Lead Security Engineer

Location: Rockville, MD

Work Type: Hybrid Work (Minimum 2 days onsite – may extend based on client meetings, delivery needs, and proposal support)

Job Title: Lead Security Engineer

Clearance: Public Trust

Job Summary: LCG is seeking a Lead Security Engineer will provide senior-level enterprise security engineering, architecture, and cloud security expertise in support of Client’s OMTO/DTM Cybersecurity and Management Support. Under the guidance of the HHS CIO, CISO, and SAOP, this role designs and implements security solutions across on-premise and cloud environments, supports security tool operations and integration, ensures environments meet HHS security requirements, and provides expert remediation guidance to address vulnerabilities and security gaps.

• Design, engineer, and deploy security capabilities across enterprise systems to strengthen confidentiality, integrity, and availability of SAMHSA information resources.
• Analyze current environments and recommend the best security technology deployment strategies to address operational needs, compliance mandates, and evolving threats.
• Conduct gap analysis on security infrastructure across on-premise and cloud environments, identify weaknesses, and recommend improvements aligned with federal best practices.

• Provide technical solutions and engineering recommendations to address vulnerability findings, configuration weaknesses, and security control gaps uncovered through internal/external scanning and assessments.
• Support remediation validation by reviewing vulnerability evidence, confirming mitigation actions, and ensuring risk is reduced to acceptable levels per program expectations.

• Collaborate with developers, system engineers, and project teams to identify required protections throughout the system lifecycle and ensure projects integrate required security standards into development.
• Provide technical guidance on what engineering changes, patterns, and workflows are needed to satisfy HHS security requirements during development, modernization, and sustainment.
• Support the agency goal of adopting a Dev Sec Ops  model by helping define security strategies/capabilities and aligning security engineering controls with modern delivery pipelines.
• Collaborate with infrastructure teams to integrate security requirements into CI/CD pipelines and automation strategies for on-prem and cloud environments.

• Evaluate security technologies and tool capabilities, determine integration approaches, and create technical recommendations and implementation plans for deployment.
• Analyze HHS design requirements and ensure Client systems meet required enterprise security architecture expectations.

• Provide technical expertise for configuration, operations, and lifecycle maintenance of security tools and platforms, including upgrades/patching as needed.
• Coordinate with SAMHSA infrastructure teams and/or vendors to troubleshoot tool outages or failures impacting security monitoring and protection services.
• Support contractor team readiness through knowledge-sharing/training expectations to ensure security tooling can be operated and sustained effectively.

• Support integration of Continuous Diagnostics and Mitigation (CDM) capabilities into Client’s security architecture and ensure reporting readiness for the HHS CDM dashboard.
• Provide technical expertise to meet federal and HHS directed security capability integration requirements as Client implements mandated security services.

Education: Bachelor’s degree in a relevant field discipline ( i.e. Cybersecurity / Information Assurance, or Computer Science, or Information Technology / Information Systems, or Computer Engineering / Systems Engineering, or Network Engineering / Telecommunications)

Certification:
CISSP or CAP or CEH or Security+

Experience:

• 8+ years of experience in…