Cyber Security Team Lead at Biomedical Government Research Institution in Rockville, MD – Remote Contract 2026

Job ID: JOB_ID_6380

About the Role:

Our client, a leading biomedical government research institution in the United States, is seeking a Cyber Security Team Lead to join their program. This program focuses on designing, securing, and managing enterprise infrastructure that hosts mission-critical applications across both on-premises and cloud environments. As the Cyber Security Team Lead, you will be responsible for overseeing a multidisciplinary security team. Your team will manage audits, ATO boundary management, continuous monitoring, vulnerability remediation, and security tool oversight. This role demands both subject matter expertise and strong leadership skills, requiring you to provide strategic direction while maintaining technical credibility in engagements with engineers, system owners, and research stakeholders. Your contributions will directly support the secure delivery of technology that advances biomedical research and public health.

Key Responsibilities:

• Manage the day-to-day operations of the cyber security team, including task assignment, workload distribution, priority setting, deadline management, deliverable tracking, status reporting, and leadership briefings.
• Provide technical leadership and subject matter expertise in areas such as Authorization and Assessment (A&A), cloud security, incident response, vulnerability management, or infrastructure security.
• Oversee the execution of all aspects of security audits and assessments, including SOC, OIG, GSA, OMB A-123, and internal/external compliance reviews.
• Provide oversight for ATO boundaries and System Security Plans (SSPs) for infrastructure services supporting on-premises and cloud-hosted applications, including compute, databases, and storage platforms.
• Oversee vulnerability management operations, encompassing enterprise scanning, risk-based prioritization, remediation tracking, and executive reporting.
• Participate in and lead Disaster Recovery (DR) and Continuity of Operations (COOP) exercises as required.
• Engage directly with customers and system owners to offer expert security recommendations, review architectures, support waivers, and guide remediation strategies.
• Be available on-call after hours to support security incidents, emergency responses, or operational escalations as needed.

Required Qualifications:

• Education: BA or BS degree in Information Systems, Computer Science, Cybersecurity, or a related discipline. A Master’s degree is preferred.
• Experience: A minimum of 15 years of experience in cybersecurity roles, with at least 5 years leading or managing security teams.
• Skills:
• Demonstrated hands-on experience leading or directly supporting one or more of the following areas: Authorization and Assessment (A&A) and ATO lifecycle management, audits, vulnerability management, or cybersecurity engineering.
• Documented experience supporting federal audits, including SOC (1 or 2), OMB A-123, OIG, GSA, or similar oversight reviews, with direct responsibility for audit evidence collection, meeting with auditors, control validation, remediation tracking, and response to findings.
• Proven experience defining and managing ATO boundaries and developing, maintaining, and updating System Security Plans, including control implementation narratives and supporting artifacts in accordance with NIST 800-53 requirements.
• Experience administering or overseeing enterprise vulnerability management portfolios, including coordinating remediation efforts, tracking POA&Ms, and reporting risk posture to leadership.
• Strong working knowledge of the NIST Risk Management Framework and federal cybersecurity compliance requirements, including NIST 800-53, FISMA, FedRAMP, and continuous monitoring requirements.
• Experience operating in hybrid IT environments, including both on-premises infrastructure and cloud environments.
• Demonstrated organizational and project management skills with the ability to manage multiple initiatives simultaneously.
• Strong written and verbal communication skills, effective for both technical and non-technical audiences.

Preferred Qualifications:

• Relevant certifications such as CISSP, CISM, CISA, Security+, AWS Security Specialty, or equivalent are preferred.
• Experience developing executive-level dashboards and risk reports that clearly communicate compliance status, vulnerability trends, audit readiness, and overall security posture to senior leadership.
• Proven experience mentoring and coaching cybersecurity team members, including delivering formal or informal training and fostering skill development to improve team performance.
• US Citizens or Permanent Residents are preferred.

Employment Type: This position is a long-term contract, full-time remote with travel as needed for special projects to the client site in Rockville, MD. There is also an opportunity to work from the customer site in Rockville, MD more regularly for those local to the area.

Special Requirements

US Citizens or Permanent Residents preferred. Travel as needed for special projects to the client site in Rockville, MD. Opportunity to work from the customer site in Rockville, MD more regularly for those local to the area.

Compensation & Location

Salary: $120,000 – $180,000 per year (Estimated)

Location: Rockville, MD

Recruiter / Company – Contact Information

Email: bhu@vsiiusa.com

Recruiter Notice:
To remove this job posting, please send an email from
bhu@vsiiusa.com with the subject:

DELETE_JOB_ID_6380

to delete@join-this.com.