The scope of work is to ensure the Centers for Medicare and Medicaid Services (CMS) Information Technology infrastructure is operated and maintained in a manner that protects hardware and software assets and mission information, and promotes the confidentiality, integrity, availability, and authentication, and privacy as defined in CMSs security policies and standards. The subcontractor shall provide operational security services in support of the customer infrastructure. The subcontractor will be involved in one or more of the following areas: intrusion detection (IDS), hard drive & media encryption, anti-virus protection, vulnerability and compliance scanning, SIEM, proxy services, change management, and/or other security services as required. The subcontractor may be asked to develop/deliver both written and verbal reports or technical assessments. The subcontractor will participate in security engineering projects and be asked to provide security expertise in meetings and discussions. The subcontractor will be expected to participate in the weekly 24X7 on-call and weekly CCB attendance rotations.
Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 9 years of professional experience; or 7 years of professional experience with a related Masters degree.
Career, or journey, level experience required in the following areas: Conducting compliance and/or vulnerability scans, developing and maintaining technical documentation, hands on experience securing or evaluating systems following NIST and FISMA regulations, working knowledge of variety of operating systems, databases, networks, and common security tools. Ability to demonstrate working knowledge of the Security CBK.
Experience working with Trouble Ticket Tracking Systems such as, Remedy and automated Security Controls monitoring systems, is a plus. Tripwire experience is a plus.
Prefer individual with CISSP (Certified Information Systems Security Professional), CEH, Security +, SANS GIAC security certification, or other industry-recognized security certification.
Any non-US citizen to work on the contract must be able to prove US residency for a period of three (3) years prior to the commencement of work on this contract.
All your information will be kept confidential according to EEO guidelines.