Tiag
TIAG is now hiring an
Information Systems Security Engineer (ISSE)
to join our team at the National Institute of Health (NIH). In this program TIAG is looking for an ISSE to lead cybersecurity compliance efforts and security control implementation across all Facility Operational Technology systems (FOTS). An active
Secret
clearance is required to start work.
This position is based in Bethesda, MD and is primarily on-site requiring an active DoD Secret clearance to be considered.
Duties & Responsibilities
Design, develop, engineer, and implement solutions to NIH customer requirements Guide effort to gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs Conduct security assessments and vulnerability analysis and Implement NIST SP 800-53 Rev 5 security controls for OT environments Develop and maintain Security Plans and ATO packages and manage associated POA&M development and tracking Develop security standards for OT systems Design security hardening procedures for OT systems Coordinate with Security Control Assessors (SCA-V) Support incident response and forensic analysis Ensure compliance with NIST SP 800-82r3 OT security guidance Responsible for building, maintaining, and patching all security servers. Assist with remediation/mitigation or make recommendations based on vulnerability findings from ACAS, STIGs, SIEM, and OT discovery tools. Knowledge of building, deploying, and patching virtual servers. STIG'ing Windows OS, McAfee policies to comply with benchmarks (Not reviewing or confirming), STIG'ing other servers. Ability to Run SCAP scans on Windows servers. Assist with selecting RMF Security Controls. Draft technical boundary and architecture diagrams. Required Experience
Bachelor of Science (B.S.) in Information Technology, Cybersecurity, Engineering or similar Cyber analyst experience should include supporting the development, review, and approval of RMF packages for software systems and enclaves Experience with the DISA published Security Technical Information Guidance (STIG) requirements and compliance processes, SCAP Content Checker, Security Readiness Review (SRRs), and other DoD approved tools like eMASSter or Vulnerator 8+ years systems engineering and cybersecurity experience Extensive experience with NIST RMF process and ATO development Experience with OT/ICS security assessments Knowledge of SCADA and building automation security Active DoD Secret clearance required Security+; compliance with DoD 8570 IAT Level III (ex. CISSP) Ability to manage time well to meet assigned milestones Strong communication skills; motivated to investigate, analyze, and document system issues and resolutions; provides consistent status updates to ensure IT/OT security projects stay focused Strong work ethic and a proven professional - respectful, dependable, takes initiative and follows through
TIAG is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. TIAG's policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified minorities, women, individuals with disabilities, and protected veterans.
Pay Range:
$100,000 - $125,000 per year
Information Systems Security Engineer (ISSE)
to join our team at the National Institute of Health (NIH). In this program TIAG is looking for an ISSE to lead cybersecurity compliance efforts and security control implementation across all Facility Operational Technology systems (FOTS). An active
Secret
clearance is required to start work.
This position is based in Bethesda, MD and is primarily on-site requiring an active DoD Secret clearance to be considered.
Duties & Responsibilities
Design, develop, engineer, and implement solutions to NIH customer requirements Guide effort to gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs Conduct security assessments and vulnerability analysis and Implement NIST SP 800-53 Rev 5 security controls for OT environments Develop and maintain Security Plans and ATO packages and manage associated POA&M development and tracking Develop security standards for OT systems Design security hardening procedures for OT systems Coordinate with Security Control Assessors (SCA-V) Support incident response and forensic analysis Ensure compliance with NIST SP 800-82r3 OT security guidance Responsible for building, maintaining, and patching all security servers. Assist with remediation/mitigation or make recommendations based on vulnerability findings from ACAS, STIGs, SIEM, and OT discovery tools. Knowledge of building, deploying, and patching virtual servers. STIG'ing Windows OS, McAfee policies to comply with benchmarks (Not reviewing or confirming), STIG'ing other servers. Ability to Run SCAP scans on Windows servers. Assist with selecting RMF Security Controls. Draft technical boundary and architecture diagrams. Required Experience
Bachelor of Science (B.S.) in Information Technology, Cybersecurity, Engineering or similar Cyber analyst experience should include supporting the development, review, and approval of RMF packages for software systems and enclaves Experience with the DISA published Security Technical Information Guidance (STIG) requirements and compliance processes, SCAP Content Checker, Security Readiness Review (SRRs), and other DoD approved tools like eMASSter or Vulnerator 8+ years systems engineering and cybersecurity experience Extensive experience with NIST RMF process and ATO development Experience with OT/ICS security assessments Knowledge of SCADA and building automation security Active DoD Secret clearance required Security+; compliance with DoD 8570 IAT Level III (ex. CISSP) Ability to manage time well to meet assigned milestones Strong communication skills; motivated to investigate, analyze, and document system issues and resolutions; provides consistent status updates to ensure IT/OT security projects stay focused Strong work ethic and a proven professional - respectful, dependable, takes initiative and follows through
TIAG is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. TIAG's policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified minorities, women, individuals with disabilities, and protected veterans.
Pay Range:
$100,000 - $125,000 per year