ApplyJob Type
Full-timeDescription
Position Overview:
The Office of the Inspector General (OIG) at the U.S. Department of Health and Human Services (HHS) is seeking a highly skilled Cybersecurity Vulnerability Remediation Engineer. The ideal candidate will focus on identifying, assessing, and remediating vulnerabilities across both cloud and on-premises systems and applications. This role is critical in ensuring the security and integrity of HHS OIG's IT infrastructure and safeguarding sensitive health and personal data.
Key Responsibilities:
·
Vulnerability Assessment and Management:
o Conduct regular vulnerability assessments on cloud and on-premises systems.o Utilize industry-standard tools and techniques to identify security vulnerabilities.o Analyze the severity and potential impact of identified vulnerabilities.·
Remediation Planning and Implementation:
o Develop and implement comprehensive remediation plans to address identified vulnerabilities.o Collaborate with system and application owners to ensure timely and effective remediation.o Test and verify the effectiveness of remediation actions.·
Incident Response:
o Assist in the investigation and resolution of security incidents related to vulnerabilities.o Provide technical expertise during incident response activities to mitigate and contain threats.·
Security Best Practices:
o Develop and promote best practices for vulnerability management and remediation.o Provide guidance and training to internal teams on vulnerability remediation processes.o Stay updated on the latest cybersecurity threats, vulnerabilities, and mitigation strategies.·
Documentation and Reporting:
o Maintain detailed records of vulnerability assessments, remediation efforts, and outcomes.o Generate regular reports on the status of vulnerability management and remediation activities.o Communicate findings and recommendations to senior management and stakeholders.
Requirements
Required Qualifications:
· Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.· At least 5 years of experience in cybersecurity, with a focus on vulnerability management and remediation.· Strong knowledge of cloud security (AWS, Azure, Oracle) and on-premises security practices.· Proficiency in using vulnerability assessment tools (e.g., Sonarqube, Crowdstrike, Splunk, etc).· Experience with security information and Authority to Operate (ATO) compliance.· Strong analytical and problem-solving skills.· Excellent communication and collaboration abilities.· Relevant certifications (e.g., CISSP, CEH, CISM) are highly desirable.
Preferred Qualifications:
· Master’s degree in a related field.· Experience working in a government or healthcare environment.· Familiarity with compliance requirements such as HIPAA, FISMA, and FedRAMP.· Knowledge of scripting languages (e.g., Python, PowerShell) for automation of remediation tasks.
