Lead Principal Security Engineer TA2-13 HSEN

Job Description

Job Description : \n\nDescription : TA2 -13 Lead Principal Security Engineer | 25-02-10 (LCAT : Senior Security Engineer) Position Summary Softek International is seeking a Lead Principal Security Engineer to support the DHS Enterprise Engineering Division (EED) Enterprise Security Engineering (ESE) team within the Office of the Chief Information Officer (OCIO)’s IT Operations Directorate. The ESE is responsible for designing and implementing advanced security architectures, providing support for complex security incidents, ensuring the continuous protection compliance of the network and security infrastructure, and implementation and administration of a portfolio of security tools that protect DHS information systems and data. This team supports management and oversight of the technical infrastructure and security tools, sensors, servers, and data storage devices to support the DHS Network Operations Security Center (NOSC) Cyber (SOC) and other DHS stakeholders and Components. This role provides a team of security engineers with strategic guidance, technical expertise, and mentorship. This includes advising on best practices for security architecture and design, offering insights on the latest security threats and mitigation techniques, and helping to troubleshoot and resolve complex security issues. This role provides strategic and tactical direction to a high functioning team of security engineers, data center specialists, and several DHS stakeholder groups. This role requires a deep understanding of security principles, advanced technical skills, and the ability to lead and mentor a team of security professionals. This role must work in collaboration with government leads to understand DHS goals and develop plans to implement those goals. Candidates must be able to convey…

• Experience and ability to provide leadership and hands-on support to teams of engineers.
• Proven experience and capability to effectively engage with Federal technical leadership.
• MUST reside in the DC / MD / VA or Stennis, MS region (~50 miles).
• MUST have active Top Secret with ability to receive SCI at DHS. The candidate’s core responsibilities will be to :
• Maintain and improve network and security capabilities, including modernization and emerging technologies.
• Ensuring the security tools and infrastructure are available and operational from the perimeter down to the endpoints and data itself.
• Providing support to maintaining and maturing security tool architecture for security operations monitoring. Duties / Responsibilities
• Provide lead advisory on the design, development, implementation, and maintenance of security architectures and designs for DHS network and security infrastructure, ensuring they meet the highest standards of security and compliance.
• Provide Tier 3 operations support for complex security incidents and issues, working closely with other IT and security teams.
• Collaborate with stakeholders to develop and enforce security policies, standards, and procedures.
• Prepare and present reports on security metrics, incidents, and overall security posture to senior management.
• Mentor and guide security engineers, fostering a culture of continuous learning and development.
• Coordinate and track all security engineering and architecture projects and priorities, providing input for plans of action and milestones.
• Align resources, including personnel, effectively meet project deadlines and communicate project risks, issues, blockers, and program status updates for all efforts to corporate and federal leadership.
• Participate in incident response and forensic investigations as needed.
• Identify staffing needs to support requirements; source and develop engineering staff.
• Develop and maintain installation, configuration, and security procedures.
• Research and recommend innovative, and where possible, automated approaches for system administration tasks. Identify approaches that leverage our resources and provide economies of scale.
• Conduct market research, product evaluation, prototyping, integration, development, deployment, recapitalization, operations, and maintenance support for a variety of security software and computing and networking technologies.
• Work with other network architects and engineers and DHS stakeholders in the design, installation, and configuration of the network to achieve the established business and security requirements.
• Perform “as is” analyses of existing security technologies and make recommendations and produce roadmaps of changes as needed to optimize performance and improve network performance.
• Take a lead role in the design process, working closely with the program team.
• Establish working relationships with vendors to ensure alignment with current and future government requirements and emerging capabilities. Qualifications / Requirements
• Minimum of 8-10 years of experience in network and security engineering, with at least 3 years in a leadership role.
• Strong knowledge of security architecture, design, and engineering principles.
• Proficiency with security technologies such as firewalls, IDS / IPS, VPNs, SIEM, and endpoint protection.
• Experience with cloud security (AWS, Azure, GCP) and securing hybrid environments.
• Familiarity with VMWare and Linux environments, including configuration, management, and security best practices.
• Excellent problem-solving skills and the ability to handle complex security incidents.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
• Practical knowledge of network and security tools and how they are administered and integrated into a SOC / NOC environment.
• Experience implementing, managing, and maintaining a Zero Trust architecture supported by Cloud Access Security Broker (CASB) and Cloud Secure Gateway (CSG) technologies.
• Coordinate with related technology acquisition programs and communities of interest to leverage ongoing investments in tools such as Splunk, Swimlane, Crowdstrike, Grafana, Axonius, Tenable, GitLab, etc.
• Must be resourceful in multitasking tasks and projects and communicating in a dynamic network.
• Prior consulting or contracting experience is ideal; DHS experience is a plus.
• U.S. citizenship required with an active Top-Secret clearance with the ability to receive SCI. Education
• Bachelor’s degree in computer science, Information Technology, Cybersecurity or a related field. Advanced degree preferred. Certifications of Interest (Desired, but not required)
• CISSP (Certified Information Security Systems Professional)
• CISM (Certified Information Security Manager)
• PMI Project Management Professional (PMP)
• CEH (Certified Ethical Hacker)
• CompTIA Security
• ITIL Foundations
• Experience with Agile-based project management (primary Kanban) – Certified Scrum Master (CSM) or Professional Scrum Master (PSM) Technical Certifications of Interest (Not Required)
• RHCE (Red Hat Certified Engineer)
• Red Hat Certified Architect (RHCA)
• RHCSA (Red Hat Certified System Administrator)
• RHCE (Red Hat Certified Engineer)
• MCSA (Microsoft Certified Solutions Associate)
• MCSE (Microsoft Certified System Expert) Software / Hardware Experience Desired Splunk Enterprise, Crowdstrike, Ansible, Red Hat, Linux, Tenable, AWS and Azure CloudRequirements : TA2 -13 Lead Principal Security Engineer | 25-02-10 (LCAT : Senior Security Engineer) Position Summary Softek International is seeking a Lead Principal Security Engineer to support the DHS Enterprise Engineering Division (EED) Enterprise Security Engineering (ESE) team within the Office of the Chief Information Officer (OCIO)’s IT Operations Directorate. The ESE is responsible for designing and implementing advanced security architectures, providing support for complex security incidents, ensuring the continuous protection compliance of the network and security infrastructure, and implementation and administration of a portfolio of security tools that protect DHS information systems and data. This team supports management and oversight of the technical infrastructure and security tools, sensors, servers, and data storage devices to support the DHS Network Operations Security Center (NOSC) Cyber (SOC) and other DHS stakeholders and Components. This role provides a team of security engineers with strategic guidance, technical expertise, and mentorship. This includes advising on best practices for security architecture and design, offering insights on the latest security threats and mitigation techniques, and helping to troubleshoot and resolve complex security issues. This role provides strategic and tactical direction to a high functioning team of security engineers, data center specialists, and several DHS stakeholder groups. This role requires a deep understanding of security principles, advanced technical skills, and the ability to lead and mentor a team of security professionals. This role must work in collaboration with government leads to understand DHS goals and develop plans to implement those goals. Candidates must be able to convey…
• Experience and ability to provide leadership and hands-on support to teams of engineers.
• Proven experience and capability to effectively engage with Federal technical leadership.
• MUST reside in the DC / MD / VA or Stennis, MS region (~50 miles).
• MUST have active Top Secret with ability to receive SCI at DHS. The candidate’s core responsibilities will be to :
• Maintain and improve network and security capabilities, including modernization and emerging technologies.
• Ensuring the security tools and infrastructure are available and operational from the perimeter down to the endpoints and data itself.
• Providing support to maintaining and maturing security tool architecture for security operations monitoring. Duties / Responsibilities
• Provide lead advisory on the design, development, implementation, and maintenance of security architectures and designs for DHS network and security infrastructure, ensuring they meet the highest standards of security and compliance.
• Provide Tier 3 operations support for complex security incidents and issues, working closely with other IT and security teams.
• Collaborate with stakeholders to develop and enforce security policies, standards, and procedures.
• Prepare and present reports on security metrics, incidents, and overall security posture to senior management.
• Mentor and guide security engineers, fostering a culture of continuous learning and development.
• Coordinate and track all security engineering and architecture projects and priorities, providing input for plans of action and milestones.
• Align resources, including personnel, effectively meet project deadlines and communicate project risks, issues, blockers, and program status updates for all efforts to corporate and federal leadership.
• Participate in incident response and forensic investigations as needed.
• Identify staffing needs to support requirements; source and develop engineering staff.
• Develop and maintain installation, configuration, and security procedures.
• Research and recommend innovative, and where possible, automated approaches for system administration tasks. Identify approaches that leverage our resources and provide economies of scale.
• Conduct market research, product evaluation, prototyping, integration, development, deployment, recapitalization, operations, and maintenance support for a variety of security software and computing and networking technologies.
• Work with other network architects and engineers and DHS stakeholders in the design, installation, and configuration of the network to achieve the established business and security requirements.
• Perform “as is” analyses of existing security technologies and make recommendations and produce roadmaps of changes as needed to optimize performance and improve network performance.
• Take a lead role in the design process, working closely with the program team.
• Establish working relationships with vendors to ensure alignment with current and future government requirements and emerging capabilities. Qualifications / Requirements
• Minimum of 8-10 years of experience in network and security engineering, with at least 3 years in a leadership role.
• Strong knowledge of security architecture, design, and engineering principles.
• Proficiency with security technologies such as firewalls, IDS / IPS, VPNs, SIEM, and endpoint protection.
• Experience with cloud security (AWS, Azure, GCP) and securing hybrid environments.
• Familiarity with VMWare and Linux environments, including configuration, management, and security best practices.
• Excellent problem-solving skills and the ability to handle complex security incidents.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
• Practical knowledge of network and security tools and how they are administered and integrated into a SOC / NOC environment.
• Experience implementing, managing, and maintaining a Zero Trust architecture supported by Cloud Access Security Broker (CASB) and Cloud Secure Gateway (CSG) technologies.
• Coordinate with related technology acquisition programs and communities of interest to leverage ongoing investments in tools such as Splunk, Swimlane, Crowdstrike, Grafana, Axonius, Tenable, GitLab, etc.
• Must be resourceful in multitasking tasks and projects and communicating in a dynamic network.
• Prior consulting or contracting experience is ideal; DHS experience is a plus.
• U.S. citizenship required with an active Top-Secret clearance with the ability to receive SCI. Education
• Bachelor’s degree in computer science, Information Technology, Cybersecurity or a related field. Advanced degree preferred. Certifications of Interest (Desired, but not required)
• CISSP (Certified Information Security Systems Professional)
• CISM (Certified Information Security Manager)
• PMI Project Management Professional (PMP)
• CEH (Certified Ethical Hacker)
• CompTIA Security
• ITIL Foundations
• Experience with Agile-based project management (primary Kanban) – Certified Scrum Master (CSM) or Professional Scrum Master (PSM) Technical Certifications of Interest (Not Required)
• RHCE (Red Hat Certified Engineer)
• Red Hat Certified Architect (RHCA)
• RHCSA (Red Hat Certified System Administrator)
• RHCE (Red Hat Certified Engineer)
• MCSA (Microsoft Certified Solutions Associate)
• MCSE (Microsoft Certified System Expert) Software / Hardware Experience Desired Splunk Enterprise, Crowdstrike, Ansible, Red Hat, Linux, Tenable, AWS and Azure Cloud