As a Lead Security Engineer, you will contribute to improving the overall security posture of the organization by implementing, upgrading and monitoring security measures for the protection of computer networks and information. In collaboration with Security Engineering and Operations, you will develop, review, and implement security strategies and best practices.
What You Will Do:
- Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
- Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM
- Determine security requirements for cloud platform services and components
- Conduct system security and vulnerability analyses, and risk assessments
- Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly.
- Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services
- Provide guidance to product owners and DevOps teams in adoption of security best practices
- Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions
- Identify and evaluate emerging security technologies
What You Bring to Karsun:
- Typically requires a bachelor’s degree in Information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience Engineering, math, and/or science degrees are acceptable substitute degrees.
- 10+ years of related professional experience including:
- 6+ years of experience with core cybersecurity architecture
- 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation.
- 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications.
- 1+ year of AWS based Cloud security constructs, services and tools working experience
- Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures.
- Demonstrated experience in a DevSecOps environment.
- Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software.
- Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO.
- Demonstrated experience in supporting all system A&A activities.
- Knowledge of SDLC with experience in Agile methodologies
- One or more cybersecurity certifications (examples below):
- CAP
- CISSP
- GSEC
- GICSP
- CCSP
- CISA
- CISM
- GSLC
- AWS Certified Associate Solutions Architect
- Ability to obtain and maintain a Public Trust clearance
In accordance with pay transparency guidelines, the proposed salary range for this position is $112,000 to $144,000. Final salary will be determined based on various factors such as relevant skills, experience and certifications.
At Karsun, we celebrate your contributions, provide you with opportunities and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, supplemental benefit offerings and training.
Innovate, Grow and Do Extraordinary Together, is at the core of everything we do at Karsun!
At Karsun, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Karsun believes that diversity and inclusion among our teammates is critical to our success, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.
The Virginia Chamber of Commerce, Washington Business Journal and Inc. all recognize Karsun Solutions among the fastest-growing companies in the Washington, D.C. region. Our teams deliver modern software development, cloud solutions, and data and analytics solutions to customers at government agencies including the Department of Homeland Security, Federal Aviation Administration, and General Services Administration. We possess CMMI Level 5 – DEV appraisal, and several AWS Government Competencies.
Karsun does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Karsun and Karsun will not be obligated to pay a placement fee.
