Security Task Lead

Clearance Level
Cyber Security
Bethesda, Maryland

REQ#: RQ47023

Travel Required: None
Public Trust: Other
Requisition Type: Regular

We are seeking a Security Task Lead to join our team to support the Office of the Director (OD) within the National Institutes of Health (NIH) at Bethesda, MD. As the Security Task Lead with strong hands-on cyber security engineering experience, you will lead our team of security engineers consisting of both security operations and systems assessments and authorization (A&A) expertise who maintain security systems and conduct security operations for accredited infrastructures and applications supporting approximately 2700 users at OD and work alongside other GDIT staff who provide Desktop Support, Network Operations, Web Development, Customer Relations and Program Management support. You will be part of a 10-member Security team providing leadership and superior cyber security expertise and excellent customer service to the Office of Director so it can carry out its mission of supporting innovative scientific research.

In this role, a typical day will include:

  • Provide subject matter expertise on issues or tasks related to keeping systems and infrastructure secure (including hands-on technical expertise)
  • Perform security system event analysis, investigation, and validation
  • Provide incident response for events encompassing but not limited to data spillage, malware, misconfigurations, non-acceptable use or other technical issues (preferably using Carbon Black)
  • Participate in Change Management Board (CAB) activities to include representing Security on matters related to change management.
  • Work with stakeholders in ensuring compliance with relevant HHS, NIH or OCIO mandates, policies and standards
  • Develop, write, and edit forensic reports and/or presentations
  • Manage and administer CyberArk
  • Update or develop standard operating procedures, process workflows or other relevant documentation for use by security staff and other components within OIT.
  • Generate weekly/monthly reports as well as project-based communications as required
  • Supervise direct reports administratively: time card approvals, evaluations, on-boarding, off-boarding etc.

Required Qualifications:

  • BS degree in a Computer Science or equivalent and 15+ years’ experience
  • CISSP Certification
  • Must have a minimum of eight (8) years of professional experience in cybersecurity, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, Two‐Factor Authentication, Web‐filtering, and Advanced Threat Protection
  • Apply forensic procedures and evidence collection techniques to support data requests from Office of Inspector General, Office of General Counsel or in response to other lawful requests;
  • Develop, write, and edit forensic reports and/or presentations
  • Experience drafting SOPs and technical work instructions.
  • Must have professional experience in configuring and managing Imperva Securesphere WAF
  • Splunk administration to include management of the ingest of data sources, modification of dashboards and management and maintenance of the Splunk application.
  • Basic operation and maintenance of Palo Alto Firewalls.
  • At least one year experience maintaining and using Carbon Black Response
  • Good understanding of cybersecurity frameworks such as NIST cybersecurity framework, NIST Risk Management Framework
  • Knowledge of system security engineering and Systems Engineering
  • Ability to apply system engineering principles to solve cybersecurity problems
  • Ability to apply system security engineering techniques to mitigate cyber vulnerabilities
  • Team leadership experience
  • ITIL Foundations Certificate or must be able to obtain within six months of employment
  • Must be able to obtain a NIH Public Trust

Preferred Qualifications:

  • Working experience in software development and scripting
  • Possess a solid understanding with Red Hat Unix including the Installation and management of Redhat environments
  • Possess a solid base understanding of troubleshooting networking technologies such as TCP/IP, SSH, PKI, LDAP, VLAN, VPN, DNS and DHCP
  • Be comfortable with troubleshooting networking issues via firewall logs and TCPDump
  • Experience maintaining and using Symantec Security Analytics (BlueCoat)
  • One or more of the following (or similar) Certifications : GIAC Reverse Engineering Malicious Coede(GREM) Encase Certified Examiner (EnCE) GIAC Certified incident Handler (GCIH)

Attributes for Success:

  • Strong written and verbal communication skills
  • The successful candidate will be able to communicate technical subjects effectively in both verbal and written mediums to both technical and non-technical audiences
  • Resourcefulness and problem-solving aptitude
  • Desire to work in a team environment and strong work ethic
  • Ability to balance and manage customer needs, daily responsibilities and additional projects as assigned


Opportunity Owned

Discover more at  


We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.