Security Engineer

Security Engineer

We are GDIT. We stay at the forefront of innovation to solve complex technical challenges. 

The Health Resources and Services Administration (HRSA), located in Rockville, MD is an operating division within the Department of Health and Human Services (DHHS). As the nation’s leading public health agency, HRSA has the primary responsibility for improving access to health care for people who are uninsured, isolated or medically vulnerable. HRSA’s mission is to improve health and achieve health equity through access to quality services, a skilled health workforce and innovative programs. HRSA works with States, local public health agencies and partners throughout the nation to accomplish its mission. HRSA serves as the national focus for developing and applying disease prevention and control methodologies, environmental health strategies, and health promotion and education activities designed to improve the health of the people of the United States and throughout the world.

The Office of Information Technology (OIT) is responsible for providing HRSA with Information Technology (IT) services including: IT Infrastructure (Network, Hosting, Cloud) Enterprise Architecture, IT Governance, Cyber Security, Application Development, IT Help Desk Services, and web conferencing. The Division of Infrastructure Services (DIS) within OIT is responsible for the enterprise level infrastructure related services for the agency including application hosting and identity and access management.

General Dynamics Information Technology is seeking a highly motivated Security Engineer to support our Hosting Services and Identity and Access Management contract with HRSA and HRSA’s critical mission needs. As a Security Engineer, you will be part of an agile delivery team focused on HRSA’s hosting environment with an emphasis on providing high quality services to our customers. You will serve as a core support member for the team working closely with all team members to ensure on time delivery. The primary responsibilities of the Security Engineer will be to manage and respond to security incidents, evaluate current security protocols and SOPs, and develop technical solutions to address security vulnerabilities.

In this role, typical job duties include:

• Develop and execute standard operating procedures (SOPs) for security tools
• Evaluate, maintain, and enhance overall security posture
• Evaluate and report on new network Security technologies to enhance capabilities of the network
• Implement and test new security features
• Troubleshoot and respond to security incidents
• Identifying security measures to improve incident response
• Coordinating incident response across teams
• Participating in security assessments and code audits
• Developing technical solutions to security vulnerabilities
• Researching new attack vectors and developing threat models
• Automating security improvements
• Inherent understanding of Zero Trust Architecture and tools associated with the CISA 8 foundational pillars (User, Device, Network, Infrastructure, Application, Data, Visibility and Analytics, and Orchestration and Automation)
• Experience with the following products: Splunk, Crowdstrike, Stealthwatch, Zscalar, Palo Alto, Tenable, Cloud Native security tools for AZURE and AWS cloud environments
• Ability to use threat hunting techniques and tools
• Fulfilling service requests and resolving incidents within define service level agreements (SLAs)
• Establish and maintain Site-to-Site VPNs  
• Configure and maintain firewalls in Cisco using Cisco Firepower/ASA and Palo Alto

WHAT YOU’LL NEED:

• Bachelor’s degree in Computer Science, Information Systems, Communications, or Computer Engineering, Health or equivalent experience, Master’s preferred
• 6+ years of security engineering experience in both cloud and on-prem environments
• Experience with a hybrid environment
• Ability to obtain agency clearance  

PREFERRED QUALIFICATIONS:

• Healthcare Service or Department of Health & Human Services (HHS) agency experience
• Excellent knowledge of best practices and an understanding of industry trends and difficulties
• Excellent oral and written communication skills with a demonstrated ability to communicate complex technical topics to management and non-technical audiences
• Excellent analytical skills, including the ability to integrate information from multiple sources
• Works well as a team member in a fast-paced and often time-sensitive environment

WHAT GDIT CAN OFFER YOU:

• 401K with company match
• Customizable health benefits packages
• Collaborative teams of highly motivated critical thinkers and innovators
• Rewards program for high-performing employees

Not sure this job’s the one for you? Check out our other openings at www.gdit.com/careers.