NLM Security Specialist I - III
$90k - $135kLexical Intelligence, LLC
Job Description
Job Description:\n\nSalary: $90,000 - $135,000 Security Specialist I III Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics software is used by policy and decision makers to evaluate and prioritize current and emerging areas of research. We are looking for Security Specialists (I III) to work within the National Library of Medicine (NLM), Lister Hill National Center for Biomedical Communications (LHNCBC), located at Building 38A on the NIH campus in Bethesda, MD. The Security Specialists will have experience in federal information security and compliance, vulnerability assessment and risk management, and cloud and application security operations. The Security Specialists will have a firm understanding of FISMA requirements, NIST security standards, HHS/NIH cybersecurity policies, and federal information security governance frameworks. The Security Specialists shall be able to work well within a team of multidisciplinary IT professionals including DevOps engineers, software developers, data scientists, and clinical informatics specialists. The selected applicants will be subject to a pre-employment background and reference check. Level Descriptions Security Specialist I Entry to mid-level professional with foundational experience in federal information security and compliance. Works under supervision, executing defined security tasks, supporting vulnerability assessments, and contributing to compliance documentation and incident response activities. Focuses primarily on operational security support, training compliance, and assisting with ATO documentation and security scanning activities. Security Specialist II Mid to senior-level professional with demonstrated experience leading security activities across complex federal IT programs. Works with greater independence, managing vulnerability programs, overseeing ATO lifecycle activities, and providing technical security guidance to development and operations teams. Contributes to cloud security governance, incident response leadership, and privacy compliance programs. Security Specialist III Senior-level professional serving as the strategic security leader for enterprise cybersecurity programs. Provides expert guidance on security architecture, governance, and risk management across multi-team, multi-system environments. Leads enterprise ATO programs, directs incident response and breach management, and serves as the primary security liaison to senior government officials and federal security stakeholders. Required Qualifications Security Specialist I4 years of relevant information security or cybersecurity experienceBachelor's degree or other degree(s) in Computer Science, Information Security, Information Technology, or related fieldsKnowledge and practice of the Federal Information Security Modernization Act (FISMA) and related compliance frameworksExperience with NIST Special Publications including SP 800-53, SP 800-171, SP 800-88, and SP 800-64Experience supporting or maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs)Familiarity with vulnerability scanning and management tools such as Tenable Security Center, Nessus, or ProwlerAbility to identify, document, and track security vulnerabilities and support remediation within prescribed timelinesStrong written and oral communication skills, including the ability to convey technical security concepts in plain language Security Specialist II6 years of progressive information security or cybersecurity experience in a federal or government contracting environmentBachelor's degree or other degree(s) in Computer Science, Information Security, Information Technology, Cybersecurity, or related fields; advanced degree preferredDemonstrated expertise in FISMA compliance, including full lifecycle management of ATO documentation and SSP development and maintenanceAdvanced knowledge of NIST Special Publications including SP 800-53, SP 800-64, SP 800-88, SP 800-171, and FIPS 199/200 security categorization standardsProven experience conducting vulnerability assessments, threat identification, and penetration testing using tools such as Tenable Security Center, Prowler, Netsparker, Checkmarx, and/or OWASP-based toolsExperience managing and responding to cybersecurity incidents in accordance with federal incident response policies, including reporting to CSIRC/NIH IRT within required timelinesExperience administering and securing cloud environments across multiple platforms including AWS, Google Cloud (GC), and/or Microsoft Azure, including Identity and Access Management (IAM)Strong written and oral communication skills with demonstrated ability to brief senior leadership and government officials on security