Cyber Security Engineer

LightFeather is seeking a skilled Cyber Security Engineer to join our team in Washington, DC. This role focuses on implementing security controls and best practices to improve the security posture of enterprise applications. Spanning a portfolio of custom applications, cloud platforms, and COTS tools, you will serve as a security resource embedded with development and engineering teams throughout modernization efforts and compliance assessments.

• Location: In-Person (5 days/week) in Washington, DC
• Job Type: Full Time
• Citizenship: U.S. Citizenship Required
• Clearance Requirement: Active Secret/Top Secret Security Clearance Required

Responsibilities:

Cyber Security Design and Implementation:

• Collaborate with application development, platform engineering, and customer engagement teams to review security implications for change requests and proposed enhancements.
• Configure security controls and best practices in accordance with applicable federal standards (e.g., NIST SP 800-53 rev. 5) and system/application-specific best practices (e.g., ServiceNow platforms, .NET applications, GitLab deployments, etc.)
• Contribute proactively to a close-knit, mission-driven security team to identify and mitigate risks to the customer’s broader system portfolio and critical assets.

Security Operations and Automation:

• Identify, design, and implement solutions to improve security across the application portfolio with DevSecOps best practices, including SAST/DAST/IAST, IaC, robust vulnerability scanning, near-real-time threat detection, etc.
• Automate repeated tasks and core security functions to strengthen baseline posture and improve operational efficiency, using available low-code/no-code and RPA toolsets.
• Improve data collection, threat analysis, and continuous monitoring mechanisms to provide standardized insights into critical security indicators to security peers and government leadership through dashboards, reports, alerts, etc.

Compliance and Risk Management:

• Collaborate with compliance officers, government leadership, and development teams to ensure compliance with federal security standards such as NIST 800-53, FedRAMP, and FISMA.
• Support ongoing compliance activities to achieve and maintain ATOs for assigned systems, including implementation support to move systems to the Department’s Ongoing Authorizations (OA) program.
• Implement data-driven and automated mechanisms to identify security risks or compliance issues for proactive remediation.

Required Qualifications and Skills:

• US Citizenship.
• Active Top Secret clearance is strongly preferred; candidates with an active Secret clearance will be considered.
• Bachelor’s degree in Computer Science, Cyber Security, Information Systems, or a related field.
• Minimum 5 years of experience in cyber security engineering in federal environments.
• CompTIA Security+ and at least one additional security certification, such as CISSP, SSCP, GSEC, etc.
• Hands-on security engineering experience with at least one of the following tools/systems/environments: ServiceNow, .NET applications, WordPress applications, Azure/GCP/AWS, UiPath, Unqork, GitLab, Atlassian suite, etc.
• Strong proficiency in providing security engineering support in the context of Agile practices and DevSecOps frameworks.
• Demonstrated expertise with at least some modern DevSecOps and security best practices, such as IaC, SAST/DAST/IAST, continuous monitoring, containerized applications, serverless architectures, etc.

Preferred:

• Experience supporting multiple concurrent development teams as a security engineer, spanning multiple systems or applications.
• Familiarity with security configurations and implementation of CI/CD pipelines for secure software delivery with integrated, automated testing/scanning/analysis.
• Experience building security dashboards, reports, and alerts using data analytics tools, such as Databricks, Splunk, Azure Sentinel, etc.
• Experience supporting security engineering for low-code/no-code solutions and/or managed cloud platforms (IaaS/PaaS/SaaS) in a shared responsibility model.

Why Join LightFeather?
You'll be part of a team dedicated to meaningful impact, working on solutions that address mission-critical needs. Experience variety, fulfillment, and the opportunity to work with some of the best in the industry. We are committed to fostering a diverse and inclusive environment where everyone is valued and respected.

Commitment to Diversity
LightFeather is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.