Director of Global Security Investigations, Anti-Falsified Medicine
Novartis
Information System Security Engineer
MKS2 Technologies
full-time
Posted on:
Location Type: Remote
Location: Remote • Pennsylvania • 🇺🇸 United States
Visit company websiteSalary
💰 $89,000 - $115,000 per year
Job Level
SeniorLead
Tech Stack
Cyber Security
About the role
- Develop, maintain, and track RMF documentation including:
- System Categorization Forms
- PIT Determination Checklists
- AO Determination Checklists
- Implementation Plans
- SLCM Strategies
- System Policies
- Hardware/Software Lists
- System Diagrams
- Privacy Impact Assessments (PIA)
- POA&Ms
- Execute RMF processes to support:
- Interim Authority to Test (IATT)
- Authorization to Operate (ATO)
- Denial of Authorization to Operate (DATO)
- Tailor IT and Cybersecurity control baselines per RMF guidelines
- Conduct Ports, Protocols, and Services Management (PPSM)
- Perform vulnerability-level risk assessments and control testing
- Mitigate vulnerabilities per STIG requirements
- Maintain POA&Ms in eMASS
- Develop system-level IT/CS policies and procedures
- Implement and assess STIGs and SRGs
- Conduct vulnerability assessments using:
- ACAS
- SCAP Compliance Checker (SCC)
- Evaluate STIG
- Deploy security updates and patches
- Perform audits of hardware/software components
- Maintain inventory of system components
- Participate in IT change control and configuration management
- Upload vulnerability data to VRAM
- Image/re-image RMF boundary assets
- Install and troubleshoot software for compliance
- Assist with SSD/HDD removal prior to asset destruction
- Apply cybersecurity patches per DoD/DoN TASKORDs and FRAGORDs
- Ensure STIG compliance for Windows servers and Cisco hardware
- Report network hardware compliance issues to management
Requirements
- Minimum of seven (7) years of professional experience in:
- Capturing and refining information security operational and security requirements
- Implementing security controls and configuration changes
- Applying software/hardware updates and patches
- Conducting vulnerability scanning and securing configurations
- Bachelor’s degree in:
- Computer Science
- Information Technology
- Or an equivalent STEM field from an accredited college or university
- Must hold the following certifications:
- IAT-III
- CASP+ CE
- CCNP Security
- CISA
- CISSP (or Associate)
- GCED
- GCIH
- CCSP
- Clearance Requirement:
- Favorably adjudicated Tier 3 by VROC
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
RMF documentationvulnerability assessmentssecurity controlsconfiguration managementrisk assessmentsSTIG compliancevulnerability scanningsystem policieshardware/software updatesnetwork compliance
Certifications
IAT-IIICASP+ CECCNP SecurityCISACISSPGCEDGCIHCCSP
