United States Security Job Listings

Microsoft Defender Specialist - Active TS/SCI with CI Poly

Washington, DC, USA

Negotiable Salary

Fidelis Administrator - Active TS/SCI with CI Poly63845342208001121

Workable

Fidelis Administrator - Active TS/SCI with CI Poly

Work individually or in a small integrated team to develop innovative solutions to enable secure and reliable operations of enterprise computer systems. Develop new concepts and processes and analyze root causes and resolve complex issues utilizing your knowledge of industry. Performs systems administration of cyber tools sets and server systems connected to networks across multiple classification domains. Provide support to developmental and operational systems including day-to-day operations, monitoring, and problem resolution for all client/server/storage/network devices, etc. Install, configure and manage operating system and application software as necessary. Support Linux & Windows systems engineering efforts in system design and evaluation, solution engineering, software development, or system administration. Requirements 3+ years of experience as a system administrator Experience with installing or configuring devices, applications, and security tools, including Fidelis Experience maintaining, engineering, deploying, and configuring Fidelis DLP and XPS appliances, including DirectSensor 10G, Mail DLP, and CommandPost, through both iLO and connected directly to the appliance via SSH or Console Port Experience operating and maintaining Linux servers, including operating systems and applications, patching, and other updates Ability to analyze and respond to Fidelis system logs, security logs, and other events to troubleshoot Fidelis appliance stack and network issues to ensure it remains fully operational Active TS/SCI clearance; willingness to take a polygraph exam HS diploma or GED and 7+ years of experience as a system administrator, Associate’s degree and 5+ years of experience as a system administrator, or Bachelor’s degree and 3+ years of experience as a system administrator Active DoD 8570 IAT Level II Certification, including Security+ CE, CCNA - Security, GSEC, SSCP, CySA+, GICSP, or CND Certification Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider (CSSP) - Infrastructure Support (IS) certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND within 60 days of start date. Optional Qualifications: Experience with operating and maintaining Microsoft Windows and Linux servers to include operating systems. Prior experience as a SOC analyst, Hunt analyst, or DLP analyst, or have previously used Fidelis DLP in an administrative & monitoring capacity. Familiarity with DoD Risk Management Framework. Experience automating deployments and configuration management. Experience as a network administrator or systems engineer. Experience in using Active Directory to manage Windows policies. Knowledge of different layers of the technology stack, including network, application frameworks, database systems, and vendor solutions. Knowledge of Git and Atlassian tools, including Jira and Confluence and Microsoft Visio (or like product) graphic and flowchart design. Benefits Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients. Why ENS? Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS 401k Contribution from Day 1 PTO + 11 Paid Federal Holidays Long & Short Term Disability Insurance Group Term Life Insurance Tuition, Certification & Professional Development Assistance Workers’ Compensation Relocation Assistance

Joint Base Anacostia-Bolling, Washington, DC 20032, USA

Negotiable Salary

Senior Cyber Security Specialist (Top Secret Clearance Required)63844786025217122

Workable

Senior Cyber Security Specialist (Top Secret Clearance Required)

