Sr. Security Engineer - Team Lead

About The Position

Requirements

• Bachelor's degree in information technology, cybersecurity, data science, information systems, or computer science from an ABET accredited or CAE designated institution.
• Minimum 6 years of experience in Information Technology (IT) and/or Information Security (IS).
• DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding.
• Active Secret Security Clearance.

Nice To Haves

• Cyber Defense Infrastructure Support Specialist advanced certifications: CEH, SSCP, or CASP +CE.
• CSSLP, CISSP-ISSAP, CISSP-ISSEP, CCSP, or CISSP (Associate).
• CompTIA: Cloud+, PenTest+, Security+, or CySA+.
• SANS certs: GCIA, GCLD, GDSA, GFACT, GICSP, or GSEC.
• In-depth knowledge of various SIEM platforms, scripting languages (e.g., Python, SPL, KQL), and understanding of network security and threat intelligence.
• Familiarity with Information Security requirements of Compliance audits.
• Hands on experience with Splunk, Elastic Search, and ServiceNow.
• Python programming experience.
• Experience working with APIs, webhooks and custom queries to ingest data.

Responsibilities

• Lead and manage security engineering teams to meet organizational objectives.
• Set team goals, define priorities, and oversee delivery of security engineering initiatives and requirements.
• Provide clear guidance, mentorship, performance feedback, and professional development planning.
• Promote collaboration, accountability, and knowledge sharing across the team.
• Assist enterprise architect & client with architecture, design, and integration of security solutions.
• Guide & test the integration of secure architectures for infrastructure, applications, and cloud services.
• Review and provide recommendations regarding technical specifications, configurations, and deployment plans for security tools.
• Ensure designs meet enterprise security requirements, including baseline configurations and quality standards.
• Participate in system design planning. Provide requirements recommendations and execute approved project system procurements/project plans to ensure all implementation requirements are met.
• Follow and implement system security requirements ensuring alignment with functional, operational, and cybersecurity needs.
• Advise on technology acquisition, supply chain risk management, and procurement strategies.
• Participate in the configuration management, change control process, and the Change Control Board - (CCB) to provide technical/cybersecurity related advice.
• Ensure oversight of governance, compliance, and risk management activities associated with engineering team projects, tasks, and efforts.
• Lead and collaborate with other teams regarding risk assessments, audits, and compliance reviews for security engineering projects.
• Ensure application of NIST, FedRAMP, and other federal cybersecurity standards.
• Provide recommendations for policy updates, security standards, and operational procedures.
• Provide recommendations and assist the SOC team with incident response readiness and threat mitigation strategies.
• Work with the SOC, DevOps, and IT teams on incident containment, recovery, and lessons learned.
• Work alongside of the SOC's root cause analysis of security events to drive long-term mitigations.
• Recommend enhancements to monitoring, detection, and response capabilities.
• Participate in the lifecycle management evaluation of security tools and technologies.
• Assess, test, recommend, and oversee approved integration of new or upgraded security tools, including open-source options.
• Evaluate technology performance, cost/benefit analysis, and capability assessments (Overlap/gaps).
• Provide tuning, test and initiate updates/patches for the optimization of deployed tools.
• If project team/lead, coordinate cross-functional security collaboration and stakeholder engagement to meet milestones, requirements, project deadline, and budget constraints.
• Serve as a security SME in project planning, architecture reviews, and operational workflows.
• Facilitate alignment between security engineering, development, and infrastructure teams.
• Communicate technical recommendations, risk assessments, and Root Cause Analysis - (RCA) results to leadership and required stakeholders.
• Direct training, enablement, and knowledge management for security engineering.
• Develop and oversee delivery of security training for team and any identified external entities.
• Ensure documentation of designs, processes, and configurations in secure repositories.
• Promote adoption of secure coding, authentication, and authorization practices.