Cybersecurity Vulnerability Remediation Engineer
Fully Remote Remote, DC
Job Type
Full-time
Description

Position Overview:

The Office of the Inspector General (OIG) at the U.S. Department of Health and Human Services (HHS) is seeking a highly skilled Cybersecurity Vulnerability Remediation Engineer. The ideal candidate will focus on identifying, assessing, and remediating vulnerabilities across both cloud and on-premises systems and applications. This role is critical in ensuring the security and integrity of HHS OIG's IT infrastructure and safeguarding sensitive health and personal data.


Key Responsibilities:

· Vulnerability Assessment and Management:

o Conduct regular vulnerability assessments on cloud and on-premises systems.

o Utilize industry-standard tools and techniques to identify security vulnerabilities.

o Analyze the severity and potential impact of identified vulnerabilities.

· Remediation Planning and Implementation:

o Develop and implement comprehensive remediation plans to address identified vulnerabilities.

o Collaborate with system and application owners to ensure timely and effective remediation.

o Test and verify the effectiveness of remediation actions.

· Incident Response:

o Assist in the investigation and resolution of security incidents related to vulnerabilities.

o Provide technical expertise during incident response activities to mitigate and contain threats.

· Security Best Practices:

o Develop and promote best practices for vulnerability management and remediation.

o Provide guidance and training to internal teams on vulnerability remediation processes.

o Stay updated on the latest cybersecurity threats, vulnerabilities, and mitigation strategies.

· Documentation and Reporting:

o Maintain detailed records of vulnerability assessments, remediation efforts, and outcomes.

o Generate regular reports on the status of vulnerability management and remediation activities.

o Communicate findings and recommendations to senior management and stakeholders.


Requirements

Required Qualifications:

· Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.· At least 5 years of experience in cybersecurity, with a focus on vulnerability management and remediation.· Strong knowledge of cloud security (AWS, Azure, Oracle) and on-premises security practices.· Proficiency in using vulnerability assessment tools (e.g., Sonarqube, Crowdstrike, Splunk, etc).· Experience with security information and Authority to Operate (ATO) compliance.· Strong analytical and problem-solving skills.· Excellent communication and collaboration abilities.· Relevant certifications (e.g., CISSP, CEH, CISM) are highly desirable.

Preferred Qualifications:

· Master’s degree in a related field.· Experience working in a government or healthcare environment.· Familiarity with compliance requirements such as HIPAA, FISMA, and FedRAMP.· Knowledge of scripting languages (e.g., Python, PowerShell) for automation of remediation tasks.