Lead Security Engineer

Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes.We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy.Lead Security EngineerLocation: Suitland, MD (Hybrid)Terms: Full-timeClearance/Work Authorization: U.S. Citizenship with the ability to obtain and maintain a Public Trust is requiredTravel: 0-20%Project DescriptionThis position supports Revolutional's federal customer as part of an application transformation and modernization initiative.This program is driving a large-scale transformation of systems into a data-centric, cloud-native ecosystem capable of supporting high-volume, near real-time data processing and advanced analytics. The work includes modernization of legacy applications, development of new cloud-native solutions, and implementation of DevSecOps and scaled Agile practices across the organization.The core challenge: orchestrating complex, multi-contractor delivery while transforming both technology and operating models without disrupting mission-critical operations.Position DescriptionAs a Lead Security Engineer at Revolutional, you will define and drive enterprise security engineering strategy and execution across a large-scale federal modernization program.You will be responsible for integrating security into every layer of the environment, including applications, APIs, data platforms, cloud infrastructure, CI/CD pipelines, and operational processes. You will work across architecture, engineering, operations, and vendor teams to ensure security is proactive, automated, measurable, and aligned with federal compliance requirements.This role requires someone who can balance security rigor, operational resiliency, and delivery velocity while supporting secure modernization across complex system-of-systems environments.ResponsibilitiesProvide technical leadership across enterprise security engineering efforts within a large-scale modernization programDesign and implement security controls across cloud, application, API, data, and infrastructure layersIntegrate security into DevSecOps pipelines using automated scanning, policy enforcement, CI/CD controls, and security governance practicesSupport Authority to Operate (ATO) processes, POA&M management, continuous monitoring, audit support, and remediation tracking activitiesEnsure compliance with federal security frameworks and standards including NIST 800-53, FedRAMP, FISMA, Zero Trust, MFA, secure SDLC, and federal ATO requirementsSecure system-of-systems (SoS) environments spanning multiple vendors, contractors, integrated platforms, and distributed architecturesImplement and govern IAM strategies including RBAC, ABAC, MFA, privileged access management, authentication, authorization, and Zero Trust principlesDesign and support API and microservices security architectures, including secure API design, token-based authentication, and authorization frameworksConduct penetration testing, threat modeling, SAST/DAST scanning, vulnerability assessments, and end-to-end remediation coordinationSupport supply chain security initiatives including Software Bill of Materials (SBOM), dependency risk analysis, and third-party software validationImplement security controls supporting encryption, sensitive data protection, PTA/PIA requirements, privacy standards, and secure data handling practicesSupport security operations activities including monitoring, alerting, incident response, root cause analysis, and operational troubleshootingDesign and maintain dashboards, KPIs, risk reporting, compliance metrics, and security posture reportingDevelop and maintain security documentation including architecture artifacts, playbooks, operational procedures, compliance documentation, and governance materialsCollaborate across architecture, engineering, operations, and vendor teams to align security requirements with modernization and delivery objectivesMentor engineering and security teams on secure coding, secure architecture, operational security practices, and DevSecOps standardsTechnical EnvironmentCloud-native environments (AWS, Azure)DevSecOps pipelines and CI/CD automation frameworksSIEM, monitoring, alerting, and security analytics platformsContainer security, image scanning, and runtime protection toolsAPIs, microservices, and distributed integration architecturesInfrastructure-as-Code and automation platformsSecurity testing platforms (SAST, DAST, vulnerability management)Identity and access management platforms and Zero Trust architecturesEnterprise data ecosystems supporting high-volume and near real-time processingAgile and scaled Agile (SAFe) delivery environmentsDelivery and collaboration tools (Git, Jira, Confluence, ServiceNow)What You Bring (Requirements)Baseline RequirementsU.S. Citizenship with the ability to obtain a Public Trust15+ years of experience in cybersecurity, security engineering, or enterprise modernization initiativesCertified Information Systems Security Professional (CISSP) requiredCertified Cloud Security Professional (CCSP) requiredProven experience securing large-scale, distributed cloud and enterprise environmentsAbility to obtain and maintain a Public Trust clearanceTechnical CapabilitiesStrong experience implementing security controls in cloud-native and hybrid environmentsExperience supporting ATO processes, POA&M management, continuous monitoring, and federal compliance programsStrong understanding of NIST 800-53, FedRAMP, FISMA, Zero Trust, MFA, secure SDLC, and federal cybersecurity frameworksExperience integrating security into DevSecOps pipelines including SAST, DAST, automated policy enforcement, and CI/CD security controlsExperience securing APIs, microservices, distributed systems, and system-of-systems (SoS) environmentsExperience implementing IAM strategies including RBAC, ABAC, MFA, and privileged access controlsExperience supporting supply chain security including SBOM and dependency risk managementExperience with penetration testing, vulnerability management, remediation tracking, and threat modelingExperience implementing data security, encryption, privacy controls, and PTA/PIA processesExperience supporting security operations including monitoring, alerting, incident response, and root cause analysisExperience with SIEM, container security, image scanning, runtime protection, and cloud-native security platformsExperience developing dashboards, KPIs, risk reporting, and security governance reportingExperience maintaining security documentation, architecture artifacts, playbooks, and compliance recordsCore StrengthsStrong ownership mindset with accountability for enterprise security outcomesAbility to influence security practices across engineering, architecture, and operational teamsStrong decision-making capabilities balancing security, compliance, performance, and delivery objectivesEffective communication across technical, operational, executive, and vendor stakeholdersAbility to operate across complex, evolving, multi-contractor delivery environmentsStrong analytical and problem-solving skills with measurable impact on enterprise risk postureNice to Have (Differentiators)CISM, CISA, or other advanced cybersecurity certificationsExperience supporting statistical and similarly large-scale federal modernization programsExperience implementing enterprise Zero Trust architecturesExperience securing high-volume, real-time data processing platformsExperience supporting DevSecOps-enabled enterprise modernization programsExperience with large-scale cloud-native operational security environments#DICE ___________________________________________________________________________________________________________Here at Revolutional we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:Recognized as a Top 20 "Best Place to Work in Virginia"Recipient of Department of Labor's HireVets Gold MedallionGreat Place to Work Certification for five years runningA Virginia Chamber of Commerce Fantastic 50 companyA Northern Virginia Technology Council Tech 100 company Inc. 5000 list of fastest growing companies for eleven yearsTwo-time SBA SBIR Tibbett's Award winnerVirginia Values Veterans (V3) CertificationWe recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Revolutional family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited toTraditional and HSA- eligible medical insurance plans 100% employer-paid dental and vision insurance options 100% employer-sponsored STD, LTD, and life insurance5% 401(k) company matchingFlexible-schedules and teleworking optionsPaid holidays and PTO Accrual PlansPaid Parental LeaveProfessional development and career growth opportunities Team and company-wide events, recognition, and appreciation-- and so much more! Check out our Revolutional | LinkedIn to find out a little more about who we are and if we are the right next step for your career! Revolutional is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Revolutional does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact HR@revolutional.com.