Sign upLog in

Security Platform Lead

Innovative Computer Solutions Group, Inc

Washington, DC(remote)

Apply
JOB DETAILS
SKILLS
Access Control, Access Control Hardware, Authentication, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Cloud Computing, Code Reviews, Communication Skills, CompTIA Security+, Computer Science, Cryptography, Dental Insurance, Design Document, Digital Certificates, Disaster Recovery, Documentation, FIPS (Federal Information Processing Standards) 140, Health Insurance, Internet Security, Java, JavaScript, Multiplatform/Cross-Platform, Operational Support, Operations Planning, Project Estimates, Python Programming/Scripting Language, Requirements Validation/Verification, Risk Management, Security Architecture, Security Auditing, Security Design, Security Infrastructure, Software Engineering, Systems Engineering, U.S. National Institute of Standards and Technology (NIST), User Interface/Experience (UI/UX), Validation Plan
LOCATION
Washington, DC
POSTED
2 days ago
Benefits:
  • 401(k)
  • Dental insurance
  • Health insurance

Project Overview


Project Type: Secure software and platform implementation program

Security Context:  Environment requiring support for FIPS 140-3 and alignment to NIST SP 800-171 / 800-172 expectations         (cryptographic boundary design experience required)

Project Duration: Estimated 12-month engagement from kickoff through final delivery, validation, training, and closeout.

Technology Stack:  Frontend --- Next.js, Backend --- Python and Java 

Position Summary


We are seeking a Security Platform Lead to own the design and implementation of security-focused platform capabilities across identity, secrets protection, encryption-adjacent controls, access governance, secure storage, system hardening, and compliance readiness. This role is responsible for embedding security into platform architecture and delivery while supporting auditability, operational resilience, and secure engineering practices.



Key Responsibilities


·        Lead security architecture and implementation across platform, application, and operational layers.


·        Design and guide implementation of secure secrets management, certificate handling, privileged access controls, and service authentication patterns.


·        Define security controls for identity, access, role governance, session security, audit logging, and administrative workflows.


·        Guide secure storage, immutability, logging integrity, and cryptographic boundary design decisions.


·        Define security baselines, hardening standards, and implementation guardrails for environments and services.


·        Review architecture, code, configurations, and workflows for security risks and mitigations.


·        Support incident readiness, disaster recovery planning, and operational validation from a security perspective.


·        Produce and review security design documents, control narratives, configuration standards, and remediation plans.



Required Qualifications


·        Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field, or equivalent practical experience.


·        7+ years of experience in security engineering, platform security, cloud security, or secure systems design.


·        Direct experience designing or implementing systems that must align with FIPS 140-3 cryptographic module requirements or validated cryptographic modules where required.


·        Strong familiarity with NIST SP 800-171 control implementation in nonfederal environments handling CUI.


·        Ability to translate security requirements into technical controls for authentication, authorization, secrets handling, logging, system hardening, audit trails, and resilience.


·        Experience with compliance-oriented security architecture, control mapping, and technical evidence preparation.


·        Strong documentation and communication skills.



Preferred Qualifications


·        Experience with NIST SP 800-172 enhanced safeguards, especially cyber resiliency, defense-in-depth, and protection of higher-value systems.


·        Experience with Kubernetes security, workload identity, certificate lifecycle, and secure service communication.


·        Experience with secrets platforms, key protection workflows, privileged access control, or hardware-backed security solutions.


·        Security certifications such as CISSP, CCSP, Security+, or equivalent.



Success Profile


·        Security-first mindset.


·        Pragmatic and delivery-oriented.


·        Strong architecture discipline.


·        Able to work closely with developers and platform engineers.

This is a remote position.

About the Company

I

Innovative Computer Solutions Group, Inc

Resume Resources

Free Resume TemplatesFree Resume Builder