BethesdaRecruiter Since 2001
the smart solution for Bethesda jobs

Lead Cyber Security Engineer

Company: GRSi
Location: Bethesda
Posted on: April 8, 2021

Job Description:

DescriptionLead Cyber Security Engineer
Location: Bethesda, MD
GRSi, a Maryland Tech Council Top5 Technology Company in Maryland is experiencing industry leading growth, recognized by Inc Magazine as one of the fastest growing companies in the country for 5 years, and led by Maryland's CEO of the Year. As part of our growth, we are searching for a driven and dynamic Lead Cyber Security Engineer to manage and maintain the IT security posture to world renowned healthcare and research organizations in the Washington, DC metro area, and around the world. This position is based in Bethesda, MD at our state-of-the-art Technical Operations Center.

Job Description:
We are currently looking for a Lead Cyber Security Engineer to join our team. This is an operational role focusing on security remediation i.e., remediating vulnerabilities, findings from penetration tests, manual patching cleanup, EOL software and operating system upgrades.
The ideal candidate will be experienced as an ISSO/Systems Engineer with Windows and/or Linux OS experience to maintain, upgrade and manage our software, hardware and networks. Resourcefulness is a necessary skill in this role. You should be able to diagnose and resolve problems quickly. You should have the ability to communicate with a variety of interdisciplinary teams and users. Your goal will be to ensure that our technology infrastructure runs smoothly and efficiently, and that vulnerabilities are remediated.

Responsibilities
- Act as a technical and cyber security engineering-focused extension and source of support for the NHLBI Chief ISSO
- Provide technical and operational security support for IT security including cipher lists/orders, documentation and maintenance of the current security infrastructure
- Perform continuous monitoring and re-assessment of administrative, physical, and technical security controls
- Execute tasks including but not limited to, audit log review, accounts review, patch reporting, configuration management, and security impact analysis
- Perform vulnerability remediation and risk analyses of computer systems and applications
- Support ongoing security awareness throughout the organization
- Install and configure software and hardware
- Monitor network or system activities for malicious activity
- Recommend security solutions according to company and customer policy and standards
- Report gaps as applicable with appropriate recommendations
- Ensure 100% encryption compliance with NIH, NHLBI security policies
- Ensure 100% compliance of all Windows, Linux and Mac desktop/workstations with NIH, HHS, and other Federal standard security settings identified by the Client
- Ensure 100% compliance of all Windows, and Linux servers with NIH, HHS, and other Federal standard security settings identified by the Client
- Demonstrated knowledge of NIST, NIH, HHS, SANS, CWE guidance for the SA&A, ability to recommend security controls
- Must understand and be able to explain vulnerabilities and weaknesses, discuss effective defensive techniques with both technical and non-technical audiences
- Strong understanding and demonstrated experience applying a risk-based approach to information security and IT assessments
- Perform and provide timely (within SLAs) operational support for remediation of vulnerabilities including HW, SW, website, and applications identified by the Client
- Work with NIH CIT/IRT Security Team to ensure all assigned vulnerability configuration remediation actions are completed within designated timeframe approved
- Respond to internal and external (to NIH) information security alerts and incidents
- Manage and work with the NHLBI Security Team on the remediation of Plan of Action and Milestones (POA&M) items
- Develop and implement information assurance/security standards and procedures
- Comply with the escalation of security incidents policies and procedures
- Verify installation and evaluation of new Software, perform testing using NIH standard testing and security tools
- Perform, support hardening of all server and workstation desktop images and configurations for security in accordance with guidance from the Chief ISSO and other Security departments
- Coordinates and leads complex events to assess software and hardware baselines to include the following technology areas: Windows Server, Windows Desktops, Enterprise Linux/Unix, Mac, Cisco switches and routers, VMware, JRE, Office products, DNS, Load Balancers, web servers, etc.
- Develop, maintain, and coordinate complex C&A Plans and Security Plans accreditation/authorization on assigned projects
- Perform / conduct STIG, CIS compliance checks on Windows Linux/Unix. Mac Operating Systems along with other devices like network security appliances, switches, printers etc., Compile STIG/CIS checklists
- Manage the enterprise-wide Vulnerability Management Process while performing vulnerability assessments using vulnerability and analytics security tools
- Manage the enterprise-wide Intrusion Detection and Preventions Systems
- Implement a process to periodically review to ensure controls are functioning effectively
- Lead and perform Security Control Assessment, Contingency Plan Test in accordance with NIH Annual Assessment Guidance
- Develop and maintain Security Documents/deliverables like SA&A Package, System Security Plan (SSP), Contingency Plan (CP), Business Impact Assessment (BIA) etc., document mitigation statements as well as detailed risk accepted statements
Areas of Focus
- Device Patching & Check-in Policy Implementation
- Anti-Virus SW Implementation
- Weak Ciphers Cleanup Efforts
- Configuration Compliance Cleanup Efforts
- Cloud security best practices

