Job Closed
This listing is no longer active.
Solving big problems, building trust in society, and empowering our clients to shape the future.
Senior Cybersecurity Lead
Location
United States
Posted
116 days ago
Salary
$130K - $216K / year
Seniority
Senior
Job Description
Senior Cybersecurity Lead
Guidehouse
• Apply fundamental cybersecurity principles and concepts for a large DoD IT program • Develop and implement a plan to achieve cybersecurity and RMF objectives across the lifecycle of the program, to include close coordination across program workstreams and Government stakeholders • Maintain cybersecurity implementation plans, milestones, schedules, and resourcing requirements across cross-functional teams • Apply NIST Risk Management Framework (RMF), NIST SP 800-53 controls, Assessment and Authorization processes for both on-prem and cloud-based systems, POA&M management, and System Security Plan development and maintenance • Work with senior members of the program and client organization to ensure that overall cybersecurity program and project direction, strategy and expectations are met • Understand of Governance Risk and Compliance (GRC) requirements, standards, and guidelines governing security within the Federal Government (e.g., NIST publications, FISMA, and OMB memoranda) and aligning IT with business objectives to effectively manage risk • Design and implement system security plans and policies, such as account management policies or auditing policies • Perform cybersecurity risk management, research and development, and leading practices • Gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in cybersecurity • Develop strategies, roadmaps, assessments, and policies • Work with solution architects for security requirements on network architecture • Conduct and lead risk assessments and managing risks • Develop and implement cybersecurity policies and procedures
Job Requirements
- Minimum TEN (10) years of experience in Cybersecurity
- Experience applying fundamental cybersecurity principles and concepts to tasks and projects
- Experience implementing multiple end-to-end packages using the Risk Management Framework (RMF)
- Expert level experience with NIST 800-53 security controls
- Cybersecurity certification - CISM, CISSP, or Security+
- Demonstrated ability leading successful teams and working in challenging situations
- Strong written and oral communication skills, and demonstrates leadership role with clients and fellow team members
- Strong client leadership skills and ability to recognize opportunities for improvement to existing or future capabilities
- Ability to lead teams to complete projects with attention to detail on tight timelines
- Assures high quality work by taking advantage of learning opportunities and self-motivated
- Must be able to OBTAIN and MAINTAIN a Federal or DoD "SECRET" security clearance; candidates must obtain approved adjudication of clearance prior to onboarding with Guidehouse
- Candidates with an ACTIVE "SECRET" or higher-level clearance are preferred
- Understanding of identity management and role-based access controls
Benefits
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Position may be eligible for a discretionary variable incentive bonus
- Parental Leave and Adoption Assistance
- 401(k) Retirement Plan
- Basic Life & Supplemental Life
- Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Student Loan PayDown
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Emergency Back-Up Childcare Program
- Mobility Stipend
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Lead the charge in building secure, resilient, and high-performing IT infrastructure across the nationwide healthcare network. • Ensure seamless connectivity for clinics, HQ, and remote teams while safeguarding sensitive data and maintaining regulatory certifications. • Be deeply involved in day-to-day operations, personally architecting solutions, troubleshooting complex issues, and driving key initiatives. • Solve critical challenges and deliver tangible results, ensuring the network and security posture remains robust and responsive.
• Work with clients to assess and improve their cybersecurity posture, design practical solutions aligned with business objectives, and support the deployment and implementation of security strategies, frameworks, and concrete measures to improve protection and resilience. • Conduct risk assessments and security reviews to identify vulnerabilities, recommend improvements, and assist in defining roadmaps and action plans for cybersecurity initiatives. • Collaborate with multidisciplinary teams to deliver projects that combine business, technology, and regulatory perspectives. • Stay informed about cybersecurity trends, regulations, and technologies to provide relevant insights.
• Administer and Maintain EDR Tools • Tune detection rules to reduce false positives and improve threat visibility for each covered locality. • Ensure asset inventory is accurate and up to date for each covered locality. • Regularly update the EDR platform and agents to the latest versions. • Review and adjust security policies. • Conduct health checks to ensure the EDR system is functioning properly. • Investigate and remediate unexpected agent behavior • Ensure that Integrations are working as required and troubleshoot when issues are identified • Administer and Maintain Vulnerability Management System • Maintain and update the vulnerability management platform and agents • Conduct health checks to ensure the VMS system is functioning properly. • Tune scan policies to reduce false positives and improve accuracy for each covered locality • Ensure asset inventory is accurate and up to date for each covered locality • Configure and schedule scans for each covered locality. • Investigate and remediate unexpected agent behavior • Ensure that integrations are working as required and troubleshoot when issues are identified • Respond to and resolve customer inquiries and issues submitted through the ticketing system and SOC • Maintain and update the Remote Monitoring and Management platform and agents • Accurately document customer interactions, troubleshooting steps, and resolutions • Escalate complex or unresolved issues as needed • Monitor ticket queues to ensure service level agreements (SLAs) are met and follow up with customers as needed
• Owning the technical and cultural integration of the Australian security team into Packetlabs’ global practice • Mentoring intermediate and junior pentesters locally • Setting and enforcing documentation, workflow, and tooling standards used across regions • Acting as a cultural and technical bridge between regions • Participate in cross-region projects (you will not be siloed to “APAC-only” work) • Communicate findings clearly in both written and verbal formats • Contribute to shared documentation and knowledge bases • Support structured handoffs across time zones when needed • Your primary role is to perform penetration testing of web applications, mobile applications, thick clients, APIs, and infrastructure when ready. • Develop detailed reports on findings and remediations for impactful findings. • Mentor intermediate and junior pentesters • Lead or co-lead internal knowledge-sharing sessions
