Lead System Security Engineer

About The Position

Requirements

• Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred
• Minimum of FIVE (5) years of experience in Risk Management Framework / Security Assessment and Authorization. RMF
• Experience in developing complete ATO packages for systems; including SSP, FIPS 199, E-Authentication, PTA/PIA, Incident Response Plan, Contingency Plan, and Configuration Management Plan.
• Experience in developing and conducting IR table-top tests and CP functional tests.
• 3+ years of experience as IT system administrator or engineer. Experience can include: System maintenance in configuration and patching for On-premise servers and databases. Deployed and managed cloud hosted environments, configured and refined network connections and security monitoring integrations. Integrated third-party SaaS products with cloud environment, or collaboration Tenants like Microsoft 365. Maintained network components from firewalls, IDS/IPS to VPN solution. Developed and deployed web application software.
• Experience with conducting vulnerability scans and remediation findings.
• Experience with NIST 800-53 and NIST 800-37.
• Experience with cloud systems and SaaS products, and understanding of the FedRAMP requirements.
• Experience with security monitoring tools (e.g., Splunk, Tenable, BigFix, Microsoft Purview, Symantec DLP, Sentinel, CloudWatch, Security Center).
• Experience reporting to executives’ system risk analysis and findings. Capable of translating technical findings to meaningful and impactful risks.
• At least one of the following Certifications: CISA CISSP CompTIA Security+ CE Certified Professional CompTIA Network+ CE Certified Professional Certified Cloud Certificates (AWS, Azure, and/or Google)
• Experience with assessing 5 of the 8 types of platforms/systems: ICAM Solution (Active Directory, SailPoint and CyberArk experience is preferred). Network – firewalls, IDS/IPS, switches, Routers, VPN Cloud Hosting (experience with at least 2 of 3 – AWS, Azure, Google) On-premise Hosting (Windows and Linux platforms) Microsoft 365 Tenant Third Party SaaS Platforms High Performance Computing Systems AI Applications and Systems

Nice To Haves

• Experience as software developer – capable of building dashboards within suites like Microsoft Power BI and Power App.
• Capable of configuring APIs with security tools into dashboards (such as Tenable, Splunk, and GRC Platforms including CSAM).

Responsibilities

• Review SC&A (Security Controls & Assessment) packages submitted by business and technical stewards to ensure completeness, accuracy, and alignment with security and compliance requirements.
• Submit and coordinate application security scans (e.g., vulnerability scans, SAST/DAST, dependency scans) with appropriate security teams or scanning tools.
• Analyze scan results , validating true positives vs. false positives and assessing risk severity and impact to the organization.
• Advise system owners and technical teams on remediation strategies, timelines, and best practices to address identified vulnerabilities.
• Track remediation progress and ensure findings are resolved in accordance with organizational security policies and SLAs.
• Provide security guidance throughout the system lifecycle to improve security posture and reduce recurring issues.

Benefits

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend