Maryland Green Jobs

JOB DESCRIPTION SUMMARY:

Under limited supervision, the Cyber Security Engineer is primarily responsible for the enterprise IT security and threat mitigation framework, ensuring the safety of Information System assets. These responsibilities include: the engineering, implementation and monitoring of security measures for the protection of IT assets, networks and electronic protected data; the design, implementation and management of enterprise security architecture; the documentation of all relevant standard operating procedures and policies; the proper operation of all proactive threat mitigation measures; the remediation of identified vulnerabilities or security events; security incident response and root cause analysis with forensic documentation; security education and training; maintains current knowledge of relevant technology and industry best practice; participates in special projects and other duties as assigned

Education

Bachelor's degree or current mid-level IT security / cybersecurity certification. Associate's degree or mid-level IT security / cybersecurity certification plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position

Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Healthcare IT, Information Assurance, Information Security, and Information Systems)

Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering

Experience

2-5 years as a system security engineer or building and maintaining comprehensive IT security systems preferred. 2-5 years as an IT professional (Healthcare preferred) required

Knowledge, Skills and Abilities

• Requires familiarity with domain structures, user authentication, and digital signatures

• Requires understanding of FISMA policies and procedures, including FIPS 199, FIPS 200, NIST HIPAA, -and other applicable policies

• Demonstrated ability to work independently or under only general direction

• Demonstrate effective written and oral communication skills

• Experience with EPIC EMR

• Familiar with Vulnerability Management Process

• Familiar with Security Monitoring & Event Management

• Familiar with Infrastructure patching management process

• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

• Knowledge of network tools (e.g., ping, traceroute, nslookup)

• Knowledge of encryption methodologies

Licensures, Certifications

• Preference for certifications for EMR security, network security, cybersecurity or digital forensics from EC-Council, CompTIA, SANS

• Industry cyber tool certifications considered if relevant to GBMC

Physical Requirements

• Ability to concentrate and pay close attention to detail

• Ability to sit for long periods

Working Conditions

• Working conditions are that of a normal office environment with little exposure to noise, dust, and unfavorable temperatures. Includes on-call responsibility for Systems support

Conditions of Employment