×
Register Here to Apply for Jobs or Post Jobs. X

Lead Security Engineer

Job in Suitland, Prince George's County, Maryland, 20746, USA
Listing for: Bart & Associates, Inc.
Full Time position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Systems Engineer
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Lead Security Engineer

We are seeking a Subject Matter Expert (SME)-level Lead Security Engineer to lead application security across a large-scale, cloud-native federal modernization program supporting the U.S. Census Bureau’s Decennial Transformation and Application Modernization (DTAM) effort. This role provides technical and management leadership on major security tasks, embedding security into every phase of the System Development Life Cycle (SDLC) using a Dev Sec Ops  methodology.

The ideal candidate will architect and enforce Zero Trust principles, drive Authorization to Operate (ATO) activities, and direct application security testing, threat modeling, and vulnerability remediation across a System of Systems (SoS). This position interfaces with senior Government stakeholders and the Office of Information Security (OIS), and decision-making and domain knowledge may have a critical impact on overall program implementation.

May supervise others.

Responsibilities
  • Lead the design and implementation of application security solutions, frameworks, and processes across all phases of the SDLC, in compliance with U.S. Census Bureau (USCB) and Office of Information Security (OIS) policies
  • Implement Zero Trust (ZT) principles for applications, workloads, and data, aligned with EO 14028, OMB M-22-09, and NIST SP 800-207 (Zero Trust Architecture)
  • Integrate security into Dev Sec Ops  CI/CD pipelines, establishing security gates, automated code inspection, and supply-chain controls including Software Bill of Materials (SBOM) generation
  • Direct Static and Dynamic Application Security Testing (SAST/DAST), vulnerability assessments, and penetration testing to identify, triage, and remediate security weaknesses
  • Lead threat modeling exercises to analyze application architecture, identify attack vectors, and document mitigation strategies throughout design, development, testing, and deployment
  • Support the Authorization to Operate (ATO) process, including security control assessment, artifact and evidence collection, Privacy Threshold Analysis/Privacy Impact Assessment support, and Plan of Action and Milestones (POA&M) management
  • Implement security controls in accordance with the NIST Cybersecurity Framework and NIST SP 800-53, and remediate identified vulnerability and compliance findings
  • Design and implement secure architecture patterns – secure API design, authentication/authorization, input validation, encryption, secure logging and monitoring (SIEM), and secure error/session/configuration management
  • Develop and maintain metrics, dashboards, and reporting to track application security posture, threat trends, and remediation progress over time
  • Support the development and management of Interagency Security Agreements (ISA), security playbooks, and incident response in accordance with current cybersecurity policies
  • Collaborate with application developers, data engineers, systems engineers, and OIS to identify and mitigate vulnerabilities, and provide expert security consultation to development teams
  • Assist in FedRAMP certification activities and the assessment/remediation of independent penetration testing results, as applicable
Education and Experience
  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field
  • 15+ years of relevant IT/cybersecurity experience, providing technical and management leadership on major tasks or technology assignments (SME level)
Required Skills
  • Demonstrated expertise integrating security into a Dev Sec Ops  SDLC, including CI/CD security gates and automated security testing
  • Hands‑on experience implementing Zero Trust Architecture and applying NIST SP 800-53 controls and the NIST Cybersecurity Framework
  • Proven experience leading vulnerability assessments, penetration testing, and threat modeling for enterprise applications
  • Experience supporting the ATO lifecycle and managing POA&Ms, security artifacts, and evidence collection
Certifications Required
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
Desired
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
Desired Skills
  • Expe…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary