Lead Cyber Security Analysis SME

Job Description

Job DescriptionDescription:

XSI is seeking a Lead Cyber Security Analysis SME to anchor the cybersecurity engineering team supporting the Congressional Budget Office (CBO). This is a senior, hands-on engineering leadership role — not a policy, compliance, or SOC-monitoring position. You will lead technical implementation across the full security stack and own the Government-facing documentation that demonstrates control effectiveness.

What you'll do

• Lead technical implementation across Zero Trust, IAM, SIEM/EDR/XDR, vulnerability management, cloud security, network segmentation, security baselines, and incident response.
• Implement and maintain enterprise security controls aligned to NIST SP 800-53 and NIST SP 800-207 — access control, configuration management, system and communications protection, audit and accountability, incident response, and system and information integrity.
• Drive Zero Trust enforcement, continuous verification of users and devices, identity-centric security, and least-privilege access (RBAC, PAM, MFA).
• Oversee centralized logging and SIEM integration, vulnerability assessment, RMF-aligned risk analysis, system hardening, and AWS/Azure cloud security.
• Support incident response, forensic data collection, root cause analysis (RCA), change management, and automated patching.
• Produce SOPs, security impact analyses, implementation plans, validation criteria, rollback steps, and audit-ready control evidence.
• Collaborate with network, cloud, application, and service desk teams to remediate risk and strengthen posture.

Requirements:

• 10+ years of hands-on enterprise cybersecurity experience, including federal or highly regulated environments.
• Demonstrated experience as a senior cybersecurity engineer or security architect leading technical implementation across multiple security domains.
• Proven track record configuring IAM and least-privilege controls; tuning SIEM/EDR/XDR alerts; conducting incident triage and containment; coordinating vulnerability remediation; and hardening cloud or hybrid environments.
• Strong technical writing — recommendations, implementation plans, validation criteria, and control evidence.

Certifications

CISSP strongly preferred. Also valued: CISM, CISA, CCSP, CASP+, GIAC certifications, Security+, AWS Certified Security – Specialty, Microsoft SC-100, SC-200, AZ-500, or equivalent.