Sr Cybersecurity Engineer – CDM

Responsibilities

As a Senior Cybersecurity Engineer for the CMS Cyber Risk Management (CRM) Program at Noblis you will be part of our Health Solutions team.  You will be responsible for services and support encompassing the Continuous Diagnostics and Monitoring (CDM) toolset and ensuring that resulting data is effectively integrated, utilized, optimized, and leveraged for risk visibility, and to aid in improved response readiness.

CMS seeks to strengthen and modernize the Nation's health care system and provide access to high quality patient-centered care and improved health at lower costs. In delivering this mission, CMS is responsible for collecting, generating, storing, and therefore protecting large volumes of personal, financial, healthcare, and other sensitive information.  The CMS Cybersecurity Risk Management (CRM) Program aligns the processes, data, technologies, capabilities, and services to effectively manage risk across the enterprise. This program enables a shift to data-driven risk management, enabling prioritized investments in cybersecurity by focusing efforts where they will reduce the most risk.

Working in concert with cybersecurity leaders and experts, you will address challenges related to CDM tool architecture and how this monitoring data can best be used to support risk visibility.

Role functions may include:

• Operationalize and maintain the Continuous Diagnostics and Mitigation (CDM) policies, plans, strategies, handbooks, catalogs and guides.
• Lead the development, engineering, and implementation of the CDM architecture.
• Drive the expansion and improvement of the CDM program to focus on providing capabilities to enable contextualization and enrichment of metrics supporting risk-based decisions.
• Conduct analyses to identify areas in current CDM coverage with missing or incomplete data. Engage with stakeholders to implement CDM solutions to close the gaps in CDM coverage.
• Coordinate with technical points of contact regarding resolution of critical and high vulnerabilities to ensure that remediation efforts are prioritized according to remediation timeline requirements
• Provide CDM technical collaboration with external DHS and HHS entities

Location: Remote or Baltimore MD

Required Qualifications

• Minimum of a Bachelor's degree or equivalent experience (Science, Technology, Engineering or Mathematics)
• At least 8 years experience in the cyber security industry, including specific experience with governance, compliance, and risk management
• Experience with leading security solution development/engineering or hands-on implementation of security solutions
• Knowledge of practical risk trade-offs in cyber security systems design and implementation
• Knowledge of Federal security standards, including NIST SP 800-53 and NIST SP-800-37
• Ability to develop security guidelines based on best practices and industry standards
• Experience with vulnerability assessments and scanning across networks, servers, websites, and databases
• Experience with cloud security solutions and monitoring within the AWS and Azure environments, including knowledge of AWS compliance tools
• Ability to thrive in an ever changing, technology-based consulting environment
• Ability to translate technical requirements into business solutions including experience analyzing current state quantitative and qualitative data, summarizing findings, developing conclusions, and making strategic recommendations
• Demonstrated leadership experience and ability to adapt, with willingness to readily take ownership of tasks and problems, which often extend beyond initial scope of responsibility

Desired Qualifications

• Security-related certification such as CISM, CISSP, or similar
• Prior experience with Tenable and ForeScout tools

Overview

Noblis and our wholly owned subsidiaries, Noblis ESI, and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us

Why work at a Noblis company?

Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace.

Minimum Salary

Maximum Salary

Salary Range Explanation

At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits page on our Careers site.

Salary at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, and clearance level, as well as contract-specific affordability and organizational requirements and applicable employment laws. The projected compensation range for this position is provided within the posting and are based on full time status. Part time staff receive a prorated salary based on regularly scheduled hours. The estimated minimum and maximum displayed represents the broadest range for this position (inclusive of high geographic and high clearance requirements), and is just one component of Noblis’ total compensation package for employees.

Equal Employment Opportunity

Noblis is an Equal Opportunity Employer. Employment decisions are made without regard to race (as well as because of or on the basis of traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, pregnancy, childbirth, lactation and related medical conditions, genetic factors, military/veteran status, or other characteristics protected by law.

Noblis is committed to the full inclusion of all qualified individuals. As part of this commitment, Noblis will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact employee-relations@noblis.org.