Radiant Digital - Lanham, MD
posted 6 days ago
Full-time - Mid Level
Lanham, MD
About the position
The Security Test Lead Engineer will oversee and manage security testing initiatives for federal systems, ensuring compliance with government regulations and standards. This role requires an experienced professional capable of designing, implementing, and leading security testing strategies while collaborating with cross-functional teams.
Responsibilities
- Lead the design and execution of security testing strategies, including vulnerability assessments, penetration testing, and security controls evaluation.
- Develop and manage detailed security test plans and scripts aligned with federal security requirements (e.g., FISMA, NIST 800-53).
- Oversee the implementation of automated security testing tools and frameworks.
- Coordinate security testing activities across development, QA, and security teams.
- Perform security risk assessments to identify vulnerabilities and recommend mitigation strategies.
- Ensure all testing aligns with compliance mandates such as FISMA, FedRAMP, and other federal guidelines.
- Validate that security controls are functioning as intended and adequately protect system assets.
- Work closely with system architects, developers, and security teams to identify and resolve security issues.
- Provide detailed technical reports on vulnerabilities, risks, and testing outcomes.
- Present findings and mitigation strategies to federal stakeholders and management teams.
- Deploy and manage security testing tools, such as OWASP ZAP, Nessus, Burp Suite, or similar.
- Continuously evaluate and recommend new tools or methodologies to enhance testing capabilities.
- Provide guidance and mentorship to junior testers and engineers on security testing best practices.
- Deliver training sessions on security awareness and testing methodologies to team members.
- Assist in analyzing and responding to security incidents, using test results to improve incident response plans.
- Support post-incident reviews to refine testing processes and identify future security needs.
- Maintain accurate records of testing activities, including test cases, test results, and remediation plans.
- Prepare comprehensive reports for audits, compliance reviews, and risk assessments.
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
- 7+ years of experience in security testing, including penetration testing and vulnerability assessments.
- 3+ years of experience leading security testing teams or projects.
- Proficient in security testing tools such as Nessus, Metasploit, Burp Suite, OWASP ZAP, and Wireshark.
- Strong knowledge of federal security standards (e.g., NIST 800-53, FISMA, FedRAMP).
- Experience with cloud security testing (e.g., AWS, Azure, GCP) and containerized environments.
- Solid understanding of encryption protocols, authentication mechanisms, and secure coding practices.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal abilities to interact with technical and non-technical stakeholders.
- Leadership skills to effectively manage and inspire security testing teams.
Nice-to-haves
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- GIAC Security Essentials Certification (GSEC)
Benefits
- Opportunity to work on critical federal projects that safeguard national security.
- Collaborate with talented teams in a mission-driven environment.
- Access to professional development and growth opportunities in the cybersecurity domain.
