Lead Security Engineer
Bna Inc
Description Lead Security Engineer At B&A, we foster and embrace a distinct set of values that we live by and instill in all aspects of our organization: dedication, commitment, partnership, trust, and recognition. We have incorporated these values into successful delivery for our customers since 1988. B&A believes in ensuring its employees feel deeply connected to B&A, recognizing successes and hard work, and providing continuous opportunities to learn and grow. Our people are entrepreneurial thinkers that combine mindset, vision, and experience to drive value – not only to us as an organization, but to the clients we support. We promote a collaborative culture with our clients, and with each other, as one team working towards a common vision. We’d love for you to join our team! Job Summary We are seeking a Subject Matter Expert (SME)–level Lead Security Engineer to lead application security across a large-scale, cloud-native federal modernization program supporting the U.S. Census Bureau’s Decennial Transformation and Application Modernization (DTAM) effort. This role provides technical and management leadership on major security tasks, embedding security into every phase of the System Development Life Cycle (SDLC) using a DevSecOps methodology. The ideal candidate will architect and enforce Zero Trust principles, drive Authorization to Operate (ATO) activities, and direct application security testing, threat modeling, and vulnerability remediation across a System of Systems (SoS). This position interfaces with senior Government stakeholders and the Office of Information Security (OIS), and decision‑making and domain knowledge may have a critical impact on overall program implementation. May supervise others. Responsibilities Lead the design and implementation of application security solutions, frameworks, and processes across all phases of the SDLC, in compliance with U.S. Census Bureau (USCB) and Office of Information Security (OIS) policies Implement Zero Trust (ZT) principles for applications, workloads, and data, aligned with EO 14028, OMB M-22-09, and NIST SP 800-207 (Zero Trust Architecture) Integrate security into DevSecOps CI/CD pipelines , establishing security gates, automated code inspection, and supply‑chain controls including Software Bill of Materials (SBOM) generation Direct Static and Dynamic Application Security Testing (SAST/DAST) , vulnerability assessments, and penetration testing to identify, triage, and remediate security weaknesses Lead threat modeling exercises to analyze application architecture, identify attack vectors, and document mitigation strategies throughout design, development, testing, and deployment Support the Authorization to Operate (ATO) process, including security control assessment, artifact and evidence collection, Privacy Threshold Analysis/Privacy Impact Assessment support, and Plan of Action and Milestones (POA&M) management Implement security controls in accordance with the NIST Cybersecurity Framework and NIST SP 800-53 , and remediate identified vulnerability and compliance findings Design and implement secure architecture patterns – secure API design, authentication/authorization, input validation, encryption, secure logging and monitoring (SIEM), and secure error/session/configuration management Develop and maintain metrics, dashboards, and reporting to track application security posture, threat trends, and remediation progress over time Support the development and management of Interagency Security Agreements (ISA) , security playbooks, and incident response in accordance with current cybersecurity policies Collaborate with application developers, data engineers, systems engineers, and OIS to identify and mitigate vulnerabilities, and provide expert security consultation to development teams Assist in FedRAMP certification activities and the assessment/remediation of independent penetration testing results, as applicable Education and Experience Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field 15+ years of relevant IT/cybersecurity experience, providing technical and management leadership on major tasks or technology assignments (SME level) Required Skills Demonstrated expertise integrating security into a DevSecOps SDLC, including CI/CD security gates and automated security testing Hands‑on experience implementing Zero Trust Architecture and applying NIST SP 800-53 controls and the NIST Cybersecurity Framework Proven experience leading vulnerability assessments, penetration testing, and threat modeling for enterprise applications Experience supporting the ATO lifecycle and managing POA&Ms, security artifacts, and evidence collection Certifications Required: Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Desired: Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Desired Skills Experience generating Software Bill of Materials (SBOMs) and implementing software supply‑chain security controls Familiarity with SIEM deployment, container/image hardening, and secure baseline configuration Experience in large‑scale, multi‑cloud federal environments and FedRAMP processes Strong analytical, problem‑solving, written, and verbal communication skills, including the ability to brief senior Government stakeholders Security Clearance U.S. Citizenship required EEO B&A provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. B&A complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities. This policy covers conduct occurring at B&A’s offices, and other workplaces (including client sites) and all other locations where B&A is providing services, and to all work‑related activities. #J-18808-Ljbffr Bna Inc
