Lead Security Engineer

less thanp>Solutions By Design II, LLC (SBD) is seeking a talentedless thanstrong>Lead Security Engineerless than/strong>to join our team in support of a program with our federal Health IT customer. The ideal candidate should have strong cyber security engineering experience in a cloud-based, Service Oriented Architecture environment following a DevSecOps automated approach to security. This individual will be responsible for the application security of a large, complex, high transaction volume cloud-based application. The individual will perform Application Static and Dynamic analysis, review reports and identify resolutions. The individual will work with the project team in analyzing and identifying the resolution for infrastructure scans. The Security Engineer will analyze the software design and implementations from a security perspective during the software development lifecycle and provide technical input and architecture / design recommendations to ensure that security is baked in and not added on to the system.less than/p>less thanp>This individual must possess strong technical skills coupled with interpersonal and communication skills to provide guidance to application software development team members. This person must possess a strong background in understanding and translating security controls and configuring and implementing internet security technologies.less than/p>less thanp>less thanem>Security Engineering Subject Matter Expertise:less than/em>less than/p>less thanul>less thanli>Experience with Java based middleware for enterprise integration technologyless than/li>less thanli>Perform ongoing threat modeling, security testing, and application code reviews from a security vulnerability perspective as well as recommend and/or implement proper remediationsless than/li>less thanli>Integrate security tools into a DevSecOps continuous delivery pipeline for a cloud-based containerized microservice software applicationless than/li>less thanli>Apply detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediationless than/li>less thanli>Develop, update, and manage architectural designs for solutions to business problemsless than/li>less thanli>Assist management team with analyzing applications, infrastructure vulnerability reports and identifying the application specific remediationless than/li>less thanli>Should be knowledgeable in web application dynamics and static analysis reports and identify the resolutionless than/li>less thanli>Strong experience in System Architecture, Design, Development and integration and deployment of multi-tier mission critical web Application systemsless than/li>less thanli>Mentor development teams on use of secure coding practices and evangelize secure software development practices and processesless than/li>less thanli>Perform threat analysis of identity and access management servicesless than/li>less thanli>Present application security architectures and designs to customers and management teamless than/li>less than/ul>less thanp>less thanem>Security Authorization and Governance Guidance and Leadership:less than/em>less than/p>less thanul>less thanli>Collaborate with ISSO to support efforts on behalf of team to navigate through customer authority to operate (ATO) process and requirementsless than/li>less thanli>Map and apply appropriate security controls from relevant security standards (e.g., NIST, FISMA, CIS benchmarks) to system design and implementationless than/li>less thanli>Prepare artifacts and input to facilitate organizational acceptance of system security capabilities for customer governance review boardsless than/li>less than/ul>less thanp>less thanem>Security Team Management:less than/em>less than/p>less thanul>less thanli>Serve as security team lead within overall project organization, providing day to day vision, direction, guidance and tasking to