Senior Zero Trust Security Engineer

Easy Dynamics is seeking a Senior Zero Trust Security Engineer within our cybersecurity firm, who will lead technical engagements right at the forefront of the cybersecurity and compliance arena. As the lead engineer for our client's zero trust journey, this role is your opportunity to make a significant impact by shaping the security strategies of client organizations over a multi–year journey. To excel in this role, you'll need an in–depth understanding of enterprise IT concepts, cloud security, FISMA compliance, digital identity, and privacy–all while closely adhering to NIST standards and emerging Zero Trust implementation guidelines. As the driving force behind zero trust architectures, you'll craft comprehensive roadmaps and strategies, develop and provide input to technical architectures, own key deliverables, ensuring that clients' security needs are met effectively.

Your role will demand a high level of technical proficiency, with a strong emphasis on cybersecurity. This role is not just about technical skills; it's also about your ability to manage organizational change. In your advisory capacity, you'll navigate the complexities of client organizations, driving and facilitating change to enhance security practices. Effective communication and collaboration are crucial because you'll play a pivotal role in working with both technical and non–technical business leaders. In essence, this role offers you the chance to be a key player in our mission to safeguard the nation. If you're up for the challenge, we'd love to have you on our team.

Responsibilities:

• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data
• Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle
• Employ secure configuration management processes
• Ensure that acquired or developed systems and architectures are consistent with the organization's cybersecurity architecture guidelines
• Identify and prioritize critical business functions in collaboration with organizational stakeholders
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents
• Determine the protection needs (i.e., security controls) for the information systems and networks and document appropriately
• Provide internal and external subject matter expertise on Zero Trust and emerging Cybersecurity trends
• Serve as technical client interface, responsible for development of cybersecurity delivery strategy and roadmap for clients
• Participate in business development through RFPs and other proposals
• Develop and spearhead the implementation of a comprehensive cybersecurity delivery
• Architect and supervise the deployment of Zero Trust principles across the enterprise, prioritizing network security, data encryption, identity and credential management, and application security. Hands–on to develop technical artifacts. Create and present briefs and presentations to senior leadership
• Drive Identity, Credential, and Access Management (ICAM) initiatives to ensure robust identity governance, multifactor authentication, and stringent authorization aligned with Zero Trust pillars
• Lead the design and implementation of network segmentation strategies, ensuring isolation of critical assets and zero–trust–based traffic inspection and monitoring
• Establish and enforce robust data protection measures including encryption, data classification, and secure data handling practices to align with Zero Trust principles.
• Collaborate closely with cross–functional teams, providing expert guidance and fostering a security–focused culture while aligning with Federal security policies
• Conduct thorough risk assessments, identify vulnerabilities, and develop proactive strategies to mitigate risks in line with Zero Trust principles across network and data domains
• Develop and maintain security policies, standards, and procedures in accordance with Zero Trust tenets and Federal regulations, particularly focused on network and data security
• Evaluate and recommend cutting–edge security technologies, tools, and solutions supporting Zero Trust, ensuring scalability, interoperability, and cost–effectiveness in network and data protection
• Ensure adherence to Federal security regulations and reporting requirements, providing comprehensive documentation and reports on security postures and progress, especially within network and data domains
• Occasional travel to Washington D.C. and company headquarters in Northern Virginia is required

Qualifications:

• Minimum of 10+ years of experience supporting enterprise Cybersecurity programs within a federal public sector environment
• Experience implementing Cybersecurity utilizing NIST guidelines, preferably Zero Trust
• Excellent communication skills to internal and external stakeholders – ability to adjust messaging to a variety of audiences (client leadership, technical staff, team members etc.)
• Consultative mindset and ability to map solutions against client challenges
• Solid understanding of technical concepts and such as Encryption, Multi–Factor Authentication (MFA), Network Segmentation, Data Loss Prevention
• Experience driving discussions with senior personnel regarding trade–offs, best practices, project management and risk mitigation
• Experience with security applications such as SailPoint, CyberArk, Zscaler, Crowdstrike, TripWire, Azure, etc.
• Strong written and verbal communications skill with experience presenting to a variety of audiences (developers, managers, executives, etc.)
• Deep hands–on experience leading the design, development, and deployment of Cybersecurity services
• Experience with IT compliance and risk management requirements (e.g., FISMA, FedRAMP, DoD SRG)
• Ability to connect and translate (Federal) policy documents, executive orders, and other guidance to "on the ground" technical implementations
• Experience with Agile values and principles for project management
• BA/BS degree or equivalent experience
• Must be a US Citizen and able to obtain a US Government security clearance/public trust

Preferred Qualifications:

• Familiar with emerging ICAM and Cyber concepts such as Secure Access Service Edge (SASE)
• Relevant certifications such as IDPro, Forrester's Adopting Zero Trust certification, CISSP

Salary: $150,000 – $175,000