The Civil Health Operation is seeking an Infrastructure Security Team Lead, contingent upon contract award, in Rockville, MD Lead the Infrastructure Security team to ensure the security, integrity, and availability of the agency's information assets through the rigorous application of information security/information assurance policies, principles, and practices in the delivery of IT services and the rapid and effective response to security incidents. The Contractor shall work collaboratively with the ISSO and other government staff and contractors to establish effective and efficient infrastructure security programs, policies, procedures, and tools that ensure the confidentiality, integrity, and availability of systems, networks and data.
Responsibilities: Provide efficient and effective Infrastructure Security Operations Support of all supported infrastructure security components to ensure the confidentiality, integrity, and availability of the agnecy's systems, networks and data. Provide timely and effective maintenance and repair support on all supported infrastructure security components necessary to ensure the confidentiality, integrity, and availability of systems, networks and data. Provide efficient security monitoring of all supported infrastructure security components to include but not limited to firewalls and intrusion detection systems, issuing timely and accurate notification of security incidents to ISSO and management. In collaboration with the government, develop and implement processes and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data to include assisting in development of systems security contingency plans and disaster recovery procedures. Assist in conducting risk assessments of systems, applications and networks to identify, analyze and respond to identified vulnerabilities, associated threats and risks, to include timely implementation of security safeguards, security configurations and policies as directed by the ISSO and management. Participate in review of system security controls during the System Development Life Cycle process and OCIO Project Review meetings. In collaboration with ISSO and other stakeholders, support incident management and response through security monitoring of systems, applications and networks to identify, manage and remediate security events and incidents, and provide timely reports to ISSO and management. Ensure effective change control and configuration management of all supported infrastructure security-related components to establish and maintain consistency of their performance and functional and physical attributes. Ensure all infrastructure security-related data and documentation is added to and maintained current within the agency's Knowledge Database and Document Library to provide efficient access to a complete and current source of operationally relevant structured and unstructured data to facilitate the gathering, analysis, and preservation of evidence used in investigation of security incidents. Provide after-hours monitoring and timely problem resolution commensurate with the mission criticality of the affected system(s).
Qualifications: Bachelors degree or equivalent and 8+ years of deep technical experience managing security solutions. Professional certs preferred.
Requires US Citizen or US Person (Green Card Holder) with the ability to obtain a Public Trust Clearance.