Requirements/Qualifications
- Bachelor's Degree in Computer Science, Information Technology or Cybersecurity
- 12+ years of experience
- Professional experience troubleshooting OS and supporting client configuration, and network access
- Ability to express complex concepts in a clear, easy-to-understand manner with various levels of users and in face-to-face interactions as well as in writing.
- Proven experience as a System Administrator
- Experience with databases, networks (LAN, WAN) and patch management
- Knowledge of system security (e.g., intrusion detection systems) and data backup/recovery
- Ability to create scripts in PowerShell, Bash, Ruby or Python
- Familiarity with various operating systems and platforms
- Resourcefulness and problem-solving aptitude
- Excellent communication skills
- Ability to obtain a Public Trust Clearance

Desired Certifications
- CompTIA Net+
- CompTIA A+
- CompTIA Security +
- CISSP Certified Information Systems Security Professional
- CPTE Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
- SANS, CWE or other relevant certification

The Company:
Innovation, Collaboration and Agility - at GRSi these aren't buzz words, they're our mantra.
--
GRSi is an ISO certified and CMMI/dev-ML3 rated professional services organization with expertise that covers all areas of information technology and professional engineering services -- from systems integration; Agile, Iterative and Waterfall software development; multi-tier infrastructure support; to full spectrum cyber security and enterprise systems support. Regardless of the program or the task, the excellence of GRSi is all about the people. Our greatest asset is our ability to attract and retain highly qualified professionals and our record growth this past year means new opportunity.
GRSi is an Equal Opportunity/Affirmative Action employer. Qualified applicants or employees will receive consideration for employment without regard to race, color, religion, ethnic or national origin, ancestry, age, sex, sexual orientation, gender identity, pregnancy (including childbirth or related condition) citizenship, familial status, mental or physical disability status, veteran status, genetic information, other non-disqualifying disability, or any other characteristic protected by law.--
*2020 - Top 5 Gov't Contractor, MD Tech Council, 4th year*
*2020 - Inc Magazine Fastest Growing Companies, 6th year*
*2020 - G2Xchange NXT UP Federal Emerging Technology and Consulting Firms*
*2019 - MD Tech Council CEO of the Year*
*ISO 9001:2015, 20000:2018 & 27001:2013 Certified / CMMI-ML3 Appraised* You have been redirected to a GRSi job page

Keywords: GRSi, Bethesda , Lead Cyber Security Engineer, Engineering , Bethesda, Maryland

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Engineering Jobs


Controls Engineer
Description: Farm Operations - Robotics Automation / Bowery Farming, the Modern Farming Company, was founded in 2015 with the belief that technology and human ingenuity can grow better food for a better future. (more...)
Company: Bowery Farming
Location: Baltimore
Posted on: 04/13/2021

RF Design Engineer
Description: Position Summary br ul li Lead the development of state-of-the-art, miniature microwave receivers for government and military applications. li Perform top level requirements analysis and design (more...)
Company: Corporate Brokers
Location: White Marsh
Posted on: 04/13/2021

Mechanic
Description: Immediate temp-to-hire opportunities for experienced mechanics in Thomasville, Pa Our well-known manufacturing client is seeking experienced mechanics to perform equipment and facilities maintenance
Company: System One
Location: York
Posted on: 04/13/2021


Mechanic
Description: Join Our Team Sunbelt Rentals strives to be the customer's first choice in the equipment rental industry. From pumps to scaffolding to general construction tools, we aim to be the only call needed to (more...)
Company: Sunbelt Rentals, Inc.
Location: Rosedale
Posted on: 04/13/2021

Senior Radio Frequency Design Engineer
Description: Responsibilities: Lead development of microwave receivers for government and military applications. Perform
Company: Synerfac Technical Staffing
Location: White Marsh
Posted on: 04/13/2021

Mac Tools Seeking Mechanics - Automotive Technicians - Full Training
Description: Job title: Mac Tools Seeking Mechanics - Automotive Technicians - Full Training br br Job description: br br Build a Great Career and a Quality Life with Mac Tools. br br Feel the freedom (more...)
Company: Mac Tools
Location: Rosedale
Posted on: 04/13/2021

Diesel Technician/Mechanic III - Entry Level
Description: What's the Job Ready to accelerate your career while helping our customers move forward As a Technician III at Penske, you'll do exactly that. Here, you'll do preventative maintenance and minor repairs (more...)
Company: Penske
Location: Baltimore
Posted on: 04/13/2021

Industrial Controls Engineer/Principal-Manufacturing Operations
Description: Category: EngineeringLocation: Baltimore, MarylandUS Citizenship Required for this Position: YesClearance Type: NoneTelecommute: No -Teleworking not available for this positionShift: 1st ShiftTravel Required: (more...)
Company: Northrop Grumman
Location: Baltimore
Posted on: 04/13/2021

Mac Tools Seeking Mechanics - Automotive Technicians - Full Training
Description: Job title: Mac Tools Seeking Mechanics - Automotive Technicians - Full Training br br Job description: br br Build a Great Career and a Quality Life with Mac Tools. br br Feel the freedom (more...)
Company: Mac Tools
Location: Stevensville
Posted on: 04/13/2021

Senior Network Engineer
Description: Augustine Consulting, Inc. provides technology advancements and improvements to ensure Warfighters possess reliable, resilient communications against all adversaries, anywhere, anytime, in all domains, (more...)
Company: Augustine Consulting, Inc.
Location: Gunpowder
Posted on: 04/13/2021

Log In or Create An Account

Get the latest Maryland jobs by following @recnetMD on Twitter!

Bethesda RSS job feeds