The Government Health and Safety Solutions Operation is seeking an Enterprise Security Administrator, contingent upon contract award, in White Oak, MD.
The Enterprise Security Administrator will be working with a team of Information Security professionals to design install, administer and monitor a diverse suite of security tools for the FDA datacenter. The Security manager must identify risks, with associated mitigation plans provide a plan for growth of the architecture for future upgrades, and collaborate with peers and other key staff and customers to ensure a reliable and robust Security architecture is established and maintained. The successful candidate will have related Security certifications (CSISSP) and a minimum of 10 years of related contract experience defining, trouble shooting and managing comparable environments.
The Datacenter Contract supports the Food and Drug Administration (FDA) organizations to provide critical work to safeguard the foods, drugs, devices, biologics, and veterinary products that the Agency regulates. The datacenter supports systems that continue to evolve to meet emerging business needs and to support new mandates and initiatives. It is important to respond to customer needs and issues. The Enterprise Security Administrator position is a highly visible position to ensure the Security/Cyber architecture is sized and structured to provide high availability to meet the service level security agreements for the FDA customer. The person in this position will work directly with the FDA senior leadership team and the Leidos Health Systems program leadership team to ensure success of all aspects of the program including vendor recommendations and solutions, cloud architectures, and other Security support responsibilities in a large scale datacenter environment.
This position is contingent upon contract award.
Specific roles & responsibilities for the Enterprise Security Administrator position include but not limited to the following:
- Design, develop, engineer, implement and tune solutions to MLS requirements. Perform complex risk analyses which also include risk assessment. Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Support customers at the highest levels in the development and implementation of doctrine and policies. Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Perform analysis, design, and development of security features for system architectures.
- Management of a 24x7x365 System Management Center (SMC) which includes the central command center for the network, security, and performance monitoring; triaging, troubleshooting, and the escalation of all identified or reported service interruptions, security incidents, and performance issues.
- Work alongside the program manager and other datacenter management to determine the technical goals of the program and works with program stakeholders to refine those goals into executable objectives.
- Devise plans and drives execution of each phase of the program objectives and innovation projects.
- Perform quality control checks, ensuring the effectiveness and reliability of the Network & Security systems, tools, and products.
- Evaluate the engineering costs to identify efficiencies and improved ways of delivering service to the customer.
- Negotiate with stakeholders (Vendors, Customer, etc.) to generate ideas and clarify specifications.
- Delegate tasks as necessary to engineering team and maintains accountability for results.
- Build strong professional working relationships with stakeholders to resolves disputes, define technical solutions, and drive positive change within the program.
- The ideal candidate may have multiple people supporting them but will be required to work with external stakeholders to achieve program objectives. This would include the issues, risks, dependencies, and making sure action plans are documented and executed accordingly.
- Be responsible for working with the customer and external stakeholders (industry leaders, vendors, etc.) to accomplish program goals in which we are dependent on them completing tasks.
- This position requires strong written and verbal communication skills, with ability to effectively brief FDA government customers.
- Performs technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyzes for total systems across the FDA network supporting security initiatives and ensuring a critical response team is available for immediate responses to address possible security threats and/or breaches.
- Assist in the planning and performing of analytical research, design development, and other assignments in conformance with design, engineering and customer specifications.
- Must be a self-starter, strong leader, and have the ability to work independently with no supervision.
- Some travel ( Minimum Qualifications
- CCNA, CISSP, and Security + Certifications that are current
- Active Secret level clearance or ability to obtain within first 3 months of start of contract
- Demonstrated hands-on experience with the following tools (or equivalents); Splunk, Solarwinds, Nessus, McAfee, Palo Alto Next Generation FW, CheckPoint Firewall.
- Experience with monitoring IT infrastructure and associated enterprise services.
- Experience tuning and configuring monitoring tools to maintain proper thresholds, notification of service interruptions, analysis and planning, root cause analysis, and communication escalation
- Experience with vulnerability scanning, configuration compliance, patch compliance and associated reporting to proactively identify security vulnerabilities that can be mitigated with OS and COTS patching.
- Experience supporting incident management, problem management, and integrating new technologies into these processes.
- Experience, implementation of client and server anti-virus software to ensure a pro-active approach to reducing spam, phishing attempts and other external sources of malware that may threaten FDA data or application availability.
- Working knowledge of System Network & Security Monitoring tools for management of high availability systems.
- Familiarity with Cloud Computing, and Compute/Storage technologies (virtualization).
- EDUCATION & EXPERIENCE: Requires a BA/BS or equivalent experience and 12+ years of prior relevant experience or Masters with 10+ years or prior relevant experience. Generally has 7+ years of experience supervising or leading teams or projects.
- FDA customer experience and knowledge of their organizational structure
- Demonstrated Cloud deployment models and related experience (Private/Public/Hybrid cloud)
Ability to obtain a Public Trust Clearance
Candidate must be able to work full time onsite