evolutionary change.
• Able to communicate effectively and confidently – in writing and presentations – complex topics and procedures with team members and all levels of customer stakeholders.
• Strong ITSM background to include ITIL v4 Foundation certification, intermediate qualifications, and/or experience applying ITIL-based practices.
• Traditional and/or agile project management experience and certifications such as CompTIA Project +; PMI CAPM, PMP, ACP; or Certified ScrumMaster (CSM).
• Experience implementing DevOps / Continuous Integration / Continuous Delivery environments.
• Experience with cloud solutions such as Amazon Web Services (AWS) and Microsoft Azure.

The Information Security Compliance Engineer will support the NCATS Cybersecurity Services (CSS) team in implementing the NIST 800-53 security controls and assist the infrastructure, platform and application teams with technical security support. Oversee the security posture of NCATS systems, inventory, and applications. Provide Risk Management Framework (RMF) support. Assist in the remediation of Plan of action and miles stones (POA&M). Provide analysis and hands on support of day-to-day security activities, identify, and manage systems and applications security for cyber risks, prepare remediation plans, be able to effectively draft compliance documentation and SOPs. The Infosec Compliance Engineer will also use the expertise to manage security incident workflows and waivers. Provide technical design guidance to all the stakeholders to translate security and business requirements into technical designs; configure and validate secure complex systems; and help test security products and systems to detect security weakness. 

 

PRIMARY RESPONSIBILITIES: 

• Manage daily Cybersecurity Operational activities.
• Proactively Manage Cybersecurity Operations projects and tasks and ensure on time delivery.
• Take initiatives to identify, analyze and remediate weaknesses and present reports to the management.
• Lead and mentor the NCATS CSS Cybersecurity Operations team with hands on security tools support.
• Must be able to represent NCATS CSS team and provide technical security guidance in troubleshooting calls.
• Must have hands on experience with firewalls, load balancers switches, routers, Windows and Linux/Unix servers.
• Must have expert understanding of TCP/IP and networking principles.
• Must be familiar with GitHub and container security techniques.
• Take the lead on securing NCATS system and applications through system hardening.
• Must be able to secure DevOps pipelines by providing technical security guidance and support to the application and infrastructure teams. 
• Lead the security operations in proactively managing threats, vulnerabilities and remediation efforts.
• Must be familiar with Risk Management Framework (RMF), NIST 800-53 and other Government mandates.
• Provide security controls implementation support for NCATS Cybersecurity ATO preparations efforts following Risk Management Framework (RMF).
• Have a solid understanding of the ATO preparation and security controls implementation process.
• Lead ATO technical guidance efforts and help write documents such as System Security Plans (SSPs).
• Schedule and coordinate operational activities, sessions, and meetings with the stakeholders.
• Provide effective guidance to the stakeholders on secure baseline configurations.
• Manage work through tools such as NIH incident response (IRT) portal, Splunk, ServiceNow, Jira, Confluence etc.
• Establish communications with vendors for the release of newly identified vulnerabilities and to ensure they understand the specialized requirements of the client’s information systems.
• Develop daily, weekly, and annual NCATS security landscape metrics.
• Help the Vulnerability Management team to Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities. 
• Monitor the progress of internal and external organizations to ensure operational requirements are fulfilled for audits and reviews.

REQUIRED QUALIFICATIONS: 

• Must Have hands on Linux/Unix experience and know how secure the systems. 
• Understand how to implement security controls based on NIST 800-53. 
• Must have hands on Linux/Unix administration experience and familiarity with Windows environments.
• Ethical hacking experience and (CEH) familiarity a big plus.
• Must have experience with Identity and Access Management (IAM) and tools.
• Must be able to conduct and lead technical reviews and analysis with infrastructure and application teams.
• Must be able to troubleshoot security incidents and lead the other technical teams to resolve incidents as well as remediate the threats and concerns.
• Must be able to provide guidance on security control implementation and perform technical tasks when needed for Windows, Linux/Unix environments.
• Must be familiar with networking and other infrastructure components such as traffic flow, access management and Active Directory etc. 
• Be able to manage cyber risks by providing guidance to secure system designs, baseline configuration assistance and administer ATO preparation activities. 
• Be able to manage and administer the security tools and have hands on working experience with Tenable Nessus, Netsparker,  Trellix suite, Palo Alto, BigFix, Splunk, etc. and cloud-based equivalents. 
• Must have experience with DevOps security controls implementation.
• Must be familiar with GitHub, Docker and in general with the CI/CD pipeline security.
• Assist in security incident response efforts.  
• Work with other teams to integrate the NCATS Threat and Vulnerability Management processes with the patching cycles, baseline configurations and CIS benchmarks. 
• Must be familiar with database server architecture and be able to provide security support to the database team. 
• Must be familiar with Cloud environments and tools.   
• Must be familiar with Risk Management Framework (RMF) and Government mandates such as continuous diagnostic mitigation (CDM) and Binding operations directives (BODs) 
• Identify, analyze, and develop mitigation or remediation actions for POA&Ms 
• Assist with a reliable patch and compliance management mechanism for all on-premises and cloud systems. 
• Recommend, configure, and install advanced firewalls and centrally manage other security tools in multiple cloud environments. 

