Information Security Engineer Lead

Key Role:

Lead staff in the design, engineering, integration, implementation, testing, deployment, maintenance, review, and administration of the infrastructure, hardware, and software that are required to effectively manage the security and risk posture of the network and resources. Analyze the development of system concepts and apply an advanced understanding of the systems engineering life cycle to translate Cyber strategic objectives, technology, and environmental conditions into engineering outcomes and solutions. Lead the analysis of trends and emerging technology for potential program modernization. Provide leadership and mentoring for junior employees. Contribute to the development of innovative principles and ideas. Work on unusually complex problems and provides highly creative solutions.Act as the leader on large programs and projects that affect the organization's long-term goals and objectives.

Basic Qualifications:

-8 years of experience with information Cybersecurity engineering or security operations

-2 years of experience with the design and implementation of enterprise-wide security controls to secure systems, applications, networks or infrastructure services

-Experience in securing enterprise web applications and familiarity with Open Web Application Security Project (OWASP) Top 10

-Experience with public Cloud services providers, including Amazon Web Services (AWS) or Microsoft Azure

-Experience with security tools and devices, including network firewalls, weby proxy, intrusion prevention systems, vulnerability scanners or penetration tools

-Knowledge of Federal compliance standards, including NIST 800-53, FIPS, or FedRAMP

-Knowledge of Transmission Control Protocol Internet Protocol (TCP/IP) networking concepts and Domain Name Servers (DNS) and using packet analysis tools, including Wireshark or tcpdum

-Ability to obtain a security clearance

-BA or BS degree

-Global Information Assurance (GIAC) Security Certification

Additional Qualifications:

-4 years of experience with building and administering security devices, including network firewalls, web proxies, data loss prevention systems, and intrusion prevention systems, building and administering Windows Server and Active Directory, Linux or UNIX-based systems, or network devices, such as Cisco or Juniper, conducting dynamic web application security testing, both manual testing and application security tools to discover exploitable vulnerabilities, conducting database security assessment and monitoring and managing Cloud security operations, including identity and access control, secure configuration management, network security, enforcement policy scripting, workload security, data security, and logging, or public key infrastructure (PKI) management and data encryption for data-at-rest and data-in-transit

-BA or BS degree in information security, computer engineering, information systems, telecommunications, or technology


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-AH1, CJ1

Not ready to apply? Join our talent community and sign up for job alerts.