Senior IA/Cybersecurity Lead

ProSync is seeking a passionate Computer Systems Security Specialist I to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats.  This position offers a salary in the range of $100k-116k based on numerous factors, including degree and overall experience.  ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community.  If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT II which requires a Security+ or equivalent and Continuous Education (CE). Five (5) years of experience in: Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Three (3) years of experience in: Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. One (1) year of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. If a proposed individual does not meet both the required education and experience qualifications, nine (9) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these nine (9) years should demonstrate experience in “1” through “3”. Three (3) of these nine (9) years should demonstrate experience in “1” through “3”. At least one (1) of these nine (9) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

ProSync is seeking passionate Computer Systems Security Lead to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats.  This position offers a salary in the range of $122k-129k based on numerous factors, including degree and overall experience.  ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community.  If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT III which requires a CISSP or equivalent. Seven (7) years of experience in: Analyzing IT specifications to assess security risks. Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Five (5) years of experience in: Designing and implementing safety measures and data recovery plans. Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. Two (2) years of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. One (1) year of experience supervising junior personnel. If a proposed individual does not meet both the required education and experience qualifications, eleven (11) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these eleven (11) years should demonstrate experience in “1” through “4”. Four (4) of these eleven (11) years should demonstrate experience in “1” through “4”. Two (2) of these eleven (11) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Hey there! We are Jump, AI for Financial Advisors. We are growing super fast, have a culture of kindness and ownership, and we’re looking for someone who is absolutely obsessed with security take ownership of it here at Jump. About you You love security. It’s what you are all about and you are very very good at it. You are very motivated and proactive and can get a lot done every day. You love coding and are excited to learn Elixir. You really want to find and fix security vulnerabilities in an Elixir/Phoenix codebase. You are very pleasant to work with and people feel better about themselves after interacting with you. What you’ll do Provide guidance, training, and tools to developers on secure coding principles, common vulnerabilities, and secure design patterns. Analyze, fix, and test vulnerabilities. Do code reviews, audit and analyze source code for vulnerabilities. Monitor the security industry for new developments. Evaluate, recommend, and implement security tools and technologies to improve our application security posture. Conduct threat modeling exercises for new and existing applications and systems. Ensure systems and processes adhere to relevant security standards, regulations (e.g., ISO 27001, SOC 2, GDPR, HIPAA), and internal policies. Implement and manage security controls for cloud environments (e.g., AWS, GCP), including identity and access management (IAM), network security, and data protection. Maintain comprehensive documentation for security processes, tools, and configurations. What success looks like after 12 months Major vulnerabilities are found SOC 2 Type II report continues to be delivered with zero high‑risk exceptions. Mean‑time‑to‑detect (MTTD) ≥ 90 % of employees complete annual security training and phishing tests. Security is a documented, automated part of CI/CD (build fails on critical vulns). Our largest enterprise customers cite security as a strength in renewals. Nice‑to‑haves: experience with multi‑tenant data isolation, SAML/SCIM integrations, or selling to regulated industries (FinTech, HealthTech, GovTech). Compensation & benefits Base salary: $170 k – $260 k USD Benefits: Health/dental/vision, 401k (no match yet) Time‑off: Flexible PTO with manager approval Gear: Top‑spec laptop, stipend for home office/security hardware Hiring process (2–3 weeks total) Homework assignment — Takes about 1hr Intro call (30 min) — with CTO. Paid Trial week — Come work with us for a week and see how you like it Team member intros & Reference checks Offer Other info: We buy the subscriptions you need (Cursor.ai, ChatGPT, etc) We’re a small and efficient dev team We’re growing gangbusters. All revenue-backed, super low churn. Raised a $20M Series-A a few months ago HQ based in SLC, Utah Remote friendly, must be based in the USA Requirements Have 5+ years hands‑on security engineering in cloud‑native (AWS/GCP/Azure) product environments. Can demonstrate end‑to‑end ownership of at least one compliance framework (SOC 2, ISO 27001, HIPAA, PCI DSS, etc.). Are fluent in modern DevSecOps tooling (Terraform, Kubernetes, GitHub Actions, OIDC/OAuth). Write code well enough to build internal tooling or fix a critical bug (we use Elixir & Terraform). Communicate complex risks in plain language to engineers, execs, and customers. Are comfortable being a “team of one” at first and progressively hiring/mentoring teammates.

Systems Security Administrator (15.23) OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. Responsibilities and Duties OCT currently has an opening for a Systems Security Administrator to work with a technology division within the Federal Bureau of Investigation (FBI). This role will require strong knowledge of system administration and attention to detail. Day to day responsibilities include: Establish and manage Role-Based Access Controls (RBAC) for the Unified Financial Management System Secret Cloud (UFMS-SC), including Writing, Itemizing and Recording Expenses (WIRE) as a component of UFMS-SC, the Asset Management System (AMS), the U.S. Treasury Bureau of Fiscal Service’s Invoice Processing Platform (IPP), the U.S. Treasury Bureau of Fiscal Service’s Over-the-Counter Channel Application (OTCNet), and the U.S. Treasury Bureau of Fiscal Service’s G-Invoicing Application (G-INV) (Other applications may subsequently be added). Coordinate with applicable Information System Security Officers (ISSOs) and other system support personnel to ensure user access is implemented and maintained in accordance with governing policies and procedures. Provide recommendations for developing new user security groups, profiles, and roles to ensure compliance with governing policies and procedures. Create, modify and/or delete user access security groups, profiles, and roles in accordance with governing policies and procedures. Add users and assign initial user security groups, profiles, and/or roles which address separation of duties, “need-to-know,” and “least privileges” to ensure compliance with the FBI’s Risk Management Framework policy. Adhere to established RBACs and established policies and procedures when adding/removing/modifying user access accounts. Identify problematic or incomplete information on security access request forms that could delay or negate the processing of the requests; identify items of security concern; determine whether additional checks are necessary based on the evaluation of available information. Review/respond to routine user access requests for supported applications. Develop procedures for managing changes in user access to applications (as required access, “need-to-know,” and/or “least privileges” change) and for terminating user access when no longer required or authorized, in accordance with governing policies and procedures. Develop/maintain SSA Standard Operating Procedures (SOPs). Provide scheduled and ad-hoc reports regarding user access as directed by ISU PM or designee and/or established policies and procedures. Develop/maintain user guidance documentation for supported applications. Develop/maintain procedures and guidelines providing a detailed overview of the establishment and assignment of user security groups, profiles, and roles. Conduct annual user recertifications for the supported financial and facilities applications to ensure compliance with policy requirements. Develop/maintain procedures and guidelines presenting a detailed overview of the annual user recertifications. Obtain developmental training on supported applications’ security administration functionality. Validate current/requested access. Requirements Qualifications/Requirement Must be a US Citizen. Must hold an active DoD Top Secret (TS) clearance. Undergraduate degree, preferably in a math or science field. Minimum of 2 years of experience. Demonstrated experience in systems security administration, as described above. Demonstrated experience analyzing complex problems and identifying and resolving root causes. Strong interpersonal skills; strong analytical, critical thinking, and problem-solving skills. Must be able to work onsite: the primary place of performance will be at FBI facilities in the Washington Metropolitan Area (WMA)/ National Capital Region (NCR). Benefits Benefits OCT offers competitive compensation packages and a full suite of benefits which includes: Medical, Dental, and Vision insurance Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee’s gross salary Paid Time Off and Standard Government Holidays Life Insurance, Short- and Long-Term disability benefits Training Benefits Salary Range: $100,000-$125,000 yearly commensurate with experience, education, etc. About OCT Consulting OCT Consulting LLC is a minority-owned, Small ​Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies. At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where every employee can thrive based on their abilities, skills, and achievements. Our practices are designed to ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone’s contributions are valued and recognized.

Global Dimensions is a HUBZone, service disabled, veteran-owned small business based in Fredericksburg, VA. We are a dynamic, expanding company with exciting opportunities in language/culture, training/education/instruction, IT, cyber security, and intelligence (analysts, CI, HUMINT, SIGINT, etc.). Global Dimensions is currently seeking Junior Cyber Systems Analysts for upcoming opportunities in Quantico, Virginia. Junior Cyber Systems Analyst will: Evaluate the cybersecurity stance of a USMC defense program, ensuring it adapts to leading cybersecurity practices and prioritizes cyber threats based on comprehensive cyber analysis. Examine foreign capabilities to detect, disrupt, and block USMC emissions and signals across the entire cyber kill chain, including, but not limited to, emissions from targeting, communications, and ISR (Intelligence, Surveillance, and Reconnaissance) systems, as well as reversible and non-reversible attacks. Monitor and assess advancements in emerging and commercial technologies that state and non-state actors could leverage to detect, disrupt, or compromise USMC acquisition programs’ network infrastructure. Identify critical risk factors within the environment, such as network classification, baseline activity, system architecture, operating systems, services, connectivity, and bandwidth. Determine the boundaries of the network for potential collection activities. Define the limits of connected or supporting networks that may require collection efforts. Evaluate existing databases to identify intelligence gaps. Utilize open-source information to collect Publicly Available Information (PAI). Investigate the physical battlespace to understand how the environment could influence tactical operations. Characterize the effects of the battlespace. Analyze the battlespace environment in terms of information, services, and networks, focusing on confidentiality, integrity, and availability, and evaluating mechanisms to protect, detect, respond, restore, and conduct reviews. Examine additional characteristics of the battlespace, such as security measures, auditing procedures, and backup systems. Assess the adversary's physical location of assets, architecture, automation capabilities, security policies, baseline activity, vulnerabilities, and conclusions related to Rules of Engagement (ROE) for Information Assurance (IA), Computer Network Defense (CND), and Computer Network Attack (CNA). Identify potential Courses of Action (COA) for the adversary. Determine the adversary’s likely objectives and desired outcomes. Identify all possible COAs available to the adversary, with an emphasis on the most likely and most dangerous options. Develop COAs based on the adversary's perspective of friendly information architecture (reverse cyber IPB). Evaluate and prioritize each adversary’s COA. Continuously refine COAs as new information becomes available over time. Assess foreign Computer Network Defense (CND) and Computer Network Attack (CNA) capabilities, limitations, and vulnerabilities. Evaluate potential vulnerabilities in USMC tactical systems to CNA, including systems associated with targeting, ISR, and navigation. Provide portfolio-specific analysis, expertise, and intelligence production as outlined below. Conduct Threat Steering Groups with participants from USMC Combat Development & Integration to identify key factors and significant risk drivers for potential material solutions that may influence lifecycle cost, performance, schedule, and other acquisition decisions. Produce and deliver Validated Online Lifecycle Threat Reports (VOLTs), Critical Intelligence Parameters (CIPs), and Capability Development Threat Summaries to support Marine Corps Acquisition Programs throughout the Joint Capabilities Integration and Development System (JCIDS) process, assisting the Defense Acquisition System. Requirements TS/SCI Security Clearance Desired Experience: At least 3 years of experience conducting analysis relevant to the labor category, with at least some of the experience within the last 2 years. Desired Education: Bachelor’s degree in a field related to the labor category from an accredited college or university recognized by the U.S. Department of Education. Alternatively, an additional 4 years of experience in the specific labor category, totaling 7 years, may substitute for a Bachelor’s degree. Demonstrates a working knowledge of the concepts involved in the specific functions outlined in the labor category description. Knowledgeable of and demonstrates the ability to apply IC and DoD classification guidelines and procedures. Demonstrates the ability to work semi-independently with oversight and direction. Demonstrates the ability to apply logic when evaluating and synthesizing multiple sources of information. Shows understanding of interpreting analysis, including its meaning, significance, and implications. Demonstrates the ability to defend analytic judgments with sound, logical conclusions, and to adapt these judgments when new information, changing conditions, or unexpected developments arise. Demonstrates the ability to produce timely, logical, and concise analytic reports, documents, assessments, studies, and briefing materials in various formats, including Microsoft Office tools (e.g., Excel, Word, PowerPoint), electronic/soft copy matrices, and/or web-enabled formats. Demonstrates the ability to clearly communicate complex issues in a concise and organized manner, both verbally and non-verbally, with strong grammar skills. Demonstrates proficiency with Microsoft Office tools. Demonstrates the ability to develop structured research, including but not limited to obtaining, evaluating, organizing, and maintaining information within security and data protocols. Demonstrates the ability to recognize nuances and resolve contradictions and inconsistencies in information. Demonstrates working knowledge of complex analytic methodologies, such as structured analytic techniques or alternative approaches, to examine biases, assumptions, and theories, reducing uncertainty, strengthening analytic arguments, and mitigating surprise. Structured analytic techniques include, but are not limited to, Analysis of Competing Hypotheses, Devil’s Advocacy, High-Impact / Low-Impact Analysis, Red Team Analysis, and Alternative Futures Analysis. Demonstrates understanding of intelligence collection capabilities and limitations, including but not limited to technical sensors/platforms and human intelligence sources relevant to the labor category. Demonstrates understanding of evaluating collected intelligence reporting, engaging with collection managers, and developing collection requirements. Global Dimensions does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits. Equal Opportunity Employer/Veterans/Disabled.

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Senior Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum ten (10) years in threat assessment and/or threat management. Minimum ten (10) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $195,000 - $210,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.   Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.