Cybersecurity Vulnerability Remediation Engineer
Apply NowCompany: Dynanet Corporation
Location: Washington, DC 20544
Description:
Location: Remote, DC
Posted: 08/06/2024
Position Overview:
The Office of the Inspector General (OIG) at the U.S. Department of Health and Human Services (HHS) is seeking a highly skilled Cybersecurity Vulnerability Remediation Engineer. The ideal candidate will focus on identifying, assessing, and remediating vulnerabilities across both cloud and on-premises systems and applications. This role is critical in ensuring the security and integrity of HHS OIG's IT infrastructure and safeguarding sensitive health and personal data.
Key Responsibilities:
Vulnerability Assessment and Management:
o Conduct regular vulnerability assessments on cloud and on-premises systems.
o Utilize industry-standard tools and techniques to identify security vulnerabilities.
o Analyze the severity and potential impact of identified vulnerabilities.
Remediation Planning and Implementation:
o Develop and implement comprehensive remediation plans to address identified vulnerabilities.
o Collaborate with system and application owners to ensure timely and effective remediation.
o Test and verify the effectiveness of remediation actions.
Incident Response:
o Assist in the investigation and resolution of security incidents related to vulnerabilities.
o Provide technical expertise during incident response activities to mitigate and contain threats.
Security Best Practices:
o Develop and promote best practices for vulnerability management and remediation.
o Provide guidance and training to internal teams on vulnerability remediation processes.
o Stay updated on the latest cybersecurity threats, vulnerabilities, and mitigation strategies.
Documentation and Reporting:
o Maintain detailed records of vulnerability assessments, remediation efforts, and outcomes.
o Generate regular reports on the status of vulnerability management and remediation activities.
o Communicate findings and recommendations to senior management and stakeholders.
Required Qualifications:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. At least 5 years of experience in cybersecurity, with a focus on vulnerability management and remediation. Strong knowledge of cloud security (AWS, Azure, Oracle) and on-premises security practices. Proficiency in using vulnerability assessment tools (e.g., Sonarqube, Crowdstrike, Splunk, etc). Experience with security information and Authority to Operate (ATO) compliance. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Relevant certifications (e.g., CISSP, CEH, CISM) are highly desirable.
Preferred Qualifications:
Master's degree in a related field. Experience working in a government or healthcare environment. Familiarity with compliance requirements such as HIPAA, FISMA, and FedRAMP. Knowledge of scripting languages (e.g., Python, PowerShell) for automation of remediation tasks.
Posted: 08/06/2024
Position Overview:
The Office of the Inspector General (OIG) at the U.S. Department of Health and Human Services (HHS) is seeking a highly skilled Cybersecurity Vulnerability Remediation Engineer. The ideal candidate will focus on identifying, assessing, and remediating vulnerabilities across both cloud and on-premises systems and applications. This role is critical in ensuring the security and integrity of HHS OIG's IT infrastructure and safeguarding sensitive health and personal data.
Key Responsibilities:
Vulnerability Assessment and Management:
o Conduct regular vulnerability assessments on cloud and on-premises systems.
o Utilize industry-standard tools and techniques to identify security vulnerabilities.
o Analyze the severity and potential impact of identified vulnerabilities.
Remediation Planning and Implementation:
o Develop and implement comprehensive remediation plans to address identified vulnerabilities.
o Collaborate with system and application owners to ensure timely and effective remediation.
o Test and verify the effectiveness of remediation actions.
Incident Response:
o Assist in the investigation and resolution of security incidents related to vulnerabilities.
o Provide technical expertise during incident response activities to mitigate and contain threats.
Security Best Practices:
o Develop and promote best practices for vulnerability management and remediation.
o Provide guidance and training to internal teams on vulnerability remediation processes.
o Stay updated on the latest cybersecurity threats, vulnerabilities, and mitigation strategies.
Documentation and Reporting:
o Maintain detailed records of vulnerability assessments, remediation efforts, and outcomes.
o Generate regular reports on the status of vulnerability management and remediation activities.
o Communicate findings and recommendations to senior management and stakeholders.
Required Qualifications:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. At least 5 years of experience in cybersecurity, with a focus on vulnerability management and remediation. Strong knowledge of cloud security (AWS, Azure, Oracle) and on-premises security practices. Proficiency in using vulnerability assessment tools (e.g., Sonarqube, Crowdstrike, Splunk, etc). Experience with security information and Authority to Operate (ATO) compliance. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Relevant certifications (e.g., CISSP, CEH, CISM) are highly desirable.
Preferred Qualifications:
Master's degree in a related field. Experience working in a government or healthcare environment. Familiarity with compliance requirements such as HIPAA, FISMA, and FedRAMP. Knowledge of scripting languages (e.g., Python, PowerShell) for automation of remediation tasks.