Apply on Employer Site

LCG, Inc. · 1 day ago

Lead Security Engineer

Rockville, MD

Full-time

Hybrid

Senior Level, Lead/Staff

$60K/yr - $140K/yr

8+ years exp

LCG, Inc. is seeking a Lead Security Engineer who will provide senior-level enterprise security engineering, architecture, and cloud security expertise. This role involves designing and implementing security solutions across on-premise and cloud environments, supporting security tool operations, and providing expert remediation guidance to address vulnerabilities and security gaps.

Health CareInformation Technology

Growth Opportunities

No H1B

Security Clearance Required

Responsibilities

Engineer and Implement Enterprise Security Solutions Design, engineer, and deploy security capabilities across enterprise systems to strengthen confidentiality, integrity, and availability of SAMHSA information resources

Analyze current environments and recommend the best security technology deployment strategies to address operational needs, compliance mandates, and evolving threats

Conduct gap analysis on security infrastructure across on-premise and cloud environments, identify weaknesses, and recommend improvements aligned with federal best practices

Provide technical solutions and engineering recommendations to address vulnerability findings, configuration weaknesses, and security control gaps uncovered through internal/external scanning and assessments

Support remediation validation by reviewing vulnerability evidence, confirming mitigation actions, and ensuring risk is reduced to acceptable levels per program expectations

Collaborate with developers, system engineers, and project teams to identify required protections throughout the system lifecycle and ensure projects integrate required security standards into development

Provide technical guidance on what engineering changes, patterns, and workflows are needed to satisfy HHS security requirements during development, modernization, and sustainment

Support the agency goal of adopting a DevSecOps model by helping define security strategies/capabilities and aligning security engineering controls with modern delivery pipelines

Collaborate with infrastructure teams to integrate security requirements into CI/CD pipelines and automation strategies for on-prem and cloud environments

Evaluate security technologies and tool capabilities, determine integration approaches, and create technical recommendations and implementation plans for deployment

Analyze HHS design requirements and ensure Client systems meet required enterprise security architecture expectations

Provide technical expertise for configuration, operations, and lifecycle maintenance of security tools and platforms, including upgrades/patching as needed

Coordinate with SAMHSA infrastructure teams and/or vendors to troubleshoot tool outages or failures impacting security monitoring and protection services

Support contractor team readiness through knowledge-sharing/training expectations to ensure security tooling can be operated and sustained effectively

Support integration of Continuous Diagnostics and Mitigation (CDM) capabilities into Client’s security architecture and ensure reporting readiness for the HHS CDM dashboard

Provide technical expertise to meet federal and HHS directed security capability integration requirements as Client implements mandated security services

Qualification

Enterprise Security ArchitectureCloud Security ExperienceVulnerability RemediationDevSecOps IntegrationCISSP CertificationSecurity Tool OperationsContinuous DiagnosticsMitigationTechnical GuidanceKnowledge SharingCollaboration Skills

Required

Bachelor's degree in a relevant field discipline (i.e. Cybersecurity / Information Assurance, or Computer Science, or Information Technology / Information Systems, or Computer Engineering / Systems Engineering, or Network Engineering / Telecommunications)

CISSP or CAP or CEH or Security+

8+ years of experience in enterprise security architecture, security engineering, and/or system administration supporting complex enterprise environments

2-3 years of direct cloud security experience supporting cloud-hosted systems and security control implementation (IaaS/PaaS/SaaS)

Experience assessing enterprise environments to determine security gaps and selecting the best deployment approach for security technologies

Experience providing remediation guidance for vulnerability findings and supporting secure development and modernization activities

Experience supporting CDM integrations and security reporting readiness

Experience working closely with engineering teams in a DevOps/DevSecOps environment and supporting CI/CD pipeline security integrations

The Lead Security Engineer Is Expected To Support Security Engineering Implementation And Operational Integration Across Tools Including, But Not Limited To Splunk (SIEM/log analytics), TrendMicro Deep Security, Tenable Nessus (vulnerability scanning), Carbon Black (endpoint security/EDR), Okta (identity access management), CyberArk (privileged access management), McAfee MVISION, AWS / Barracuda Web Application Firewall (WAF), DBProtect