Cybersecurity Team lead

About The Position

Requirements

• Master’s degree, One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program.
• Minimum 10 years of experience in cybersecurity engineering or security operations.
• Minimum 5 years of experience leading/coordinating a team of people delivering enterprise security initiatives in complex IT environments with 3,000+ users.
• Minimum 5 years of experience with at least 3 enterprise security technologies (e.g., firewalls, SIEM, IDS/IPS, EDR, vulnerability management tools).
• Minimum 3 years of experience working in regulated federal environments with document exposure to security frameworks such as NIST 800-53, RMF, FISMA, or FedRAMP.
• Must be a US Citizen who can obtain a Public Trust Security Clearance.

Nice To Haves

• Demonstrated experience producing security documentation and communicating findings including, vulnerability findings, security assessment reports, POA&Ms, and executive briefings or technical presentations
• Industry certifications such as CISSP, CISM, CISA, CEH, GIAC, or Security+.
• Experience supporting system authorization and Risk Management Framework (RMF) processes.
• Experience securing hybrid cloud environments.
• Familiarity with DevSecOps and secure SDLC practices.
• Experience working in a federal or highly regulated environment.

Responsibilities

• Lead the design, implementation, and operation of enterprise cybersecurity technologies and solutions.
• Develop and maintain the organization’s cybersecurity roadmap aligned with evolving threats, mission needs, and regulatory requirements.
• Oversee security operations, including monitoring, alerting, incident response, escalation, and post-incident root cause analysis.
• Manage and optimize security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), SIEM, SOAR, vulnerability scanning tools, and network access control solutions.
• Ensure effective security monitoring across networks, servers, cloud environments, endpoints, and applications.
• Lead vulnerability management activities, including scanning, risk prioritization, remediation coordination, and reporting.
• Conduct and support risk assessments, threat modeling, and security architecture reviews for new and existing systems.
• Collaborate with infrastructure, network, hosting, and cloud teams to ensure secure system design and secure-by-default configurations.
• Support system authorization processes, including development and maintenance of security documentation such as system security plans (SSPs), POA&Ms, and related artifacts.
• Ensure compliance with applicable federal security frameworks, policies, and standards (e.g., FISMA, NIST, agency security requirements).
• Contribute to disaster recovery (DR) and continuity of operations (COOP) planning from a cybersecurity perspective.
• Serve as the primary technical escalation point for cybersecurity incidents and high-risk findings.
• Lead and mentor cybersecurity engineers and analysts, establishing standards, playbooks, and operational best practices.
• Coordinate with enterprise stakeholders and leadership to provide regular reporting on security posture, risk metrics, and incident trends.
• Support security tool evaluation, acquisition planning, and lifecycle management.
• Promote security awareness and foster a culture of proactive risk management across technical teams.