Jobs · Management · Maryland

Security Lead

Commence · Baltimore, MD · 2 wk ago
ManagementFull-time

Key Responsibilities

  • Lead the program's cybersecurity strategy and ensure compliance with CMS ARS, FISMA, HIPAA/HITECH, NIST 800-53, and FedRAMP requirements
  • Develop and maintain security plans, policies, and procedures aligned to federal standards
  • Support Authority to Operate (ATO) activities and coordinate with government security officials and compliance auditors
  • Manage Plan of Action and Milestones (POA&M) activities and maintain the program risk register
  • Review and approve AWS cloud architecture designs, ensuring secure implementation of cloud-native services and security controls
  • Enforce IAM policies, MFA, encryption at rest and in transit, network segmentation, and Zero Trust principles
  • Embed security controls into CI/CD pipelines and validate cloud configurations against security baselines
  • Implement automated scanning for source code, containers, Kubernetes workloads, Infrastructure as Code (IaC), and open-source dependencies
  • Conduct security risk assessments and threat modeling; identify vulnerabilities and develop mitigation strategies
  • Evaluate third-party and integration partner security risks
  • Define data classification, handling, retention, and destruction requirements to protect PII and PHI
  • Review interoperability and data-sharing solutions for HIPAA privacy compliance
  • Develop and maintain incident response procedures and support SIEM-based monitoring and alerting strategies
  • Coordinate response activities for security incidents and vulnerabilities
  • Participate in Architecture Review Boards (ARBs) and review application, integration, data, and infrastructure designs for security gaps
  • Ensure secure API and interoperability implementations across all integrated systems

Qualifications

  • Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field (Master's preferred)
  • 10+ years of cybersecurity experience, including 5+ years supporting federal government programs
  • 5+ years securing cloud-based solutions, preferably AWS
  • Experience supporting healthcare or CMS-related systems
  • Experience with ATO processes and federal compliance frameworks
  • Experience leading security teams in Agile and DevSecOps environments

Preferred Qualifications

  • CISSP – Certified Information Systems Security Professional
  • CCSP – Certified Cloud Security Professional
  • AWS Certified Security – Specialty
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Certifications

Similar jobs

Security Lead

KBR CareersLexington Park, MD· 1 wk ago
Information Technologyapply on careers.kbr.com

Security Lead

CarvanaTooele, UT· 5 days ago
Information Technology$62k/yrapply on carvana.com

Security Lead

DOMA TechnologiesAnnapolis Junction, MD· 1 mo ago
Information Technologyapply on recruiting.paylocity.com

Security Lead

Virgin GalacticGreater Phoenix Area· 3 days ago
Information Technology$82k–$125k/yrapply on vgcareers.virgingalactic.com

Security Lead

Legends GlobalFort Worth, TX· 2 wk ago
Managementapply on asmglobal.wd1.myworkdayjobs.com

Security Lead

CarvanaChesterfield, VA· 1 mo ago
Information Technologyapply on carvana.com