Cyber Security Engineer (SME) with Security Clearance

---

Job description

LTS is seeking an experienced System Assessment and Authorization/Cyber Security Engineer (SME) to lead and provide expert guidance on cybersecurity compliance and risk management processes. The SME will be responsible for ensuring that all information systems within the program meet federal security standards, including FISMA (Federal Information Security Modernization Act) and NIST (National Institute of Standards and Technology) guidelines. The ideal candidate will have extensive experience in system security assessments, developing and implementing security policies, and leading authorization processes. This Program within the Department of Commerce is designed to manage and reduce cybersecurity risks of their customers and ensuring the convergence of IT security and business objectives by integrating cybersecurity into system development lifecycles and comply with the Federal Government's Risk Management Framework (RMF). The work will be performed on-site at the DOC located at 1401 Constitution Ave, NW. Contingent offer upon contract award LTS provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world. LTS is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver innovative solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure, and data analytics. Responsibilities: • Lead the development and execution of Security Assessment and Authorization (SA&A) activities, ensuring compliance with NIST 800-37 and other relevant frameworks. • Conduct comprehensive security assessments of information systems, identifying vulnerabilities, and recommending mitigation strategies. • Develop and maintain security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms). • Coordinate with system owners, ISSOs (Information System Security Officers), and other stakeholders to ensure the successful authorization of systems. • Provide expert advice on cyber security best practices, risk management, and threat mitigation techniques. • Stay abreast of emerging cyber threats and security trends to enhance the organization's security posture. • Support the development and implementation of security policies, standards, and procedures in alignment with federal guidelines. • Ensure compliance with FISMA, NIST, and other federal cyber security requirements. • Conduct risk assessments, develop risk mitigation strategies, and monitor the implementation of risk controls. • Lead efforts to achieve and maintain the Authority to Operate (ATO) for information systems. • Mentor and guide junior cyber security professionals within the organization. • Develop and deliver training on security assessment and authorization processes, tools, and best practices. • Collaborate with cross-functional teams, including IT, operations, and legal, to integrate security into all aspects of the system lifecycle. • Prepare and present reports on the security status of systems to senior leadership and external auditors. Requirements: • Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field and a minimum of five (5) years of experience conducting security assessment, authorization and Authorization to Operate (ATO). • Relevant certifications such as CISSP, CISM, CAP, or similar. • Active Top Secret / SCI eligible clearance. • Minimum of three (3) years of experience with Governance, Risk Management and Compliance (GRC) Tool, eMASS. • In-depth knowledge of FISMA, NIST 800-53, NIST 800-37, RMF (Risk Management Framework), and other relevant federal security standards. • Proven experience leading SA&A processes and obtaining ATO for federal systems. • Strong analytical, problem-solving, and communication skills. • Ability to work independently and as part of a team in a fast-paced, dynamic environment. Desired Skills: • Experience working within the U.S. Department of Commerce or similar federal agencies. • Familiarity with cloud security frameworks and federal cloud security requirements (e.g., FedRAMP). • Experience with security tools such as Nessus, SCAP, or similar. LTS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

<!– job description page –>