The Security/Systems Engineer provides support to the Indian Health Services (IHS) and for the Resource and Patient Management System (RPMS). This position works directly with the IHS Point of Contact (POC) to identify areas of concern and annual testing processing and results related to the security of computer systems. This position performs systems security assessments, penetration tests, incident analysis and response, as well as provides resulting reports and out-brief requirements.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Essential duties and responsibilities include the following. Other duties may be assigned.
Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge / quality of work, supporting financial goals of the company, initiative / motivation, cooperation / relationships, problem analysis / discretion, accomplishing goals through organization, positive oral / written communication skills, leadership abilities, commitment to Affirmative Action, reliability / dependability, flexibility and ownership / accountability of actions taken.
Analyzes and defines security requirements for Multilevel Security (MLS) issues.
Designs, develops, engineers, and implements solutions to MLS requirements.
Responsible for implementation and development of the MLS plans and processes.
Gathers and organizes technical information about the organization’s mission, goals and needs, existing security products, and ongoing programs related to MLS.
Performs risk analyses which includes risk assessment, mitigation and contingency planning.
Develops and maintains information security policies, procedures and control techniques in accordance with the Federal Information Security Management Act (FISMA).
Conducts Critical Infrastructure Protection (CIP) and Continuity of Operations Planning (COOP) coordination.
Reviews, analyzes, and makes recommendations for compliance and education (i.e., training, privacy, contract language, contract oversight) policies, procedures and controls, based on review and analysis of FISMA, Health and Human Services (HHS), Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), and other guidance.
Responsible for aiding in own self-development by being available and receptive to all training made available by the company.
Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.
Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and coworkers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions to the best of own ability.
EDUCATION / EXPERIENCE
Bachelor’s degree in Computer Science or related field, and a minimum of seven (7) years relevant experience; or equivalent combination of education / experience. Previous experience related to enterprise network security technologies such as encryption, VPN, firewalls, access control, IDS/IPS, etc., preferred.
CERTIFICATES / LICENSES / REGISTRATION
Possess or has the ability to obtain a Public Trust Clearance
JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES
Knowledge and understanding of the importance of testing during all phases of the software development process
Working knowledge and understanding of enterprise network security technologies (i.e., encryption, VPN, firewalls, access control, IDS/IPS, etc.)
Skilled in applying engineering concepts and principles to identify, analyze and solve problems
Advanced analytical and problem-solving skills with ability to develop and follow through on creative solutions for software design and development tasks
Effective verbal and written communications skills with ability to organize, document, present and explain information
Ability to escalate issues in a timely manner
Ability to apply logic and reasoning to goals and assumptions
Ability to coordinate efforts with others for the timely completion of projects and deliverables
Ability to work well both individually and in a team environment
Ability to be self-motivated and to deliver quality products with limited direction and guidance
Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public.
Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry. Ability to apply concepts such as fraction, percentages, ratios, and proportions to practical situations.
Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
Intrusion Detection And Prevention
Public Key Infrastructure