- ...to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML... ...speed, ownership, and execution over bureaucracy. Position Lead Security Engineer Location: Suitland, MD (Hybrid) Terms: Full-time Clearance...SuggestedFull timeFor contractorsFlexible hours
- Description Lead Security Engineer At B&A, we foster and embrace a distinct set of values that we live by and instill in all aspects of our organization: dedication, commitment, partnership, trust, and recognition. We have incorporated these values into successful delivery...SuggestedFull timeWork at officeLocal area
$120k - $190k
Security Requirement: U.S. Citizenship required Work Location: Suitland, MD We are seeking a Subject Matter Expert (SME)-level Lead Security Engineer to lead application security across a large-scale, cloud-native federal modernization program. This role provides technical...SuggestedWork at officeRemote workFlexible hours$120k - $190k
Dev Technology Group is looking for a Lead Security Engineer to provide application security leadership for a large-scale federal modernization program in Suitland, MD. This role involves integrating security into the Software Development Life Cycle using a DevSecOps approach...Suggested- Bna Inc is seeking a Lead Security Engineer in Suitland, MD to drive application security for a federal modernization program supporting the U.S. Census Bureau. This role entails embedding security in every phase of the SDLC using DevSecOps methodologies and leading application...SuggestedWork at office
- Dev Technology is seeking a Lead Security Engineer to oversee application security in a cloud-native federal modernization program. This role requires a deep understanding of security principles, including Zero Trust and DevSecOps, ensuring that security is integrated...Remote jobFlexible hours
- Dev-Technology-Group is looking for a Lead Security Engineer to spearhead application security initiatives for federal projects. This role focuses on embedding security within the SDLC through a DevSecOps methodology, ensuring adherence to Zero Trust principles, and managing...Remote job
- Harmonia Holdings Group, LLC in Suitland, MD, is looking for a Lead Security Engineer to drive enterprise security strategy across a large-scale federal modernization program. This role includes integrating security into ecosystems spanning applications, cloud infrastructure...
- ECS is seeking a Senior Security Engineer for their Washington, DC office. This full-time position involves leading a team to design and implement cybersecurity solutions for a US Government civilian agency. The ideal candidate should have 8+ years of security engineering...Full timeWork at office
- A leading real estate information firm is seeking a Lead Security Engineer in Arlington, VA. The ideal candidate will have over 10 years of experience in Information Security and relevant certifications. Responsibilities include managing incident responses, leading security...
$131.3k - $237.35k
A leading technology solutions provider is seeking a Lead Endpoint Security Engineer in Arlington, Virginia. This role demands strong analytical skills and extensive experience with the CrowdStrike Falcon platform. The ideal candidate will oversee deployment and management...Remote job- ...and successful resolution of incidents across various business verticals Develop, mature and lead incident response functions and reporting of findings Lead technical security assessments (network, application, database) for existing and newly acquired businesses or...
- A high-tech company is looking for a Lead Security Engineer to support security operations in the Washington Metro Area. The role requires managing vulnerability scanning, incident response, and ensuring compliance with federal regulations. Candidates should have a Bachelor...Full time
$130k - $140k
The University of Southern California is seeking an Information System Security Engineer (ISSO) in Arlington to lead classified information security efforts. This role involves managing classified information, ensuring compliance with federal regulations, and supporting...$115k - $150k
...safer. As a global leader in innovative security technology, we help businesses and law enforcement... ..., trust, and collaboration. From engineering to sales and support, every role... ...be part of something that matters. The Lead Security Systems Engineer plays a pivotal...WorldwideFlexible hours- Eliassen Group is seeking an experienced IT Security Engineer in Washington DC to provide security support for applications across various platforms. The role involves defining security frameworks, conducting penetration tests, and ensuring compliance with security standards...
- A leading provider of real estate information is seeking a Lead Security Engineer in Arlington, VA. The ideal candidate will have over 10 years of experience in Information Security and a strong background in incident response and technical assessments. The role requires...
$127.5k - $276.2k
Security Engineer III Position Description The Security Engineer III is the enterprise technical authority for advanced cybersecurity... ...efforts across Treasury's hybrid cloud ecosystem. This role leads transformative engineering initiatives to implement secure architectures...Work at officeLocal area$140k - $266k
...range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation... ...realize their greatest potential. Title and Summary Lead, Cryptographic Security Engineer Who is Mastercard? Mastercard is a global...Full timeTemporary workPart timeWorldwideFlexible hours- JOB OVERVIEW MartinFed is seeking a highly experienced Lead Cyber Security Engineer to provide technical leadership in the design, implementation, assessment, and continuous improvement of enterprise cybersecurity programs and secure system architectures. The ideal candidate...Work at officeLocal area
- B is seeking a Lead Security Engineer to lead application security in a major modernization program for the U.S. Census Bureau. This role requires expertise in integrating security throughout the development lifecycle using DevSecOps methodologies. The ideal candidate...Work at office
- Dev Technology Group, Inc. is seeking a Lead Security Engineer in Suitland, MD, to guide application security in a large-scale federal modernization program. The position involves embedding security into the SDLC using DevSecOps methodologies and enforcing Zero Trust principles...
- Systems Planning and Analysis, Inc. (SPA) is seeking a Lead Cyber Systems Engineer to guide two fast-paced DoW programs within PEO IWS through the... .... You will architect and mature system designs, ensure security protections are built in, and collaborate with APMs. Expect...
- Systems Planning & Analysis in Washington, D.C. is looking for a Lead Cyber Systems Engineer to support advanced radar programs. This role involves direct support to program leads and overseeing test and evaluation activities across the system life cycle. The ideal candidate...
- Washington DC We are seeking an experienced Endpoint Engineering & Security Engineer with 8+ years of IT, endpoint engineering, or cybersecurity experience . The ideal candidate will have hands‑on expertise in Windows and macOS workstation imaging, Microsoft Intune, Windows...Local area
- ...contest us, deterrence is assured, and the free world remains secure. Founded in 2024, Twenty Technologies () industrializes offensive... ..., and In-Q-Tel. Role Summary We are seeking IT Security Engineer to join our growing technology engineering team. This is a...Full timeWork at officeFlexible hours
- Hopper is looking for a Senior Security Engineer to enhance its security posture by owning tooling, automation, and processes that secure applications throughout their lifecycle. This role involves building systems and working closely with engineering teams to make security...
$174k - $253k
Senior Security Engineer, AI/ML, National Security, Public Sector Job Level Mid Location and Working Conditions Washington D.C., DC, USA; Maryland, USA. Candidate must work 5 days per week on-site in Fort Meade, Maryland. Remote eligible. Note: Google's hybrid workplace...Temporary workWork at officeLocal areaRemote workWorldwide- ...Systems Solutions (ISS) is looking for a mid-level ISSE supporting the Office of Naval Intelligence. The Information Systems Security Engineer (ISSE) is responsible for engineering, implementing, and maintaining security solutions across information systems and networks...Work at office
$40 per hour
A cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated security content, solve technical problems, and provide feedback to improve AI systems. This is a flexible remote position, allowing you to work on chosen projects within a...Remote jobHourly payFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Security Engineer. Be the first to apply!
- lead engineer Suitland, MD
- IT security engineer Suitland, MD
- information technology security engineer Suitland, MD
- aws cloud security engineer Suitland, MD
- security engineer Suitland, MD
- senior cloud security engineer Suitland, MD
- network security engineer Suitland, MD
- lead sales engineer
- lead algorithm engineer
- lead gameplay engineer

