Security Architecture / Engineering Lead
Devis · Bethesda, MD · 1 wk ago
On-siteArt & Creative$110k–$130k/yrFull-time
Primary Duties
- Operate, manage, deploy, and maintain enterprise security tools (SIEM, EDR, NGFW, cloud security, DLP, PAM, IDS/IPS) and supporting infrastructure
- Maintain a minimum 95% monthly operational availability for contractor-managed cybersecurity systems and services
- Configure, tune, patch, and troubleshoot security devices; update sensors and signatures in support of monitoring and incident response
- Identify infrastructure gaps and recommend improvements to visibility and security
- Design, document, and implement Zero Trust security solutions across on-premises and cloud environments per OMB M-22-09
- Produce Baseline Zero Trust Security Architecture Reference Documents and the Privileged Access SOP
- Provide enhanced incident response capabilities as part of Zero Trust architectures
- Provide contingency planning support for emergency restoration and disaster recovery of security systems
- Perform and verify backups; manage the Security Artifact / ATO Tracking System
- Maintain configuration management data, maintenance logs, and architecture documentation
- Deliver System Availability & Uptime Reports and gaps-remediation reporting
Required Qualifications
- Education & Experience:
- Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related field (or equivalent experience)
- Minimum 7 years engineering and administering enterprise security infrastructure
- Demonstrated experience designing and implementing Zero Trust architectures in hybrid environments
- CISSP (or comparable senior security certification)
- Relevant OEM/platform certifications for the deployed toolset are a plus
- Hands-on experience with enterprise SIEM, EDR, NGFW, cloud security, DLP, PAM, and IDS/IPS technologies
- Cloud and on-premises security engineering; familiarity with WAFs and network security
- Understanding of OMB M-22-09 and federal Zero Trust requirements
- Ability to brief technical and executive audiences on security-engineering decisions
- Strong documentation and cross-team coordination skills
- Experience supporting NIH/HHS or federal hybrid (on-prem + cloud) environments
- Experience with NIH STRIDES or comparable cloud programs
- Automation/scripting for security operations
- Credentialing:
- Must be able to obtain and maintain the NIH/OD/OIT required clearance level and complete all suitability/onboarding requirements