Phone and skype
any visa
SCOPE OF THE PROJECT:
The Office of Information Assurance is tasked with ensuring the confidentiality, integrity and availability of systems and services. A strong candidate for this position should possess HANDS-ON experience in the following:
• Data network design and engineering
• Strong understanding of routing and switching protocols
• Network perimeter protection technologies
Role Summary/Purpose
Overview:
This is a HANDS-ON Role
The Network Security Engineer will report to the Office of Information Assurance and operate as an experienced consultant to leadership, business units, business partners and vendors.
Security Program Experience:
Experience with CMS MARS-E or other FISMA Risk Management Framework (RMF) compliant programs is strongly desired and will be given the highest weight. Experience must include well documented success in the performance of security focused processes and procedures supportive of a secure, compliant enterprise architecture.
Experience with development and integration of RMF tasks and artifacts into the System Development Life Cycle (SDLC) is ideal.
Experience in security as related to multi-tenant, cloud services and vendor interface management would be considered desirable for this position.
Technical Knowledge:
HANDS-ON experience with any or all of the following technologies would be considered a desirable for this position:
• Secure Network Design – Layer 2 Security, Firewalls, Intrusion Prevention Systems (IPS), Switching and Routing Infrastructure
• Network Monitoring expertise utilizing tools such as Solarwinds, Zabbix, etc.
• Security Information and Event Management (SIEM) solutions such QRadar, Splunk, etc.
• Vulnerability Assessment tools such as Nessus, ForeScout, etc.
• IBM System 390/zSeries
• Linux and Windows servers
• Identity and Access Management (IAM) solutions
• Cloud service and vendor integration
General Duties and Responsibilities:
1. Assist (and often lead) in the design, development, implementation and/or ongoing maturation of network security and compliance solutions
2. Provide HANDS-ON support of Systems and Software
3. Participate in audit and assessment of internal agency systems as well as business partner/service provider information systems.
4. Utilize Microsoft Office software suite, eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other OIA efforts.
5. Participate in third-party audits and/or assessments of agency and business partner systems
6. Collaborate with agency leadership, business partners and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts.
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
1. Strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy.
2. Deep technical knowledge of secure network design principles, security architecture, network and system compliance tools, data protection schemes and access models.
3. 5+ years of hands-on experience in network design, implementation and support
REQUIRED EDUCATION/CERTIFICATIONS:
1. BS degree in computer science or similar discipline is a MUST.
2. CCNA Security or equivalent (network security-centric) certification is required
PREFERRED EDUCATION/CERTIFICATIONS:
1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification.
•
Last updated on Jan 2, 2018