Assistant Tenable Jobs (NOW HIRING)

Cloud Engineer I

Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics software is used by policy and decision makers to evaluate and prioritize current and emerging areas of research.

We are looking for a Cloud Engineer I to work within the National Library of Medicine (NLM), Lister Hill National Center for Biomedical Communications (LHNCBC), Bethesda, MD. The Cloud Engineer I will have experience in cloud infrastructure administration, DevOps engineering, and cybersecurity compliance. The Cloud Engineer I will have a firm understanding of cloud computing platforms, CI/CD pipelines, containerization technologies, and Federal Information Security Modernization Act (FISMA) requirements. The Cloud Engineer I shall be able to work well within a team of multidisciplinary professionals spanning software development, data science, biomedical informatics, and IT operations. The selected applicant will be subject to a pre-employment background and reference check.

Required Qualifications

• 24 years of relevant cloud engineering or DevOps experience
• Bachelor's degree or other degree(s) in Computer Science, Information Technology, Engineering, or related fields
• Hands-on experience with cloud platforms (Google Cloud, AWS, and/or Azure) in IaaS, PaaS, and SaaS configurations
• Proficiency with CI/CD tools such as GitLab, GitHub, Nexus, or equivalent platforms
• Experience with containerization and orchestration tools, including Docker, Kubernetes, Anthos, and/or OpenShift
• Working knowledge of Infrastructure as Code (IaC) tools such as Terraform, Ansible, Puppet, and/or AWS CDK
• Familiarity with FISMA compliance requirements and federal cybersecurity frameworks (NIST SP 800-53, NIST SP 800-171)
• Experience with version control systems such as Bitbucket and/or GitLab
• Strong written and oral communication skills; ability to convey technical concepts in plain language

Preferred Qualifications

• Experience with monitoring and logging tools such as EFK stack, Prometheus, and/or Grafana
• Familiarity with vulnerability scanning and penetration testing tools, including Tenable, Prowler, Netsparker, Checkmark, and/or OWASP
• Experience supporting Authority to Operate (ATO) processes and developing System Security Plans (SSPs)
• Knowledge of Identity and Access Management (IAM) and cloud account administration in commercial cloud environments
• Experience with distributed computing systems and batch queuing software, including open-source map/reduce frameworks (e.g., Hadoop)
• Familiarity with database technologies such as RDS, MySQL, MongoDB, MS SQL, PostgreSQL, and/or Elasticsearch
• Experience with ticketing and documentation systems such as JIRA, ServiceNow, and/or Confluence Wiki
• Knowledge of FedRAMP requirements and secure remote access administration
• Prior experience supporting NIH, HHS, or other federal government IT environments
• Relevant certifications such as AWS Certified Solutions Architect, Google Cloud Professional, Microsoft Azure Administrator, or CompTIA Security+

Responsibilities

• Recommend, deploy, and manage version control systems; support NLM's use of Bitbucket, GitLab, and other platforms as needed
• Implement and administer CI/CD pipelines for all approved development frameworks at NLM, utilizing tools such as GitLab, GitHub, TeamSite, Nexus, Kubernetes, Ansible, and Terraform
• Recommend and configure Infrastructure as Code (IaC) tools to support scalable, repeatable deployments
• Implement, administer, and support cross-datacenter deployments using Docker and other containerization tools
• Set up, administer, and maintain elastic and cost-efficient container orchestration environments using Kubernetes, Anthos, and/or OpenShift
• Provide monitoring and logging capabilities to collect, store, and analyze data on application performance and infrastructure availability using EFK stack, Prometheus, Grafana, and other tools
• Recommend and configure vulnerability scanners and penetration testing tools; conduct ongoing vulnerability assessments and threat identification using Tenable, Prowler, Netsparker, Checkmark, and OWASP
• Provide day-to-day cloud operations support, including secure remote access administration, compute and cost model analysis, and implementation of selected cloud solutions
• Support cybersecurity and risk management activities across NLM enterprise systems, including application, network, system, and database security; resolve identified software, firmware, system, and hardware vulnerabilities within prescribed timeframes
• Assist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs) on an annual basis and as needed
• Track and manage current known vulnerabilities using Tenable Security Center
• Provide technical support for systems and database design; coordinate and implement open-source software such as Apache server services
• Administer, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworks
• Provide customer service to internal and external staff; resolve issues in a highly technical environment through clear communication, administer user accounts, monitor system performance, and track problem reports through JIRA, ServiceNow, and/or equivalent ticketing systems
• Create and maintain technical documentation using Confluence Wiki and other tools
• Support cloud development and cloud computing infrastructure for production web services, high-performance computing, and high-throughput processing environments; administer commercial cloud accounts through IAM and monitor cloud resource utilization efficiency
• Assist in implementing, maintaining, and executing computer security practices in accordance with Government FISMA policies, including firewalls, intrusion detection, secure computing environments, and disaster recovery
• Provide technical support and guidance to development teams for migration to and utilization of the DevOps platform
• Ensure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents within required timeframes (no later than one hour of discovery), and participate in required annual cybersecurity and privacy training per HHS/NIH requirements
• Implement secure coding best practices as directed by US-CERT standards and OWASP guidelines

Salary and Benefits

We offer a competitive salary and a generous benefits package, including at no cost: full health and dental for you and your dependents, retirement and HSA accounts, short- and long-term disability insurance, life and accident insurance, paid time off, and 11 federal holidays.

Location

Bethesda, MD

Equal Employment Opportunity Policy

Lexical Intelligence, LLC, provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Lexical Intelligence, LLC | 2001 Veirs Mill Rd #546 | Rockville, MD 20851