Jobs · Information Technology · Maryland

NLM Security Specialist

Ripple Effect · Bethesda, MD · 2 mo ago
On-siteInformation Technology$130k–$149k/yrFull-time

Responsibilities

  • Support the implementation, monitoring, and ongoing maintenance of information system security controls, including day-to-day security monitoring (vulnerability scanning, log review, and event analysis) and incident response activities such as evidence collection, documentation, and coordination with stakeholders, under senior direction.
  • Support continuous monitoring (ISCM) activities to assess the effectiveness of security controls, assist with risk assessments and remediation planning to address vulnerabilities and findings, and track remediation actions through validation and closure in alignment with federal cybersecurity requirements.
  • Implement and maintain security controls across networked environments, including wired and wireless networks, while supporting access control, identity management, and system hardening efforts in coordination with engineering and operations teams to ensure secure configurations are maintained throughout the system lifecycle.
  • Lead or contribute to security architecture and compliance activities by integrating security requirements into system and platform designs, providing authoritative guidance on risk management strategies, control selection, and best practices, and advising project teams on aligning technical solutions with security and compliance expectations.
  • Produce clear and accurate security documentation to support audits, assessments, and ongoing operations, while collaborating with system owners, developers, engineers, and stakeholders to embed security into delivery processes and contribute to continuous process improvements that enhance security effectiveness and operational efficiency.

Requirements

  • Minimum Education & Experience: Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, Information Systems or a related field, 6 years of relevant professional experience, or a combination of education and experience that is equivalent to nine years.
  • Basic Requirements: 3 years of experience supporting information systems in a federal or regulated environment, hands-on experience with FISMA and the NST Risk Management Framework (RMF), experience supporting security control implementation/operation, continuous monitoring activities (ISCM) and incident response support, familiarity with network and system security controls including access control mechanisms for wired and wireless networks, intermediate knowledge of Microsoft Office productivity software and collaboration tools such as Microsoft Teams and SharePoint.
  • Skills That Set You Apart: Proven success reducing POA&M backlog and accelerating ATO timelines through process improvements, experience embedding security into cloud, platform, or DevSecOps pipelines early in the system lifecycle, previous experience with NIH, especially NLM.

Similar jobs