NIH - Cyber Security Engineer III Job at cFocus Software Incorporated, Bethesda, MD

bGhVbGxDWmVZVUx0TEcyem9Edk9CcVpkT2c9PQ==
  • cFocus Software Incorporated
  • Bethesda, MD

Job Description

cFocus Software seeks a Cyber Security Engineer III to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 6+ years of experience implementing enterprise cybersecurity technologies.
  • Experience supporting Federal cybersecurity programs.
  • Experience engineering enterprise security solutions across Windows, Linux, cloud, and hybrid environments.
  • Experience implementing NIST cybersecurity controls and Federal security requirements.
  • Active CISSP, CCSP, Security+, CEH, GSEC, GCIH, or AWS Certified Security - Speciality
Duties:
  • Engineer, deploy, configure, and maintain enterprise cybersecurity technologies supporting NIH information systems.
  • Support security monitoring and operational cyber defense activities across on-premises, hybrid, and cloud environments.
  • Administer endpoint security, endpoint detection and response (EDR), anti-malware, and host-based security solutions.
  • Implement secure configurations and system hardening in accordance with NIST, HHS, and NIH security standards.
  • Configure and maintain enterprise identity and access management (IAM) security technologies.
  • Support implementation and enforcement of Zero Trust Architecture (ZTA) principles.
  • Assist with enterprise log management, security monitoring, and event correlation capabilities.
  • Perform technical security assessments of servers, workstations, cloud resources, databases, and applications.
  • Coordinate with system administrators and application owners to implement security controls and corrective actions.
  • Support enterprise cybersecurity modernization initiatives.
  • Perform enterprise vulnerability assessments using approved vulnerability scanning platforms.
  • Analyze vulnerability scan results and prioritize remediation activities based on risk.
  • Coordinate vulnerability remediation with system administrators, application teams, and infrastructure personnel.
  • Verify remediation activities through follow-up validation testing.
  • Perform security configuration reviews against DISA STIGs, CIS Benchmarks, and NIH security baselines.
  • Monitor compliance with organizational vulnerability remediation timelines.
  • Develop remediation recommendations for operating systems, applications, databases, network devices, and cloud services.
  • Support development of Plans of Action & Milestones (POA&Ms) related to identified vulnerabilities.
  • Conduct risk analysis associated with newly discovered vulnerabilities and emerging threats.
  • Develop vulnerability metrics and executive reporting supporting enterprise cybersecurity risk management.
  • Design, engineer, implement, and maintain enterprise security architectures supporting NIH mission systems.
  • Engineer secure cloud environments within Microsoft Azure, Microsoft 365, AWS, and hybrid infrastructures.
  • Support implementation of network security technologies including firewalls, IDS/IPS, web application firewalls, secure gateways, and network segmentation.
  • Implement secure authentication, encryption, privileged access management, and certificate management solutions.
  • Engineer secure infrastructure supporting NIST Risk Management Framework (RMF) security controls.
  • Evaluate emerging cybersecurity technologies and recommend improvements to enterprise security architecture.
  • Support secure system lifecycle engineering activities throughout system development and modernization efforts.
  • Participate in technical architecture reviews and security design assessments.
  • Develop engineering documentation, implementation guides, standard operating procedures, and technical diagrams.
  • Support implementation of Cybersecurity Supply Chain Risk Management (C-SCRM) controls where applicable.

Job Tags

Full time, Remote work

Similar Jobs

Grand Teton Lodge Company

Laundry Attendant Job at Grand Teton Lodge Company

 ...linen, towels, rugs and bedspreads sent to Jackson Lake Lodge laundry, according to established procedures. Laundry workers fill specific...  ...clean linen and prepare material for the flatwork ironer. Attends the flatwork ironer and feeds prepared work in, or catches,... 

Circle C Aquatics

Lifeguard Job at Circle C Aquatics

 ...on weekday afternoons (330p-830p) and weekends through the spring and have open availability in the summer. A current Red Cross Lifeguard Certification is preferred for this position. Must be 15 years or older to apply.Starting pay is $20/hr.Reliable transportation... 

FlightSafety International

Flight Instructor Job at FlightSafety International

 ...FlightSafety International FlightSafety International is the worlds premier professional aviation training company and supplier of flight simulators, visual systems and displays to commercial, government and military organizations. The company provides training for... 

BAYADA Home Health Care

Accounts Payable Associate Job at BAYADA Home Health Care

 ...oversight of the weekly check settlement run processes. It is an entry level professional track position and will offer training and...  ...designees. Review expense reports for authorization and proper coding and submit for payment. Coordinate with other departmental... 

SpringHill Suites Cheraw

Bartender Job at SpringHill Suites Cheraw

Raines Co. - Your Future is Now!Position Summary: The Bartender is responsible for providing the highest quality of service to guests...  ...* Prepare garnishments for drinks.* Be able to operate the hotel computer system, Micros.* Perform opening and closing procedures...