IT

Senior Security Engineer

Centurion Consulting Group

Senior Security Engineer Bethesda, MD

We are hiring a Lead Security Engineer is responsible for supporting the IT Security tools, Vulnerability management, malware response, and compliance related activities of NHGRI. They will ensure our security tools are working as intended, assist Endpoint and Systems engineers with securing NHGRI systems, and provide security guidance to users and other IT staff. The Team’s mission: The mission of the National Human Genome Research Institute’s Information Systems Security Officer and their team is to make information security cultural and programmatic within the institute to enable NHGRI to succeed in its research mission.

Responsibilities:

• Act as point of escalation and provide guidance for security engineering team

• Work with NHGRI ISSO and NHGRI Security team to remediate server and workstation vulnerabilities

• Work with NHGRI ISSO and NIH IRT for security incidents by ensuring machine remediation and by reporting information as required back to the IRT

• Assist operations engineering staff with security system administration tasks

• Constantly evaluate processes and procedures being implemented at NIH and NHGRI, providing recommendations to improve IT security while balancing end user functionality.

• Implement security best practices across the NHGRI IT environment.

• Design, update, and modify security documentation.

• Manage response and remediation activities for penetration tests

Required Skills and Expertise

• Excellent written and oral communication skills with a strong focus on customer service

• Ability to collaborate with other teams to improve security across an enterprise

• Bachelor’s degree or equivalent training and/or relevant IT work experience

• Experience troubleshooting Antivirus and other security tools

• Strong experience with Tenable

• Strong experience with Linux, Windows, and macOS

• Strong understanding of vulnerability management

• Experience configuring and managing Splunk servers, data ingestion, and reporting

Preferred Skills and Expertise

• Functional knowledge of scripting in Unix/Windows environment: Bash, Perl, Python, VBScript.

• Strong understanding of network and server security methods and implementation

• Strong understanding of vulnerability management for Windows, Mac, and Linux systems

• Strong troubleshooting abilities on Windows, Mac, and Linux

• Experience with SCCM, JAMF, and SaltStack

• Experience with Windows, Mac, and Linux CIS baselines

• Experience with AWS, GCP, and Azure clouds

• Experience with Tenable Security Center

• Experience with SSL certificate management and issuance

• Experience with Federal PKI

• Experience with GitHub

• Experience with ServiceNow

• Experience with Synack

• Experience with Vulnerability disclosure programs

• Experience with Symantec Data loss prevention

• Experience with Absolute

• Experience with Enterprise risk management

• Experience vetting software for enterprise use

• NIH Experience

• Experience securing a research environment

• CompTIA Security+ or other relevant certifications

Position Details:

Clearance: Ability to Obtain a Public Trust

US Citizenship or Authorization to work in US required

Travel: < 10% (CONUS)

Centurion Consulting Group, LLC is an Equal Opportunity Employer EOE M/F/D/V

No third parties or subcontractors

Tagged as: Senior Security Engineer