The qualified applicant will provide IT Security engineering support to various international and domestic information systems and serve as an IT Security consultant and advisor to system stakeholders on matters related to regulatory compliance, security controls, threats and vulnerabilities.
* Support the assessment of various international information systems (surveillance, EMR, LIMS) from a security engineering perspective.
* Support the development of system modernizations plans for surveillance, EMR, and LIMS information systems in an international setting.
* Apply knowledge from US Federal cybersecurity and privacy regulations, policies, laws, and requirements towards information security and protection best practices for international systems assessment, design, and development.
* Tailor information security engineering techniques, methods, and practices for international systems based on local country regulations and policies.
* Work extensively with multiple senior-level stakeholders (system owners, mission leads, IT Governance, and the Information Systems Security Officer (ISSO)) in the conduct of system compliance and protection activities for international projects.
Required Skills & Experience
* Bachelor's degree in Computer Science or Information Systems Management
* 10 years of experience with IT architecture - computer operating systems and networks, component architectures, application development, and/or data management processes and technologies
o the successful candidate must understand the fundamental technical components, processes, and interactions of enterprise-level information systems in both on-prem and cloud environments
* 10 or more years of experience with providing system security engineering
* Experience consulting directly with the federal government
* Understanding and experience with NIST RMF / Cybersecurity Maturity Model Certification (CMMC) control compliance
* Demonstrated experience providing security support for application systems (not just networking and infrastructure) in both on-prem and cloud environments
* One or more industry certifications including CISSP, CAP, SANS GIAC Certifications, IAT or IAM Level I-III, or NSA's IAM/IEM