Lead Security Engineer (Remote)

Networking for Future, Inc. (NFF) is a Washington, DC based company offering a performance-focused approach to delivering transformational IT business solutions. We take pride in keeping users productive and engaged by providing business and IT teams with the solutions they need to improve their performance in a dynamic, connected world.

NFF is the only Cisco Gold Partner headquartered in the District of Columbia with Advanced Specializations in all major IT disciplines. In addition to Cisco, NFF holds key strategic partnerships with VMware, NetApp, Microsoft, Riverbed, Splunk and many System Integrators. NFF is an ISO 9001:2015 certified company and has been ranked in Inc. Magazine's 500/5000 Fastest Growing Companies list since 2007.

We offer expert solutions relevant to: Network Infrastructures, Data Center & Cloud, Network & Endpoint Security, Application Assurance, Collaboration & Mobility and Staff Augmentation.

NFF is looking for a Security Lead consultant.  The Security Lead is a remote position and will support the agency under the Technical Program manager to identify security vulnerabilities, design, and implement security solutions, monitor security systems, and respond to security incidents impacting the agency on-premises and cloud hosted resources. The contractor shall provide subject matter expertise in the design, development and implementation of security best practices which includes, but is not limited to, network security, application security, access control, and security policy development. 

Responsibilities:

• Conduct security assessments and audits to identify vulnerabilities and provide recommendations for remediation of agency assets.
• Design, implement, and manage security infrastructure and tools, including firewalls, intrusion detection systems, vulnerability management systems, antivirus systems.
• Collaborate with IT teams to ensure security best practices are integrated into IT projects and operations for divisions providing services internally and externally.
• Develop and maintain security policies, procedures, and standards.
• Monitor security systems and respond to security incidents in a timely manner.
• Provide security awareness training to employees and stakeholders.
• Stay up to date with the latest security trends, threats, and technologies.
• Should have experience with Center for Medicaid Services (CMS), Internal Revenue Services (IRS) and Social Security Administration (SSA) Audits and Remediation.

Required Skills:

• Minimum of 15 years of experience working in the field of cybersecurity.
• Knowledge of federal and industry-specific regulations and compliance requirements related to cybersecurity (e.g., FISMA, HIPAA, GDPR).
• Experience in preparing for and participating in security audits and assessments.
• Expertise in network security, including firewalls, intrusion detection/prevention systems, and VPNs.
• Proven experience with security assessment tools and methodologies.
• Proficiency in security technologies such as SIEM (Security Information and Event Management) systems and endpoint protection solutions
• Experience with security monitoring tools, log analysis, and incident response procedures in Azure environments.
• Strong leadership skills with the ability to motivate and manage a team effectively.
• Excellent communication and interpersonal skills to work collaboratively with diverse teams and stakeholders.
• Demonstrated ability to develop and implement security policies, procedures, and standards.
• Experience in incident response, including conducting investigations and managing security incidents.
• Strong understanding of cloud security principles and best practices.
• Strong knowledge of network security, encryption, authentication methods, and security protocols.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills and ability to work collaboratively with cross-functional teams.

Deliverables:

• Comprehensive cybersecurity strategy document outlining short-term and long-term goals.
• Updated security policies and procedures manual.
• Regular compliance reports and documentation of security measures taken.
• Security assessment reports detailing identified vulnerabilities and recommended remediation strategies.
• Documentation of implemented security measures and configurations.
• Incident reports for security incidents, including analysis, containment, eradication, recovery, and lessons learned.
• Create a detailed implementation plan outlining the steps and timeline for deploying security solutions, configuring firewalls, intrusion detection systems, and other security tools.
• Integrate and configure security tools, such as SIEM (Security Information and Event Management) systems, intrusion detection systems, and vulnerability scanners, for continuous monitoring and threat detection.
• Develop a comprehensive incident response plan outlining procedures for identifying, containing, eradicating, recovering from, and documenting security incidents. Conduct tabletop exercises to validate the plan.
• Configure network security devices, including firewalls, routers, and switches, to enforce access controls, segmentation, and threat detection.
• Complete Remediation of all findings from audit reports and communicate with the federal agencies that conduct audit

NFF offers a competitive salary, comprehensive benefits and flexible paid time off options, for eligible employees:

• Medical, Dental and Vision, Health Savings Account, Flexible Spending Account
• STD, LTD, Supplemental life insurance and ADD&D
• Comprehensive 401k plan
• Paid Time Off

NFF is an Equal Opportunity Employer.