- Cyber Defense
XOR Security is currently seeking talented Enterprise Security Architect/Security Engineering Team Lead with at least 8 years’ experience in the area of information/cybersecurity engineering or security operations, including hands-on experience with security tools and devices, such as network firewalls, web proxy, intrusion prevention system, vulnerability scanner, and penetration testing tools. If you like leading information technology security engineering teams and projects serving as the on-site POC with the Contracting Officer’s Representative (COR) for program/project operations, this is an exciting long-term opportunity for you. Since this is a forward-facing position, a natural comfort interacting with senior leadership, with strong consulting and project management skills is highly desired.
Participating in Corporate duties such as solution/proposal development, corporate culture development, mentoring employees, supporting recruiting efforts, is highly encouraged.
Job duties include:
- Manage a group of 15+ security engineering resources across various different technologies.
- Lead staff to complete various security architecture and technology initiatives with a direct role in project planning, status reporting, and task prioritization.
- Analyze technology trends for enterprise security architecture and provide cost benefit analysis to senior executive cyber leadership to assist in decision-making.
- Develop and manage strategic roadmap for customer in enterprise security architecture initiatives.
Candidate must have the following required qualifications:
Education: Bachelor’s degree or equivalent professional experience in the field of information security, computer engineering, information systems, telecommunications, or related technical or functional discipline. PMP Certification preferred or equivalent work experience (4+ years management experience).
Professional Certification: Maintain at least one current professional certification. Acceptable certifications include: Any SANS GIAC Security certifications (Administration, Software, Forensics, or GSE Expert), ISC2 CISSP, or any security systems vendor administration-level certifications. Other certifications may be acceptable as approved by the COR.
Total of 8 years experience in Information Technology, System Administration, Software Engineering, or Cyber Security.
Minimum of four (4) years of experience in the following:
- On-site project lead for information technology security engineering projects serving as the interface and on-site point of contact with Contracting Officer’s Representative (COR) for program/project operations.
- Organizing, directing and coordinating with the Program Manager and COR in the planning and production of all contract and subcontract support activities.
- Supervising program/project operation by developing engineering, technical and management procedures and controls, monitoring, and reporting progress.
Two (2) or more years of experience in the following:
- Design and implementation of enterprise-wide security controls to secure systems, applications, network, or infrastructure services.
Specialization in at least one of the following fields with four (4) or more years of experience:
- Building and administering security devices such as network firewall, web proxy, data loss prevention systems, and intrusion prevention systems.
- Building and administering Windows Server and Active Directory.
- Building and administering Linux/UNIX based systems.
- Building and administering Network devices (e.g., Cisco, Juniper).
- Conducting dynamic web application security testing, both manual testing and utilizing application security tools to discover exploitable vulnerabilities, as well as database security assessment and monitoring.
- Managing cloud security operations, including identity & access control, secure configuration management, network security, enforcement policy scripting, workload security, data security, and logging.
- Public Key Infrastructure (PKI) management and data encryption for data-at-rest and data-in-transit.
- Demonstrated understanding of TCP/IP networking concepts and DNS.
- Experience with public cloud services providers such as Amazon AWS or Microsoft Azure.
- Strong familiarity with Federal compliance standards such as NIST 800-53, FIPS, FedRAMP.
Location: Post pandemic, this will be onsite 100 F. Street NE, Washington DC 20549. Remote days post-pandemic cannot be guaranteed.
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED.