|
Tharros is seeking a Senior Cybersecurity Engineer to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.
This role will provide senior technical direction across cybersecurity engineering, cloud security, DevSecOps, AI/ML security, Zero Trust, security tooling, and technical architecture. The ideal candidate is a hands-on technical leader who can translate complex cybersecurity requirements into scalable, secure, and executable engineering solutions across cloud, on-premise, classified, and unclassified environments.
Responsibilities:
- Provide senior technical direction across cybersecurity engineering, cloud security, DevSecOps, AI/ML security, and Zero Trust activities.
- Work with enterprise architects, system architects, developers, and security teams to integrate cybersecurity requirements into reusable technical architectures and engineering practices.
- Assess and recommend scalable, resilient cloud architectures that incorporate cybersecurity and safeguarding requirements.
- Support cybersecurity tool configuration, maintenance, integration, and improvement across enterprise environments.
- Support STIG implementation, vulnerability scanning, secure configuration, and security tool maintenance.
- Identify opportunities to apply automation, emerging technologies, and process improvements to improve cybersecurity engineering delivery.
- Develop repeatable security processes for cloud and AI capabilities.
- Support technical remediation and assessment activities, including engineering support for Assessment and Authorization efforts.
- Recommend, configure, operate, and maintain approved cybersecurity tools and applications.
- Support Zero Trust maturity efforts, including capability gap analysis, implementation recommendations, roadmap development, and dashboard integration.
- Integrate security into DevSecOps pipelines, including automation scripts, security testing, configuration validation, and continuous monitoring support.
- Assess DevSecOps tool configurations, identify gaps, and recommend improvements.
- Develop and apply tools and scripts to automate security requirements, STIG implementation, and configuration validation.
- Support near real-time dashboards and reporting that improve visibility into security testing, vulnerabilities, compliance status, and cyber risk.
- Collaborate with cross-functional teams throughout requirements, design, implementation, testing, delivery, and enhancement of secure IT solutions.
- Support migration of IT services to cloud environments by identifying security requirements, risks, and technical issues.
- Apply secure coding, security testing, static analysis, fuzzing, and threat modeling practices.
- Active TS/SCI
- 10+ years of cybersecurity engineering experience on projects of similar size and complexity.
- AWS certification.
- CISSP certification.
- Scrum certification or demonstrated Scrum practices experience.
- Experience with Federal, DHS, or Intelligence Community cybersecurity architectures, standards, and technologies.
- Experience with cybersecurity engineering, cloud engineering, DevSecOps, AI/ML security, and Zero Trust.
- Experience translating cybersecurity requirements into technical plans and engineering solutions.
- Experience with security tools, secure configuration, vulnerability scanning, STIGs, cloud security, and DevSecOps automation.
- Strong technical communication skills, including the ability to brief technical concepts and recommendations to stakeholders.
Preferred Qualifications:
- Prior DHS, Intelligence Community, CISO office, classified cloud, TS/SCI engineering, or national security cybersecurity experience.
- Certifications or experience with additional cloud platforms, including Microsoft Azure, Google Cloud, or Microsoft 365.
- Experience with GRC platforms, ACAS, Nessus, SCAP, SonarQube, GitLab, Splunk, Tanium, Tenable, or related Federal cybersecurity tools.
- Experience with RMF, A&A, continuous monitoring, Zero Trust dashboards, DevSecOps pipeline security, cloud security architecture, and secure automation.
- Experience supporting classified, hybrid cloud, cross-domain, or secure mission environments.
- Experience developing dashboards, technical metrics, or executive-ready reporting for cyber risk, vulnerability posture, Zero Trust maturity, or security testing status.
|