Computer Security System Specialist (Remote) - NIH NIAID NEAT

ECS is seeking an experienced Computer Security System Specialist to provide remote cybersecurity support for the NIH NIAID Enabling and Advancing Technologies (NEAT) program. This role is crucial for facilitating the implementation and operation of network and cybersecurity infrastructure, supporting current and future technologies, and responding to evolving business strategies, policies, and regulatory changes within the NIAID and NIH environment. The specialist will offer professional support services, technical leadership, and ensure efficient and effective service and project delivery.

Note: This position is contingent upon contract win.

About the Role

The NIAID NEAT Computer Security System Specialist will be responsible for cybersecurity incident resolution, monitoring NIAID systems for potential threats, and providing project management and engineering support to enhance and automate security operation tools and processes.

Key Responsibilities

• Design, develop, engineer, and implement solutions to Multi-Level Security (MLS) requirements.
• Perform complex risk analyses, including risk assessments.
• Establish and satisfy information assurance and security requirements based on user, policy, regulatory, and resource demands.
• Support high-level customers in the development and implementation of doctrine and policies.
• Apply expertise to common government and commercial user systems, as well as dedicated special-purpose systems requiring specialized security features and procedures.
• Perform analysis, design, and development of security features for system architectures.

Qualifications

• Minimum of 5 years of cybersecurity experience supporting Health IT software development initiatives.
• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Active Public Trust or higher security clearance.
• Proven ability to understand threats, evaluate the impact of potential incidents, and recommend risk reduction techniques, informed by knowledge of different operational threat environments, general attack stages, incident categories, cyber defense tool data collection, and incident resolution playbooks.
• Demonstrated expertise in analyzing and presenting clear, concise risk reports, dashboards, and visualizations to federal risk executives, system operators, and stakeholders.
• Knowledge of and experience overseeing the administration and configuration of workstation and infrastructure security tools, including but not limited to: Anti-malware/Anti-virus software, Data Loss Prevention software, Endpoint Detection and Response (EDR), vulnerability assessment tools, asset discovery and management software, SIEM, and Cloud Access Security Broker (CASB).
• Experience establishing and enhancing security operations capabilities and proactively identifying potential risks, coordinating with multi-contractor teams and across agency groups.
• Experience in setting up, administering, and enhancing cybersecurity tools and security operations processes to reduce false positive alerts, proactively identify configurations leading to potential incidents, and automate incident resolution playbooks.
• Knowledge of various operational threat environments (e.g., script kiddies, non-nation state sponsored, nation state sponsored); general attack stages (e.g., footprinting, enumeration, gaining access, privilege escalation, network exploitation, covering tracks); incident categories, responses, and timelines; and penetration testing techniques and tools.
• Competency in verbal communication, technical written communication, and analytical skills.
• Must reside within the Washington DC Metro area.
• Willingness to travel within the Washington DC Metro Area and CONUS as needed.