Infrastructure Security Administrator ( R-00053748 )
The Government Health and Safety Solutions Operation has a need for an Infrastructure Security Administrator to support a large healthcare contract in Baltimore.
This position is for an Infrastructure Security Administrator working with a team of Information Security professionals supporting the Centers for Medicare and Medicaid Services (CMS). This team is responsible for the installation, administration, and monitoring of a diverse suite of security tools within multiple datacenters, as well as incident response, investigations, disaster recovery, and audit support.
The Security Administrator must work with different support teams, business process teams and program management teams to analyze customer's objectives, needs, and general business environment to solve technical problems.
The position requires an individual with a record of success as a team member and motivator. Candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. Ability to adhere to the highest standards of ethics and professional conduct are an absolute must.
The current work environment is on-site at Leidos in Windsor Mill / Woodlawn, Maryland (currently remote due to COVID-19 restrictions) with potential for on-site work at CMS (in the same location). Telecommute opportunities are currently being evaluated and may become available based upon teams supported, work hours, and work performance.
A successful candidate will:
- Work in collaboration with CMS and their System Integrators to help implement and support various security tools across geographically dispersed enterprise datacenters.
- Facilitate cross functional work groups across the organization to provide design/architectural reviews
- Assist in the design and develop information security systems spanning IT operations, administration, monitoring and management, networks, infrastructures and datacenters.
- Oversee the planning and execution of technology operational changes, support enhancements, decommissions and maintenance to meet contractual needs
- Consult with appropriate management staff to clarify system and program requirements
- Provide technical design and engineering support, including documenting and diagramming the logical, physical, and process views to capture appropriate security controls and safeguards
- Follow engineering lifecycle process for all projects from inception to implementation and operational handoff.
- Recommend processes, services, software, hardware, and other tools to support business objectives pertinent to infrastructure technologies
- Provide security engineering oversight and champion industry best practices
- Provide hands-on technical and engineering support regarding the design, connectivity, and configuration of network infrastructure and unified communication infrastructure and operations
- Provide day-to-day support for initiatives by participating in reviews of significant technical design deliverables and supporting post-release problem management efforts in conjunction with other engineering leads
- Provide problem identification, escalation and resolution of system performance, hardware, software application, and security issues
- Possess experience in an IP-based enterprise network environment as a security engineer, analyst, and/or technical specialist with WAN/LAN systems engineering, configuration, analysis, implementation, and troubleshooting skills.
- Experience evaluating security tools, technologies, and process to best fit with existing practices. Develop and implement security monitoring and management technologies, procedures
- Strong familiarity in the Design and Engineering of secure environments and NIST SP800-53
The candidate must be a self-starter, a disciplined worker and have a professional reputation for integrity. The ability to adhere to the highest standards of ethics and professional conduct are an absolute must. The position requires an individual with a record of success as a team member and motivator.
BS degree and 4 – 8 years of prior relevant experience. Experience may be substituted in lieu of degree.
- Experience designing and implementing secure environments with a background designing, deploying, and maintaining various security solutions in large distributed environments.
- Experience supporting/troubleshooting security solutions that support large-scale data centers, infrastructures and networks
- Confidence and professionalism with the ability to present both technical and business concepts to professionals of any level
- Experience with configuration management systems and ability to strictly adhere to change management processes and procedures
- Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority
- Strong organizational skills and ability to multitask
- Experience concurrently supporting Operations and Ongoing IT projects
- Process/Procedure/SOP development
- Extensive experience with Incident Response procedure development, tabletop exercises, and ultimate execution of IR plan in the event of a breach
- Experience with Data Loss Prevention (DLP) product implementation and methodologies. Preferably Digital Guardian DLP specific professional work experience
- SIEM (preferably Splunk) professional work experience
- Experience with Endpoint Management tools such as BigFix, SCCM, WSUS, etc.
- Experience with scripting such as cmd shell, powershell, python, etc.
- Proven ability to troubleshoot complex security issues related to hardware, L3/L2 deployment, application behaviors and TCP stack
- Experience with system automation, specifically related to security controls verification and reporting
- Experience with infrastructure and server operations; application infrastructure and standards; networking fundamentals; Virtualization Technologies (e.g. VMware, HyperV, KVM) and LAN/WAN/Firewall/VPN/Proxy network technologies
- Understanding of COTS integration and Software Development Methodologies
- Hands on experience with ServiceNow CMDB and System of Record system
CISSP or other security related certification
All candidates supporting the CMS programs must have lived in the United States at least three (3) out of the last five (5) years prior in order to be considered.External Referral Bonus:EligiblePotential for Telework:Yes, 50%Clearance Level Required:NoneTravel:Yes, 10% of the timeScheduled Weekly Hours:40Shift:DayRequisition Category:ProfessionalJob Family:Cyber OperationsPay Range: