Lead Security Engineer

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field
• 15+ years of relevant IT/cybersecurity experience, providing technical and management leadership on major tasks or technology assignments (SME level)
• Demonstrated expertise integrating security into a DevSecOps SDLC, including CI/CD security gates and automated security testing
• Hands-on experience implementing Zero Trust Architecture and applying NIST SP 800-53 controls and the NIST Cybersecurity Framework
• Proven experience leading vulnerability assessments, penetration testing, and threat modeling for enterprise applications
• Experience supporting the ATO lifecycle and managing POA&Ms, security artifacts, and evidence collection
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• U.S. Citizenship required

Nice To Haves

• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Experience generating Software Bill of Materials (SBOMs) and implementing software supply-chain security controls
• Familiarity with SIEM deployment, container/image hardening, and secure baseline configuration
• Experience in large-scale, multi-cloud federal environments and FedRAMP processes
• Strong analytical, problem-solving, written, and verbal communication skills, including the ability to brief senior Government stakeholders

Responsibilities

• Lead the design and implementation of application security solutions, frameworks, and processes across all phases of the SDLC, in compliance with U.S. Census Bureau (USCB) and Office of Information Security (OIS) policies
• Implement Zero Trust (ZT) principles for applications, workloads, and data, aligned with EO 14028, OMB M-22-09, and NIST SP 800-207 (Zero Trust Architecture)
• Integrate security into DevSecOps CI/CD pipelines, establishing security gates, automated code inspection, and supply-chain controls including Software Bill of Materials (SBOM) generation
• Direct Static and Dynamic Application Security Testing (SAST/DAST), vulnerability assessments, and penetration testing to identify, triage, and remediate security weaknesses
• Lead threat modeling exercises to analyze application architecture, identify attack vectors, and document mitigation strategies throughout design, development, testing, and deployment
• Support the Authorization to Operate (ATO) process, including security control assessment, artifact and evidence collection, Privacy Threshold Analysis/Privacy Impact Assessment support, and Plan of Action and Milestones (POA&M) management
• Implement security controls in accordance with the NIST Cybersecurity Framework and NIST SP 800-53, and remediate identified vulnerability and compliance findings
• Design and implement secure architecture patterns — secure API design, authentication/authorization, input validation, encryption, secure logging and monitoring (SIEM), and secure error/session/configuration management
• Develop and maintain metrics, dashboards, and reporting to track application security posture, threat trends, and remediation progress over time
• Support the development and management of Interagency Security Agreements (ISA), security playbooks, and incident response in accordance with current cybersecurity policies
• Collaborate with application developers, data engineers, systems engineers, and OIS to identify and mitigate vulnerabilities, and provide expert security consultation to development teams
• Assist in FedRAMP certification activities and the assessment/remediation of independent penetration testing results, as applicable

Benefits

• Three robust individual and family medical plans
• Health Savings Account (HSA) option
• Two tiers of dental coverage
• Vision insurance
• Life & AD&D insurance
• Disability insurance
• Accident insurance
• Hospital indemnity insurance
• Critical illness insurance
• Paid time off
• B&A sponsored trainings and certifications
• Pet insurance benefits
• Commuter transit benefits
• Free subscription to a virtual exercise platform (NEOU)
• 401(k) plan with company matching contribution
• B&A Cares program (wellness check ins, personal development, financial management, stress management seminars)
• Formal mentorship program
• Job shadowing and cross training opportunities
• Brand Ambassador program
• Employee Assistance Program (EAP) (counseling, legal guidance, financial planning)
• Monthly teambuilding events
• Annual Wellness Challenges (#StepWithB&A, #WalkDuringLunchWithB&A, #VolunteeringWithB&A, #ExerciseDuringLunchWithB&A)