Security Specialist

Overview

Medical Science & Computing (MSC), a Dovel company, is an exciting growth oriented company, dedicated to providing mission critical scientific and technical services to the Federal Government. We have a distinguished history of supporting the National Institutes of Health (NIH) and other government agencies. MSC offers a dynamic and upbeat work environment, excellent benefits and career growth opportunities.

We attract the best people in the business with our competitive benefits package that includes medical, dental and vision coverage, 401k plan with employer contribution, paid holidays, vacation, Medical and Flexible Spending Accounts, Pre-Tax Transit Assistance and tuition reimbursement. If you enjoy being a part of a high performing, professional service and technology focused organization, please apply today!

Duties & Responsibilities

We are currently searching for a Security Specialist to provide support to the National Institutes of Health (NIH). Contingent on Award.

Duties and Responsibilities:

• Develop and maintain Information Systems Security Plan (ISSP).
• Ensure integration of common security mechanisms into reusable services and data asset development work products.
• Ensure compliance with Government security controls.
• Supports the engineering, implementation, communication, documentation, and application of IT security policies for software development efforts, including Azure-based web applications and microservices. Participate in security audits and vulnerability assessments of IT systems.
• Perform IT systems security risk analysis, including assessments, and ensure appropriate controls are maintained, per NIST 800-53, using a Zero Trust model, and as commensurate with the sensitivity and criticality of particular systems.
• Monitor the enterprise environment for policy compliance, proper client versions, patch deployments, and vulnerability remediation.
• Ensure compliance with legislation, Executive Orders, OMB directives, and other mandated requirements (e.g., FISMA). Apply NIST guidance and HHS and NIH policies and procedures. Develop, and work to ensure systems compliance with, security standards that adhere to Institute policies, plans, and procedures.
• Evaluate preventative controls to ensure that controls designed to deter, detect, and reduce impacts to systems are operating effectively and as intended. Assist in mitigating security incidents when they occur.
• Assist with Business Impact Analyses (BIAs) in conjunction with key system stakeholders to identify resource requirements and recovery priorities for system resources. Assist in maintaining and improving Continuity of Operations Plans.
• Collaborate with team members and PM on requirements analysis, design, configuration, change and risk management, documentation, planning, accessibility remediation and compliance, and security and quality assurance.
• Work with teams to review new systems, API security, and new applications, identifying vulnerabilities, recommending solutions, and following a policy for exceptions where necessary.

Requirements

Position Requirements:

• Bachelor's Degree in Computer Science, Information Systems, or other related business, scientific, or technical discipline
• Minimum of 3 years' experience operating as a Security Specialist, securing information systems and IaaS, and implementing cloud-based solutions, including microservices, with ATO
• Proven experience in IT systems security operations, including understanding of Azure enterprise architecture, secure operations and management of systems, networks, configuration management, cloud infrastructure architecture, database architecture, and related industry best practices.
• Experience maintaining enterprise security documentation related to System Security Plans, Risk Assessments, Security Control Assessments, Privacy Impact Assessments, POA&Ms
• Experience with API security, OAuth 2.0, OpenID
• Ability to effectively and confidently communicate with technical and nontechnical end-users;
• Ability to obtain a Public Trust Clearance.
• Ability to adapt to rapidly changing requirements with a flexible and creative approach to brainstorming, troubleshooting, and problem solving

Position Preferences:

• Experience in a clinical and/or government environment with demonstrated ability to analyze problems and propose multiple alternative solutions
• Experience working in FISMA Moderate and High environments
• Experience with enterprise IT security tools

Medical Science & Computing (MSC), a Dovel company, is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

#LI-GH1

Company Description

We are a trusted government partner that blends deep domain expertise with advanced technologies to help our customers solve complex problems that improve, protect, and save lives. As a rapidly growing company, we combine entrepreneurial spirit, customer focus, and an outcomes-based approach to support agency missions in health IT, life sciences, public safety, and grants management.

The Dovel Family of Companies offers employees an opportunity to advance beyond a specific role or contract, we offer a path to develop an enriching career. We believe in empowering a culture of innovation, customer success, and employee growth.

What you'll get...

• Time Off! Flexible schedules and company paid holidays allow you to take the time you need.
• Investment in YOU! 401(K) company contributions are yours to keep with no waiting period.
• Choices! Unique healthcare plans to choose from with options like fertility and orthodontia benefits.
• Discovery! With our tuition assistance and training programs, we support your career advancement.
• Tax Savings! Enroll in pre-tax Health or Dependent Care Flexible Spending, HSA with company contributions, parking, and/or transit commuter benefits.
• Support! Working parents and busy professionals - we've got you covered with a supportive culture, confidential Employee Assistance Program, and membership to Care.com.
• Perks! Employee discounts, peer recognition programs, company-wide wellness challenges, and fun community events.
• A Voice! A unique culture where you can influence decisions and have your voice heard.

We are an Equal Opportunity Employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, disability, or veteran status.