Security Engineer Lead

LTS is seeking an experienced Security Engineer Lead to support a program within the Department of Commerce. This position is responsible for leading technical security initiatives, identifying and mitigating cybersecurity risks, and ensuring that the department's IT systems, networks, and applications are protected from internal and external threats. The Lead Security Engineer will collaborate closely with other IT and cybersecurity teams to enforce best practices, address vulnerabilities, and support compliance with relevant regulations and standards. This position is on-site in Washington D.C.

LTS provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.

LTS is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver cutting edge solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure and data analytics.

Responsibilities

• Conducts Privacy Impact Assessments (PIAs) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII).
• Designs and develops cybersecurity or cybersecurity-enabled products.
• Designs hardware, operating systems, and software applications to adequately address cybersecurity requirements.
• Designs or integrates appropriate data backup capabilities into overall system designs and ensure that appropriate technical and procedural processes exist for secure system backups and protected storage of backup data.
• Develops and directs system testing and validation procedures and documentation.
• Develops detailed security design documentation for component and interface specifications to support system design and development.
• Develops Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment.
• Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications. 
• Identifies and directs the remediation of technical problems encountered during testing and implementation of new systems (e.g., identify and find workarounds for communication protocols that are not interoperable).
• Identifies and prioritizes essential system functions or sub-systems required to support essential capabilities or business functions for restoration or recovery after a system failure or during a system recovery event based on overall system requirements for continuity and availability.
• Identifies, assesses, and recommends cybersecurity or cybersecurity-enabled products for use within a system and ensure that recommended products are in compliance with organization's evaluation and validation requirements. Implements security designs for new or existing system(s).
• Incorporates cybersecurity vulnerability solutions into system designs (e.g., Cybersecurity Vulnerability Alerts).
• Performs risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Designs, implements, tests, and evaluates secure interfaces between information systems, physical systems, and/or embedded technologies.
• Designs, develops, integrates, and updates system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.
• Designs security requirements to ensure requirements are met for all systems and/or applications.
• Develops mitigation strategies to address cost, schedule, performance, and security risks.
• Performs security reviews and identify security gaps in architecture.
• Traces system requirements to design components and perform gap analysis.
• Verifies stability, interoperability, portability, and/or scalability of system architecture.
  
  

Required Skills, Experience & Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Minimum of 7 years of experience in cybersecurity engineering or a related field.
• Certification as a network engineer and/or industry standard certifications (e.g. Security , CISSP) is required.
• Must be a U.S. citizen.
• Extensive experience with security tools and technologies, such as SIEM, IDS/IPS, endpoint protection, firewalls, vulnerability scanning, and encryption technologies.
• Proficiency in security protocols, encryption standards, and secure communication practices.
• Familiarity with cloud security models (e.g., AWS, Azure, GCP) and securing cloud-based infrastructures.
• Strong knowledge of IT networking concepts (e.g., TCP/IP, VPNs, firewalls, IDS/IPS) and network security.
• Strong written and verbal communication skills, with the ability to deliver clear, concise reports and messages to all levels of management.
• Excellent interpersonal abilities, with a strong capacity to work independently with minimal supervision or guidance.
• Strong analytical abilities and problem-solving skills, with the ability to design effective solutions for complex challenges.
• Experience working with federal agencies or understanding of government-specific cybersecurity regulations and standards.
• Deep understanding of federal procurement and contracting processes, project life cycles, and government reporting requirements.
  
  

LTS is committed to offering eligible employees comprehensive benefits that will provide them with options intended to meet their needs and the needs of their family.