Security Tool Engineer Lead

Summary

Join EXPANSIA, a service-disabled, veteran-owned small business, as a Security Tool Engineer Lead! This remote, full-time position involves overseeing the management, evaluation, deployment, and optimization of various security tools across 187 bases. You will lead a team of security engineers, collaborate with cross-functional teams, and ensure the effective operation of security tools to protect information systems. The salary range is $123,000-$167,500, and EXPANSIA offers competitive compensation, benefits, and learning and development opportunities. The position requires an active Secret Clearance and a Bachelor's degree or equivalent experience. EXPANSIA values work-life balance and offers a supportive work environment.

Requirements

• Active Secret Clearance required
• Bachelor’s Degree in relevant field and 15+ years of relevant experience required
• 20+ of relevant experience in lieu of a Bachelor’s Degree
• Proven experience as a Security Tools Lead or in a similar role, with leadership experience in managing security tooling projects and teams
• Strong technical expertise in security tools, including IDS/IPS, CBII, SIEM, anti-virus, EDR, MDE/DLP and encryption solutions
• Excellent leadership and team management skills, with the ability to mentor and guide a team to achieve security objectives
• Strong analytical and problem-solving skills to address complex security tooling challenges
• Excellent communication and collaboration skills to interact effectively with stakeholders at all levels
• Required DoD 8140 compliant certification such as CompTIA Security+

Responsibilities

• Develop and execute a comprehensive security tools strategy and roadmap aligned with the organization's security goals. Identify and evaluate new security technologies to enhance the overall security posture
• Lead a team of security engineers and analysts, providing mentorship, guidance, and technical expertise. Foster a collaborative and high-performance work environment to achieve security objectives
• Research, evaluate, and recommend security tools and technologies based on the organization's security requirements, industry best practices, and compliance standards
• Oversee the deployment, integration, and configuration of security tools across the organization's infrastructure. Collaborate with IT and other stakeholders to ensure seamless implementation
• Continuously monitor and optimize the performance of security tools to maximize their effectiveness in threat detection and response. Ensure the tools operate efficiently without impacting regular business operations
• Implement processes for integrating threat intelligence feeds into security tools, enhancing the organization's ability to detect and respond to emerging threats
• Collaborate with the SOC and incident response teams to provide technical expertise during security incidents and contribute to incident handling and remediation efforts
• Plan and manage security tool upgrades, patching, and maintenance activities to keep tools up to date and secure
• Ensure comprehensive documentation of security tool configurations, workflows, and operational procedures. Prepare reports for management on tool performance and effectiveness
• Collaborate with cross-functional teams, such as SOC, IT, and application security, to align security tooling with overall security strategies and requirements
• Ensure compliance with security policies, standards, and procedures related to security tooling. Contribute to the development of security policies as necessary
• Provides status reports at least weekly and monthly and complete other reporting requirements as required for overall program reporting requirements
• Holds team members accountable for following published SOPs
• Communicates within the project area or technical department on matters that involve obtaining or providing technical information requiring some explanation or interpretation

Preferred Qualifications

• Other relevant cybersecurity certifications like Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM), are a plus
• Certification in cybersecurity, computer forensics, or software reverse engineering is strongly preferred
• Microsoft Active Directory
• Microsoft Federation Services
• Advanced PowerShell scripting or prior software development experience
• DoD PKI

Benefits

• Health and wellness programs
• Income protection
• Paid leave
• Retirement and savings