Primary Duties and Responsibilities to include, but not limited to:

Perform routine and preventative maintenance such as general computer tasks, application loads, disk utilization, system loading and system monitoring, applying operating system patches, Antivirus updates. Have a proven record and ample work experience as a system security engineer or information security engineer.

Provide recommendations to mitigate threats and vulnerabilities on both Windows and Linux Operating systems.

Detect, isolate, document, rapidly report, and resolve system outages or problems encountered during operations of the scientific workstations, which includes the collections of diagnostic data, restoring the system operation, development of workarounds, and other activities necessary for recovery of a system.

Respond to POA&M and other requests to mediate identified security risks. Perform risk analyses which also include risk assessment.

Accurately document problems in logging and discrepancy reporting tools.

Ensure compliance with FDA standards and security policies and ensure systems and architectures are in compliance to obtain and maintain Authority to Operate (ATO) status.

Experience with network security, networking technologies and network monitoring tools

Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information

Identify and define system security requirements

Designing computer security architecture and develop detailed cyber security protection strategies.

Engineer, implement and monitor security measures for the protection of computer systems, networks and information.

Identify, define and be able to implement system security requirements when authorized.

Prepare and document Standard Operating Procedures and security protocols as required.

Develop technical solutions and recommend new security tools to help mitigate security vulnerabilities.

Ensure that the government leadership knows as much as possible, as quickly as possible about security incidents.

Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

Possess in-depth technical knowledge and understanding of networks and operating system security

Thorough understanding of the latest security principles, techniques, and protocols

Problem solving skills and ability to work under pressure caused by changing requirements and deadlines.

Stay abreast of latest discoveries of developments and publications from reliable sources of the Security community such as: CERT/CC, US-CERT, RSS feeds, Secunia

Be able to effectively communicate, present and discuss new developments in the field of Information security with the client and colleagues.

Additional duties as assigned.

This position does require the individual to obtain an FDA public trust clearance in order to start, but we will process for the right individual.

Typical Duties and Responsibilities:
BS/MS degree in Computer Science or related field

10 Years’ experience in IT Security implementation and monitoring. General knowledge of scientific processes, management structures, and technology programs/platforms.

Experience/knowledge of Federal Certification and Accreditation process

IDS/IPS, penetration and vulnerability testing

Firewall and intrusion detection/prevention protocols

Working knowledge in Windows, UNIX, Linux operating systems & Virtualization technologies

Identity and access management (IdaM) principles

Experience in FISMA/NIST 800-53 and specifically FIPS-199 and FIPS-200 standards, applied work knowledge in civilian agency Authority To Operate (ATO) work

Proven experience in data center encryption technologies, security standards and best practices, especially as by following guidance within the Federal Government.

Proven experience in data security best practices as to meet FISMA Data Classification requirements

Proven experience in network security design and engineering work for civilian agencies

Experience in designing security standards for DMZ networks in civilian agencies (desired experience in Science DMZ like networks)

Network design knowledge and experience in implementing cloud security for government agencies and FEDRAMP processes

DISA STIGs application experience

Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing method s

Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc. )

Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authenticatio n

GSEC / GCIH / GCIA: GIAC Security Certifications or CompTIA Security+ and CEH: Certified Ethical Hacker

Required Qualifications:
Previous Experience with FDA

Research and/or laboratory domain experience

CCNP Security: Cisco Certified Network Professional Security

CISSP: Certified Information Systems Security Professional