PREFERRED QUALIFICATIONS: 

• BS degree in computer science, computer engineering, information systems, privacy engineering or related field of study. 
• Bachelor’s degree in a relevant technical discipline and 4+ years of overall related IT security compliance experience. 5+ years of additional related years of experience is accepted in lieu of a degree.  
• Experience working with NIST 800-53 series guidance. 
• Hands on working experience with Unix/Linux and Windows platforms. 
• Familiarity with DevOps pipelines, code scanning, penetration testing etc. 
• Experience in security compliance documentations such as SARS[MB1] [IJ2] , Waivers, Contingency and Incident Response plans, etc. 

The Senior Vulnerability Management Analyst will support the analysis of software/hardware vulnerabilities, impact, and lead the remediation efforts for the on premise and cloud environments. 

The Senior Vulnerability Management Analyst will use their expertise to manage complete vulnerability management operations by working with and providing guidance to all the stakeholders. 

PRIMARY RESPONSIBILITIES: 

• Manage and run the threat and vulnerability management operation effectively and mentor the junior team members.
• Establish proactive threat and vulnerability monitoring, identification, assessment / analysis, validation, remediation, and reporting mechanism.
• Be able to manage and administer threat and vulnerability management tools and have hands on working experience with Tenable Nessus, Netsparker, Trellix suite, Palo Alto, BigFix, Splunk etc.
• Must be familiar with Government security mandates and requirements.
• Own the threat and vulnerability scanning schedules as well as management and communicate the results with the stakeholders to ensure timely mitigation.
• Work with other teams to integrate the threat and vulnerability management processes with the maintenance windows.  
• Establish communications with vendors for the release of newly identified vulnerabilities and to ensure they understand the specialized requirements of the client’s information systems.
• Compile daily, weekly, and annual vulnerability metrics associated with affected and non-affected products.
• Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities. 
• Prioritize identified vulnerabilities based upon severity, potential operational impact, and other factors for the client. Analyze issues affecting components with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution. 
• Provide notification of potential threats by tracking vulnerabilities and exploits, propagation of worms and viruses as they migrate throughout the client environment and globally. 
• Monitor the progress of internal and external organizations to ensure operational requirements are fulfilled for audits and reviews.

BASIC QUALIFICATIONS: 

• Bachelor’s degree in a relevant technical discipline and 4+ years of overall related experience. 5+ years of additional related years of experience is accepted in lieu of a degree. 
• Demonstrated experience with incident management tools such as ServiceNow and Jira.
• Experience in threat and vulnerability scanning and remediation methodologies.
• Familiarity with System Incident and Event Management (SIEM) and other logging and monitoring tools.
• Experience in vulnerability management and threat management tools such as Tenable Nessus, Netsparker, McAfee suite, Palo Alto, Amazon inspector and Cloud Watch etc.
• Experience in a hybrid operations environment providing leadership specified reports based on information received from other system owners and operations team. 

PREFERRED QUALIFICATIONS: 

• BS or MS degree in computer science, computer engineering, information systems, privacy engineering or related field of study.
• Strong software development skills. 
• Excellent communication and presentation skills and the ability to effectively communicate designs, proposals, and results; and negotiate options at management levels
• Proficient in developing briefing materials, administrative, and logistic support.
• Advanced communications and presentation skills enabling precise conveyance of information across the organization with command.