NLM Security Specialist

Job Code: PRO-IT-04T Location: Client/NIH Main Campus Employee Type: Exempt, Full-Time Regular (Ask our recruiters about flexible work arrangements ) Telework : Ad-hoc only Clearance: Public Trust Number of Openings: 2 Salary Range: $108,321-124,569 per year (how we pay and promote ) Are you passionate about protecting mission‑critical systems and ensuring the confidentiality, integrity, and availability of information that supports federal programs and public trust? Do you thrive in environments where your expertise in cybersecurity controls, risk management, and compliance helps organizations securely deliver impactful services? Ripple Effect is seeking 2 highly skilled Security Specialists to support our client’s mission by strengthening security posture across complex federal information systems. The Security Specialist will play a key role in supporting security operations, continuous monitoring, and authorization activities in alignment with FISMA and NIST Risk Management Framework (RMF) requirements. This position supports system owners, engineers, and authorizing officials to ensure security is fully integrated into platform design, delivery, and ongoing operations. Responsibilities Security Control Implementation & Operations: Support the implementation, monitoring, and ongoing maintenance of information system security controls, including day‑to‑day security monitoring (vulnerability scanning, log review, and event analysis) and incident response activities such as evidence collection, documentation, and coordination with stakeholders, under senior direction. Continuous Monitoring & Risk Management: Support continuous monitoring (ISCM) activities to assess the effectiveness of security controls, assist with risk assessments and remediation planning to address vulnerabilities and findings, and track remediation actions through validation and closure in alignment with federal cybersecurity requirements. Network & System Security: Implement and maintain security controls across networked environments, including wired and wireless networks, while supporting access control, identity management, and system hardening efforts in coordination with engineering and operations teams to ensure secure configurations are maintained throughout the system lifecycle. Security Architecture & Advisory Support: Lead or contribute to security architecture and compliance activities by integrating security requirements into system and platform designs, providing authoritative guidance on risk management strategies, control selection, and best practices, and advising project teams on aligning technical solutions with security and compliance expectations. Documentation & Collaboration: Produce clear and accurate security documentation to support audits, assessments, and ongoing operations, while collaborating with system owners, developers, engineers, and stakeholders to embed security into delivery processes and contribute to continuous process improvements that enhance security effectiveness and operational efficiency.

Minimum Education & Experience: Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, Information Systems or a related field 6 years of relevant professional experience, or a combination of education and experience that is equivalent to nine years Basic Requirements: 3 years of experience supporting information systems in a federal or regulated environment Hands-on experience with FISMA and the NST Risk Management Framework (RMF) Experience supporting security control implementation/operation, continuous monitoring activities (ISCM) and incident response support Familiarity with network and system security controls including access control mechanisms for wired and wireless networks. Intermediate knowledge of Microsoft Office productivity software and collaboration tools such as Microsoft Teams and SharePoint. Skills That Set You Apart: Proven success reducing POA&M backlog and accelerating ATO timelines through process improvements Experience embedding security into cloud, platform, or DevSecOps pipelines early in the system lifecycle Ability to scale security operations through tooling rather than manual processes Previous experience with NIH, especially NLM

Ripple Effect rewards our employees for their contributions to our mission in many ways, from competitive pay and exceptional benefits to a range of work/life programs based on your employment classification and personalized preferences. ----------------------------------------------------------------------- Ripple Effect is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, political affiliation, or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation during the hiring process, please let us know by contacting our HR department at HR@rippleeffect.com or your recruiter. Eligibility for employment will be verified using E-verify .