posture, risk, and remediation strategies Security Specialist III8+ years of progressive, senior-level information security or cybersecurity experience, with a significant portion in a federal government or government contracting environmentBachelor's degree or other degree(s) in Computer Science, Information Security, Cybersecurity, Information Technology, or related fields; Master's degree strongly preferredExpert-level knowledge and demonstrated leadership in FISMA compliance, including strategic oversight of ATO lifecycle management, SSP development, and continuous monitoring programs across enterprise-level federal information systemsExpert knowledge of NIST Special Publications including SP 800-53, SP 800-64, SP 800-88, SP 800-171, and FIPS 199/200, with demonstrated ability to apply these frameworks to complex, multi-system environmentsDemonstrated experience leading enterprise vulnerability management programs, including the design and oversight of vulnerability assessment methodologies, penetration testing programs, and threat identification strategiesProven leadership in cybersecurity incident response at the enterprise level, including coordination with federal agencies such as the NIH CSIRC IRT, US-CERT, and HHS OCIOSenior-level experience architecting and securing enterprise multi-cloud environments across AWS, GC, and Microsoft Azure, including advanced IAM strategy, cloud security posture management, and FedRAMP compliance oversightDemonstrated ability to brief and advise senior government officials, CORs, Contracting Officers, ISSOs, and CISOs on enterprise security posture, risk, and strategic remediation approachesProven experience leading and mentoring teams of security professionals and coordinating cross-functional security activities across large, complex IT programs Preferred QualificationsExperience with application security scanning tools such as Netsparker, Checkmarx, or OWASP-based toolsFamiliarity with security assessment tools and penetration testing methodologiesExperience supporting cloud security operations across AWS, GC, and/or Microsoft Azure environments, including IAM administration and cloud resource monitoringKnowledge of container security and orchestration platforms such as Kubernetes, Docker, OpenShift, or AnthosExperience with CI/CD pipeline security integration using tools such as GitLab, GitHub Actions, Nexus, or equivalent platformsFamiliarity with Infrastructure as Code (IaC) security practices using tools such as Terraform, Ansible, Puppet, or AWS CDKExperience with monitoring and logging tools such as EFK stack, Prometheus, Grafana, or Splunk for security event analysisKnowledge of HHS/NIH security policies, including HSPD-12, PIV credentialing requirements, and HHS IS2PExperience with Privacy Impact Assessments (PIA), Privacy Threshold Analyses (PTA), and handling of PII and PHI in compliance with the Privacy Act, HIPAA, and applicable federal regulationsFamiliarity with FISMA-moderate environments such as FEHRDI or equivalent federal health data systemsExperience with secure coding practices in accordance with US-CERT standards and OWASP guidelinesFamiliarity with ticketing and documentation systems such as JIRA, ServiceNow, and ConfluenceExperience with FedRAMP requirements for cloud service providers and cloud security architecture best practicesFamiliarity with distributed computing security, including Hadoop and related open-source frameworksExperience with enterprise records management and media sanitization governance in accordance with NARA policies and NIST SP 800-88(For Levels II and III) Experience with HHS/NIH-specific security frameworks, including the HHS Personnel Security and Suitability Program and PIV credentialing governance(For Levels II and III) Experience with HIPAA business associate agreement requirements and PHI governance in federal health IT environments(For Levels II and III) Relevant certifications such as CISSP, CISM, CISA, CEH, or equivalent federal security credentials(For Level III) Expert knowledge of FedRAMP, cloud service provider security governance, and strategic oversight of enterprise security training programs in accordance with HHS RBT requirements(For Level III) Experience providing strategic security oversight for biomedical informatics, data science, and clinical data analytics programs within federal research environments Responsibilities All LevelsSupport or lead cybersecurity and risk management activities across NLM enterprise systems, networks, databases, and application development environments, ensuring alignment with FISMA, NIST, HHS, and NIH security policies and requirementsAssist in or manage the lifecycle of Authority to Operate (ATO) documentation and System Security Plans (SSPs), supporting annual reviews and updates in response to evolving programmatic and security requirementsSupport or lead the design and implementation of secure computing environments in accordance with Government FISMA policies, including firewalls, intrusion detection systems, and disaster recovery planningConduct or oversee vulnerability assessments and threat identification activities; document findings and support or lead remediation efforts within prescribed timelines in accordance with HHS Policy for Vulnerability Management and POAM requirementsTrack and manage known vulnerabilities using Tenable Security Center and related security tools, ensuring resolution in alignment with HHS vulnerability management timelinesRespond to or coordinate responses to all Alerts and Indicators of Compromise (IOCs) provided by the NIH CSIRC IRT teams within 24 hours, whether the response is positive or negativeSupport or lead incident response activities for suspected and confirmed information security and privacy incidents and breaches, ensuring reporting to the NIH IRT within one (1) hour of discovery and coordinating all required follow-up actions in accordance with HHS, NIH, and US-CERT policiesAssist in or oversee the protection of Controlled Unclassified Information (CUI) in accordance with Executive Order 13556, NIST SP 800-171, and applicable regulations, ensuring CUI is marked appropriately, disclosed on a need-to-know basis, and protected or destroyed in accordance with NIST SP 800-88Ensure all sensitive federal data and information, including PII, PHI, and proprietary information, is encrypted in transit and at rest using FIPS 140-2/140-3 validated encryption solutionsSupport or provide security management and oversight to identify and address security vulnerabilities in both Windows and Linux systemsAssist in or lead secure coding quality assurance activities in accordance with US-CERT standards and OWASP guidelinesSupport or oversee the security of FISMA-moderate environments such as FEHRDI, ensuring that systems handling sensitive clinical and health-related data comply with all applicable security and privacy requirementsAssist in or lead Privacy Impact Assessments (PIA) and Privacy Threshold Analyses (PTA) in coordination with the NIH Office of the Senior Official for Privacy, ensuring assessments are reviewed and updated at least every three years or upon major system changes or new PII collectionSupport or oversee media sanitization activities in accordance with NIST SP 800-88 at contract closeout and as directed throughout the contract periodComplete mandatory annual HHS/NIH Information Security Awareness, Privacy, and Records Management training prior to beginning work and annually thereafter; maintain and submit training records within required timelinesAdhere to HHS Information Technology General Rules of Behavior and applicable Rules of Behavior for Privileged Users, obtaining and maintaining signed acknowledgments at contract initiation and annually thereafterComplete and maintain required Non-Disclosure Agreements (NDAs) for access to non-public government information prior to performing work under the contractSupport or manage the submission and maintenance of contractor staff rosters and background investigation documentation in accordance with contract timelines and requirementsAssist in or provide technical guidance to ensure that all developed ICT solutions meet Section 508 accessibility requirements and HHS digital accessibility conformance standardsSupport or lead the coordination of authenticated and unauthenticated vulnerability scanning activities across operating systems, networks, databases, and web applications using NIST SCAP-compliant toolsIdentify themselves as contractor personnel in all contract-related meetings, communications, and correspondence in accordance with contract requirementsContribute to monthly activity and financial status reports, providing security program updates to the Program Manager and COR as directed Additional Responsibilities Security Specialist IIManage the full lifecycle of ATO documentation and SSPs, ensuring annual reviews, continuous monitoring activities, and updates in response to evolving programmatic, threat, and regulatory requirementsLead vulnerability assessment and penetration testing programs, presenting findings to senior leadership and government officials and managing enterprise-wide remediation activitiesProvide technical security guidance to development teams, advising on secure architecture design, application security reviews, and full SDLC security integrationLead cloud security operations across AWS, GC, and Azure platforms, including advanced IAM administration, cloud security posture management, and monitoring of cloud resource efficiency and security effectivenessDevelop, review, and maintain Incident and Breach Response Plans (IRP) in accordance with HHS/NIH, OMB, and US-CERT requirementsCoordinate with ISSOs, CISOs, and federal security officials on security posture, risk assessments, and compliance activitiesLead privacy governance activities, overseeing PIA and PTA processes and ensuring compliance with Privacy Act, HIPAA Rules, and applicable HHS policiesOversee the integration of security controls within CI/CD pipelines, IaC frameworks, and containerized environments, ensuring DevSecOps principles are
