IT Security Specialist Sr.
Bethesda, MD

Job Description

Job Description

Description

SAIC is seeking qualified candidates to support National Library of Medicine (NLM) Office of Computer and Communications Systems (OCCS) for IT technical support services, systems engineering and architecture, application development, and facilities management.

The IT Security Specialist identifies requirements for IT security products and services, develops plans and schedules, estimates resource needs, defines milestones and deliverables, evaluates and coordinates their purchase and delivery. Provides architectural design and coordinates the implementation of security products to integrate into existing network environment. Identifies significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks. Develops strategies for responding to future security challenges.

Identifies requirements, reviews established policies, writes policy guidance and standards, and presents them to management for endorsement. Establish technical or procedural enforcements for pertinent policies within the organization. Facilitate organizational-wide communications and institutes measures to ensure information security awareness and compliance.

Reviews proposed new systems, networks, and software designs for potential security risks, and resolves integration security issues across disciplines. Defines the scope and level of detail for applicable security plans and policies.

Implements and interprets the requirements of policy directives such as HSPD-7 (Homeland Security Presidential Directive 7). Develops the project plan for the implementation, identifies major milestones and activities, coordinates development and implementation of HHS and NIH policies and guidelines required for infrastructure protection, and tools for monitoring program effectiveness.

Establishes requirements and makes recommendations on the appropriate infrastructure protection tools, methods, and technologies. Demonstrates effectiveness of the program for implementation on an organization-wide basis.

Additionally, the Sr./Lead IT Security Specialist is a key member of the NLM Incident Response Team) and may be called upon to represent the National Library of Medicine (NLM) in the investigation of serious information systems security violations that potentially affect the integrity of NLM's infrastructure. This may include: Coordination of internal investigations with the NLM Incident Response Team, HHS Computer Security Incident Response Center, Office of the Inspector General (OIG), criminal investigation, and law enforcement organizations. Recommends action for containment and remediation based on findings, and following up to ensure the implementation of corrective actions. May be asked to serve as an expert witness at trials and hearings.

Qualifications

REQUIRED:

A Bachelor's degree, preferably in a related technical field. A minimum of 5 years' experience as a UNIX or Windows system administrator, and an additional 7 years' experience as a system security administrator in a heterogeneous system/network environment similar to that described in the SOW. An additional five (5) years of full-time technical related broad experience can be substituted for the degree.

Certifications: Current CISSP certification.

Security Clearance: Ability to obtain Level 4 Secret (ANACI) clearance

* Strong TCP/IP network experience with in-depth knowledge of key network protocols, routing, VLAN, switching, and the ability to utilize packet sniffers and read packet traces.
* Experience using SCAP-compliant vulnerability management systems, intrusion detection systems and responding to network/computer intrusions and supporting inquiries.
* Mastery of information systems security principles, concepts, and methods, and knowledge of the total infrastructure protection environment to integrate information systems security with other security disciplines.
* Thorough knowledge of the infrastructure protection environment, enterprise IT architecture, interrelationships of multiple IT disciplines, and Federal IT security hierarchy to implement higher-level security requirements such as OMB Memos and Presidential Directives.
* Knowledge of the Federal information systems security community and hierarchy to ensure coordination of and/or collaboration on security activities.
* Knowledge of systems security control assessment (SCA) requirements and processes to certify systems or acquire network authorization as well as Authorization to Operate (ATO).
* Project management skills: To develop plans and projects for information security systems that anticipate, identify, eliminate, and prevent information system vulnerabilities; to develop a security incident response policy; and, to lead the implementation of an intrusion detection and prevention program designed to anticipate and eliminate system vulnerabilities.

Overview

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability