Security Manager

Clearance Level
None
Category
Cyber Security
Location
Bethesda, Maryland

REQ#: RQ47445

Travel Required: Less than 10%

We are seeking a Security Manager to join our team to support the Center of Information Technology (CIT) within the National Institutes of Health (NIH) at Bethesda, MD. As the Security Manager with strong hands-on cyber security engineering experience, you will lead our team of security engineers who maintain security systems, conduct security operations, and deliver performance reporting for accredited infrastructures and applications supporting approximately 5000 users. The security team collaborates closely with the engineering, operations and Project Management office across a range of standard daily operations and projects both large and small. You will be part of a 10-member Security team providing leadership and superior cyber security expertise and excellent customer service.

In this role, a typical day will include:

  • Manage a team of approximately nine security engineers, including technical direction and administrative oversight.
  • Provide subject matter expertise on issues or tasks related to keeping systems and infrastructure secure (including hands-on technical expertise)
  • Perform security system event analysis, investigation, and validation
  • Provide incident response for events encompassing but not limited to data spillage, malware, misconfigurations, non-acceptable use or other technical issues
  • Participate in Change Management Board (CAB) activities to include representing Security on matters related to change management.
  • Work with stakeholders in ensuring compliance with relevant HHS, NIH or OCIO mandates, policies and standards
  • Develop, write, and edit forensic reports and/or presentations
  • Manage resources in the administration of industry-standard security tools, such as Splunk, Grafana, Tenable, Dynatrace and others.
  • Update or develop standard operating procedures, process workflows or other relevant documentation for use by security staff and other components
  • Generate weekly/monthly reports as well as project-based communications as required that range from the highly technical to the executive level

Required Qualifications:

  • BS degree in a Computer Science or equivalent and a minimum of five years’ experience
  • Security+ Certification
  • Must have a minimum of four years professional experience in cybersecurity, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, Two‐Factor Authentication, Web‐filtering, and Advanced Threat Protection
  • Apply forensic procedures and evidence collection techniques to support data requests from Office of Inspector General, Office of General Counsel or in response to other lawful requests;
  • Develop, write, and edit forensic reports and/or presentations
  • Experience drafting SOPs and technical work instructions.
  • Splunk administration of dashboards
  • Basic operation and maintenance of Cisco and Palo Alto Firewalls.
  • Good understanding of cybersecurity frameworks such as NIST cybersecurity framework, NIST Risk Management Framework
  • Ability to apply system engineering principles to solve cybersecurity problems
  • Ability to apply system security engineering techniques to mitigate cyber vulnerabilities
  • Experience leading a team of Cyber Security engineers
  • Must be able to obtain a NIH Public Trust

Preferred Qualifications:

  • Working experience in software development and scripting
  • CISSP Certification
  • Possess a solid base understanding of troubleshooting networking technologies such as TCP/IP, SSH, PKI, LDAP, VLAN, VPN, DNS and DHCP
  • Be comfortable with troubleshooting networking issues via firewall logs and TCPDump

Attributes for Success:

  • Strong written and verbal communication skills
  • The successful candidate will be able to communicate technical subjects effectively in both verbal and written mediums to both technical and non-technical audiences
  • Resourcefulness and problem-solving aptitude
  • Desire to work in a team environment and strong work ethic
  • Ability to balance and manage customer needs, daily responsibilities and additional projects as assigned

GDIT CAREERS

Opportunity Owned

Discover more at www.gdit.com/careers  

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.