
Posted a day ago
Lead Security Engineer
Dev TechnologyLead Security Engineer
Perks & benefits
Health InsurancePaid LeaveEducation AllowanceMobile AllowanceRelocation AllowanceVisa
Requirements
Bachelor's degree in IT or related field, 15+ years of cybersecurity experience, CISSP certification, CCSP certification, U.S. Citizenship
Skills
DevSecOpsCybersecurity
About the role
Responsibilities
- Lead the design and implementation of application security solutions, frameworks, and processes across all phases of the SDLC
- Implement Zero Trust (ZT) principles for applications, workloads, and data
- Integrate security into DevSecOps CI/CD pipelines, including automated code inspection and SBOM generation
- Direct SAST/DAST, vulnerability assessments, and penetration testing
- Lead threat modeling exercises to identify attack vectors and mitigation strategies
- Support the Authorization to Operate (ATO) process and POA&M management
- Implement security controls in accordance with NIST Cybersecurity Framework and NIST SP 800-53
- Design secure architecture patterns including secure API design, authentication, and encryption
- Develop metrics and dashboards to track application security posture
- Collaborate with developers and engineers to identify and mitigate vulnerabilities
Requirements
- Bachelor’s degree in IT, Computer Science, Cybersecurity, or related field
- 15+ years of relevant IT/cybersecurity experience at an SME level
- Certified Information Systems Security Professional (CISSP) certification
- Certified Cloud Security Professional (CCSP) certification
- Expertise in integrating security into DevSecOps SDLC
- Hands-on experience with Zero Trust Architecture and NIST SP 800-53
- Proven experience in vulnerability assessments, penetration testing, and threat modeling
- Experience supporting the ATO lifecycle
- U.S. Citizenship required
Preferred Qualifications
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Experience generating Software Bill of Materials (SBOMs)
- Familiarity with SIEM deployment and container hardening
- Experience in large-scale, multi-cloud federal environments and FedRAMP processes
About the Company
Dev Technology is a growing IT company with an employee-centric culture that works on mission-critical projects for the federal government. We use Agile and DevSecOps principles to provide services including application development, cloud optimization, and IT modernization.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeLead Security Engineer
Dev Technology · Suitland
