Chief Security Engineer
Are you passionate about technology? Join our growing team! AboutWeb, an award-winning IT solutions company, has been providing excellence in product development, application design, and cybersecurity solutions, since 1998. We are a diverse blend of engineers, developers, and cybersecurity professionals, providing cutting-edge solutions to real-world issues and solving problems for clients.
AboutWeb is a subsidiary of Penacity, LLC.
AboutWeb is seeking experienced Key Personnel to join our bid for Federal contract.
Chief Security Engineer
Onsite: Arlington, VA
We are seeking an experienced Chief Security Engineer to join the Group and be part of a highly visible and strategic Cybersecurity Task Order in Arlington, VA. In this role you will perform technical planning, system integration, verification and validation, cost and risk, and supportability and effectiveness analyses for total systems. Perform analysis at all levels of total system product to include concept, design, fabrication, test, installation, operation, maintenance, and disposal. Responsible for the full range of security issues including architectures, firewalls, electronic data traffic, and network access. You will bring your demonstrated ability to understand government expectations and partner it with technology for desired business results.
The qualified candidate will perform the following tasks
- Collaborate with Government Counterparts in solution planning to effectively gain buy-in from applicable stakeholders. Then oversees execution by working closely with architects, engineers, and developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and enterprise solutions.
- Drive security execution strategy across multiple technical domains and advancing cyber resiliency capabilities' maturity and consults with fellow technical subject matter experts to develop technical solutions.
- Work closely with technical teams to assess security and develop/design solutions that align with federal's cyber resiliency, security strategies, and compliance needs.
- Researches and evaluates emerging technology, industry, and market trends to assist in project development and/or operational support activities.
- Apply system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; intrusion detection; incident handling; auditing.
- Lead operators in the administration of these systems; documents the operation, use, and expected outputs of these systems.
- Manage and execute security engineering activities during the analysis, design, development, and sustainment phases.
- Implements, maintains, and improves existing industry best practices of NIST security controls such as identity and access management, IDS/IPS, log analytics, encryption and data security.
- Resolves and mitigates vulnerabilities, design security functions and provides evidence-based reasoning to substantiate claims for trustworthy and secure work products.
- Track emerging security practices and innovations and work with the customer to execute where appropriate.
- Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
- Conduct risk assessment and provides recommendations for application design.
- Use encryption technology, penetration, and vulnerability analysis of various security technologies, and information technology security research.
- Develop trusted relationships with customers Domain knowledge expert with demonstrated experience providing cybersecurity subject matter expertise in various technical domains (i.e., Network Security, Endpoint/Server Security, Application Security, Cloud Security, Cyber Security Operations, Identity Management, etc.) in relation to cyber threats detection, prevention, and response capabilities.
- A proactive approach to identifying issues and problems, areas for improvement, and performance bottlenecks along with an ability to offer and implement solutions to address these.
- Skilled at providing direction for a large team and executing responsibilities without direct supervisor.
- Serve as a team or task lead.
- Minimum 20+ years IT experience
- Education: Master's degree in Computer Science, IT, Systems Engineering, or a related field
- Successful candidate will have completed one or more of the following certifications:
- ISC2 – Certified Cloud Security Professional (CCSP)
- ISC2 – Certified Information Systems Security Professional (CISSP)
- ISC2 – Certified Secure Software Lifecycle Professional (CSSLP)
- ISACA – Certified Information Security Manager (ISSM)
- SANS – Global Information Assurance Certification (GIAC) Cloud Security Essentials (GCLD), Cloud
- Security Automation (GCSA), Security Essentials (GSEC)s
Any of the following would be a plus : ITIL 4, SAFe Agile
If you are interested in applying for this job, or if you know someone who is (we offer referral bonuses), please get in touch with us at firstname.lastname@example.org.