$129.99k - $149.48k
...management, and compliance helps organizations securely deliver impactful services? Job... ...is seeking 2 highly skilled Security Specialists to support our client’s mission by... ...Previous experience with NIH, especially NLM Benefits Ripple Effect rewards...SuggestedFull timeWork at officeRemote workFlexible hours- ...request sensitive information such as Social Security numbers or bank details during the... ...Department of State Worldwide Protective Services III (WPS III) Task Orders in austere... ...successfully complete the DOS Protective Security Specialist Basic and Quick Reaction Force training...SuggestedLocal areaWorldwideOverseasLong distance
$104.04k - $111.21k
...Owned Small Business. SUBJECT MATTER EXPERTS specializing in security and risk management. We’re intimately familiar with DOD security... ..., our people come first! Activity Security Representative III The Activity Security Representative’s primary function is to...SuggestedHourly payContract workFor contractorsWork experience placementLocal area- ...Location: Washington, DC Overtime Exempt: No Reports To: ARMADA HQ Security Clearance Required: Top Secret w/ SCI CONTINGENT UPON AWARD*************** Duties & Responsibilities Security Specialist III - Personnel Security Adjudication Specialist adjudicate government...SuggestedFull timeContract workFor contractorsLocal areaRelocation
- ...Job Description Job Description Description: Overview Diverse Systems Group, LLC is seeking an Information Assurance/Security Specialist to play a pivotal role in safeguarding the integrity, confidentiality, and availability of information systems and data within...Suggested
- ...end-users, and give our customers a competitive edge, now and into the future. Position Description: The Information Security Specialist III supports the National Oceanic and Atmospheric Administration (NOAA) Internal Risk Management Program (IRMP), providing advanced...Contract workFor contractorsWork at office
- Acuity International is seeking a qualified candidate for the role of Protective Security Specialist. You will be responsible for providing protection and emergency medical care in high-threat environments. The position requires U.S. citizenship and at least three years...
$88.4k - $154.7k
...full potential. Unleash your talent and redefine what’s possible. Job Description Parsons is looking for a talented Physical Security Specialist (PhySS) to join our team! In this role, you will design and maintain security measures for Sensitive Compartmented Information...Flexible hours$80k - $95k
...the ultimate goal of enabling human life on Mars. PHYSICAL SECURITY SPECIALIST Physical Security Specialists are highly experienced and adaptable... ...107 Drone license Ability to obtain and maintain a Level III Commissioned Security Officer license and Level IV Personal...Permanent employmentTemporary workOverseasFlexible hoursShift workNight shift- Join Our Team as a FBI - Personnel Security Specialist III! Protection Strategies, Inc. Who We Are At Protection Strategies, Inc. (PSI), a Service-Disabled Veteran Owned Small Business, we engage with industry professionals to provide top-tier security solutions and personnel...Contract workFor contractorsWork at officeLocal areaFlexible hours
- Cherokee Federal is seeking a Defense Trade Analyst III in Washington, DC. This role requires analyzing defense trade cases while ensuring... ...with stakeholders and offers a chance to contribute to national security. Qualified candidates will have a Bachelor's Degree along with...Full time
- Protection Strategies Incorporated is hiring a Personnel Security Specialist III in Washington, D.C. You will manage investigation requests, conduct interviews, and ensure security investigations are thorough and compliant with policies. The ideal candidate will have a...
- Green Thumb in Bethesda, MD is hiring for a role that prioritizes customer engagement and safety in a retail environment. Responsibilities include greeting visitors warmly, ensuring compliance with safety standards, and addressing customer needs effectively. The ideal candidate...
- A service-disabled veteran-owned small business is seeking a Personnel Security Specialist III in Washington, D.C. This role involves managing background investigations and security clearances for federal and contractor employees. The ideal candidate will have a Bachelor...For contractors
- Cannabis Company in Bethesda, Maryland is seeking a dedicated customer support representative to provide excellent service while ensuring compliance and safety in a fast-paced environment. The ideal candidate will bring customer-facing experience and a warm demeanor. Responsibilities...Shift work
$105k - $125k
...Job Location: Washington D.C., DC 20376 Position Type: Full Time Salary Range: $105,000.00 - $125,000.00 Title: Information Security Analyst III (Mid) Clearance Type: None Scope: Ability to leverage data analysis techniques, intelligence databases, and open-source information...Full time$76.3k - $119.9k
Zoominfo is seeking a Revenue Accountant III in Bethesda, Maryland to support the revenue accounting team with month-end close activities and financial workflows. The role demands a Bachelor’s degree in Accounting or Finance and 1-3 years of accounting experience, aiming...$76.3k - $119.9k
Zoom Information, Inc. is looking for a Revenue Accountant III to contribute to the revenue accounting team in Bethesda, Maryland. This role includes supporting month-end close activities and operational workflows, while ensuring adherence to U.S. GAAP standards. The ideal...$70k - $95k
...professional to join our team. AECOM is looking for a Proposal Specialist III to join AECOM’s Federal Marketing team. Our clients include... ...for this position At AECOM, we are committed to maintaining a secure and trustworthy recruitment process and take any fraudulent hiring...Daily paidWork at officeRemote workRelocation package$31 per hour
Public Safety Officer (Safety/Security Officer III) Job Description Summary $31.00 per hour base rate in addition to shift and/or weekend differentials Must be able to pass a pre-employment physical ability test Must complete a pre-employment skills assessment Must...Hourly payFlexible hoursShift workNight shiftRotating shiftWeekend work- ..., INTERMITTENT positions located in the Office of International High Threat Programs, Bureau of Diplomatic Security. The incumbent serves as a Security Specialist responsible for the full range of security activities (i.e. investigative, physical, personnel, protective,...Temporary workWork at officeRemote workOverseas
- ...Job Title Insider Threat Risk Mitigation Specialist Job Description You will serve as the technical expert for multidisciplinary fields such as counterintelligence, security, cybersecurity, human resources, and law enforcement as they pertain to insider threat...Work at office
- ...commercial technology throughout the military and growing the national security innovation base. As the Department’s gateway to leading... ...Industrial Security contract management. Additionally, the specialist serves as the Alternate Continuity of Operations (COOP) Program...Contract work
$175k - $210k
...and private sector clients. We are values-led and mission driven. We can't wait to work with you! About the role The Security Specialist / Physical Security is responsible for managing and overseeing physical security measures, ensuring the protection of facilities...Work at office- ...responsible for accomplishing a wide variety of business and security management functions, including developing, planning, and programming... ...as the requirements owner for specific security projects, the specialist develops technical requirements and provides definitive...Full timeContract workPart timeLocal areaRemote workFlexible hours
$109k - $181.5k
...Security Specialist Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that...Hourly payContract workTemporary workWork experience placementWork at officeLocal areaRemote work- ...Job Title Security Specialist Job Description The Security Specialist will perform Career Broadening assignments/duties; provide support, senior-level security expertise, guidance, and direction to the civilian and military workforce within DAF directorates, MAJCOMs...For contractorsWork at office
$18.87 - $31.15 per hour
...Job Posting The Release Of Information (ROI) Specialist III, under the leadership of the ROI Supervisor, is responsible for interpreting... ...and regulatory requirements relevant to the privacy and security of protected health information. The ROI Specialist III will...Work experience placementLocal area- ...Security Specialist Totally Joined For Achieving Collaborative Techniques (TJFACT) is a minority owned, CVE verified Service Disabled Veteran Owned Small Business (SDVOSB) performance driven professional services government contracting company that provides a broad...Temporary workWork at officeRemote work
- ...government officials, U.S. law enforcement entities, and Intelligence Community partners to acquire, evaluate, and disseminate threat and security-related information. Coordinates and supports protective security operations for visits by senior U.S. Government officials,...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to NLM Security Specialist I - III. Be the first to apply!
- senior information security analyst Bethesda, MD
- security systems specialist Bethesda, MD
- network security consultant Bethesda, MD
- security consultant Bethesda, MD
- security specialist Bethesda, MD
- security coordinator Bethesda, MD
- security advisor Bethesda, MD
- data security analyst
- security associate
- info security analyst

