Location: WASHINGTON, DC, United States
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Hybrid Remote

Target Salary: $145,000 plus benefits
Description

We are seeking a technical Security Tools Team Lead to join our dynamic team in supporting a critical US government agency in the National Capital Region. This role presents an exciting opportunity to lead the operation, maintenance, and modernization efforts of various security tools within a collaborative environment, reporting directly to the Security Operations Manager.

Responsibilities:

• Lead a team of security tool administrators responsible for the management and operation of key security technologies, including but not limited to AV / EDR, DLP, Web Proxy, Email Security, IDPS, and SIEM Technologies.
• Oversee deployment, update, and upgrade plans for security tools and execute tasks accordingly.
• Evaluate routine health checks reports, maintenance activities, updates, upgrades, and implementation of new capabilities.
• Troubleshoot security tools issues, escalate as necessary, and collaborate with vendors to resolve technical challenges.
• Support the deployment of new security tools as required.
• Develop, execute, and enhance work instructions and technical documentation related to security tool updates, upgrades, and health checks.
• Analyze performance issues of security tools using various diagnostic tools.
• Maintain accurate and comprehensive documentation of work activities in diverse formats, including work instructions, change management requests, incident tickets, and email communications.
• Drive efficiency improvements through process enhancements and automation initiatives.

This role does require 2 days per week in office.

Qualifications

Requirements:

• Bachelor’s degree in a relevant field plus seven (7) years of related information security experience, or ten (10) years of relevant work experience.
• Five to seven (5-7) years of hands-on experience working with various security tools and technologies, including SIEM platforms, antivirus solutions, endpoint detection and response solutions, DLP systems, web proxies, and intrusion detection/prevention systems.
• Proficiency in operating systems administration (Windows and Linux) and scripting/automation (e.g., Python, PowerShell) with at least two (2) years of relevant experience.
• Demonstrated experience in developing, executing, and enhancing work instructions and technical documentation pertaining to security tool administration.
• At least two to three (2-3) years of experience in a leadership or supervisory role, overseeing a team responsible for managing security tools and systems.
• Experience in mentoring and guiding junior team members, delegating tasks, and providing feedback on performance and development.
• Familiarity with relevant cybersecurity regulations, standards, and frameworks (e.g., NIST, FISMA, HIPAA, GDPR) and experience ensuring compliance with regulatory requirements.
• Possess industry-standard cybersecurity certifications such as Security+, CASP, CISSP, as well as vendor certifications from Cisco, Juniper, Palo Alto, Splunk, Microsoft, Red Hat, and others.
• Must be able to communicate effectively, both verbally and in writing, and work autonomously with minimal supervision.
• Proficiency in using Microsoft Word, PowerPoint, and SharePoint.

Clearance Requirement: All candidates must be eligible to obtain a US Public Trust Clearance.

2 days per week on-site in Washington, DC

Able to obtain Public Trust Clearance

H1/Greencard/Citizenship holders are acceptable

Salary Range: $125000

Job Description:

We are looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance support by providing direct support in managing and documenting the ongoing security posture of the agency.  The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. Specifically, this job requires the following:

• Develop and maintain IT security controls per NIST SP 800-53 and Agency Security Policy standards.
• Collect and validate control implementation statements from subject matter experts.
• Consult with experts to ensure work instructions align with agency security standards.
• Conduct risk assessments for security issues and propose resolutions.
• Document and communicate control deficiencies for POA&M consideration.
• Support Continuous Security Monitoring for compliance with agency Security Policy
• Assist in developing security policies, ensuring compliance, and updating documentation.
• Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
• Review and assess POA&M outputs, recommending additional work or closure.
• Support IT Governance, Risk, and Compliance activities, including standards management.
• Provide information for status reports, briefings, schedules, and project plans in written and oral form.

This role requires on site work in Washington, D.C. 2 days per week.

Qualifications

EDUCATION & EXPERIENCE:

• Undergraduate degree with nine years or Graduate degree with 7 years of IT control or IT security experience in a technical environment with a variety of IT systems.
• One or more current Security certifications (CISSP, CISM, Security+).
• Experience serving in an information system engineer/administrator role implementing security controls.

REQUIRED SKILLS:

• A solid understanding of IT security controls, tools, and concepts.
• Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc.
• Understanding of OMB M-22-09 and EO 14028
• Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
• Experience implementing security measures within information systems engineering projects.
• Understanding of web application security concepts, such as OWASP Top 10 vulnerabilities.
• Knowledge of cloud security principles and best practices, particularly for major cloud platforms like AWS, Azure, or Google Cloud.
• Familiarity with GRC frameworks/tools (Archer, eMASS, CSAM) and SA&A tools (Xacta).
• Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
• Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
• Proficiency in network security principles, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure network architectures.
• Strong understanding of operating systems (e.g., Windows, Linux/Unix) and their security features and vulnerabilities.
• Knowledge of encryption protocols and techniques, such as SSL/TLS, AES, RSA, etc.
• Familiarity with security assessment tools and techniques, including vulnerability scanning, penetration testing, and ethical hacking.
• Experience with security information and event management (SIEM) systems for log analysis and threat detection.
• Fluency in spoken/written English for technical content, with strong communication skills.
• Experience producing high-quality deliverables with minimal edits, quick review, and feedback on federal security doctrine.
• Ability to thrive in a fast-paced environment, outstanding customer service skills.
• Ability to document processes, explain complex policies in simple terms.
• Familiarity with latest IT trends, security standards, excellent analytical thinking, and problem-solving skills.

Candidates for consideration must be eligible to obtain and maintain a Public Trust clearance.