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Senior Cyber Security Specialist to support and advise security professionals on emerging cyber threats, risk mitigation strategies, and compliance standards within the Department of Defense (DoD) Intelligence Community (IC). The ideal candidate will have a strong technical background in classified and unclassified systems, insider threat tools, user activity monitoring (UAM), and cyber threat intelligence. This role requires expertise in offensive and defensive cyber capabilities, network security frameworks, and collaboration across government organizations to enhance cybersecurity posture and threat detection capabilities. This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Advise security professionals on emerging cyber threats, risk mitigation strategies, and industry regulations. Support DoD Intelligence Community operations with expertise in cybersecurity threat management. Apply classified and unclassified system knowledge to facilitate security standards and compliance. Assist non-IT professionals in understanding Department of Defense network standards for effective insider threat tool deployment. Coordinate with cyber threat intelligence teams to develop strategic threat assessments and response plans. Promote and implement technical solutions that support mission-critical cybersecurity objectives. Conduct user activity monitoring (UAM) and cybersecurity evaluations to detect anomalous behaviors and insider threats. Assess and advise on both offensive and defensive cybersecurity strategies within DoD and Intelligence frameworks. Utilize expertise in at least one of the following cybersecurity domains: Risk/Vulnerability/Threat Assessments Cloud Security Security Operations Firewall (FW), Intrusion Prevention System (IPS), Intrusion Detection System (IDS) Configuration Penetration Testing Forensics Threat Intelligence Threat Hunting Maintain awareness of state, local, and federal cybersecurity developments, standards, frameworks, and regulations and their impact on operations. Support counterintelligence, insider threat, and law enforcement investigations through cybersecurity expertise. Requirements Bachelor’s degree in Computer Science or a related field. Minimum fifteen (15) years of experience advising security professionals on emerging cyber threats. Minimum ten (10) years of experience working within the DoD Intelligence Community. Demonstrated knowledge of DoD/IC computer systems, protections, and cybersecurity threats. Experience advising non-IT professionals on DoD network standards for insider threat tools. Strong coordination skills for collaborating across organizations and implementing cybersecurity solutions. Preferred Qualifications: Certified Information Systems Security Professional (CISSP). Knowledge of user activity monitoring (UAM) software and processes. Expertise in DoD cybersecurity compliance frameworks and regulations. Strong background in counterintelligence and insider threat investigations. Experience working across government security agencies, military cybersecurity teams, and intelligence divisions. Salary Range: $220,000 - $240,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Washington, DC, USA

$220,000-240,000/year

Workable

SOC Analyst

This position supports the State of Iowa’s Department of Management (DOM), Security Operations Center (SOC). The purpose of this position is to provide tier two triage for information technology issues and information security incidents. As a tier two information security incident handler, this position will be responsible for information security incidents for the entirety of their lifecycle. This position will renew on 7/1/25. Serve as the primary incident owner for the Security Operations Center. Lead efforts related to the incident handling processes such as incident discovery, analysis and verification, incident tracking, containment and recovery, incident response coordination, escalation, and notification. Lead efforts in coordinating with other teams to remediate detected incidents. Communicate intelligence to key personnel. 5 years’ experience required in the following: Systems Security Certified Practitioner (SSCP), CompTIA Security+ (Security+ CE), CompTIA Cybersecurity Analyst (CSA+) or other information security certifications Strong understanding of security technologies and strategies, including but not limited to firewall, IDS, policy management, security processes/best-practice, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response Solid knowledge of common and emerging attack vectors, penetration methods and countermeasures. Knowledge of conflict resolution and incident escalation. Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability. Demonstrated ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought. Demonstrated ability to solve complex problems, convey both oral and written instruction, and handle multiple task interruptions while providing services in a professional and courteous manner. Proven ability to work with diverse audiences and translate technical information into non-technical information. Must be an individual of high integrity and be a model of unwavering integrity to others. Commitment to fostering a diverse working environment. Demonstrated ability to work independently, as part of a team of peers, and to support and contribute to a multidisciplinary team environment.

Des Moines, IA, USA

Negotiable Salary

Senior Firewall Engineer (Palo Alto)63843480041089124

Workable

Senior Firewall Engineer (Palo Alto)

We are seeking an experienced Senior Firewall Engineer with deep expertise in Palo Alto Networks firewalls to design, implement, and manage advanced network security solutions. The ideal candidate will be responsible for ensuring the security, performance, and reliability of our network infrastructure by leveraging Palo Alto firewall technologies and best practices. This role requires strong technical expertise, problem-solving skills, and the ability to collaborate with cross-functional teams to safeguard the organization’s network environment. Key Responsibilities: Firewall Design & Implementation: Architect, configure, and deploy Palo Alto Networks firewalls (physical and virtual, including PA-Series, VM-Series, and Panorama) to meet organizational security and performance requirements. Policy Management: Develop, implement, and maintain firewall policies, rules, and security profiles to enforce access controls, threat prevention, and compliance with industry standards (e.g., PCI-DSS, HIPAA, NIST). Network Security Operations: Monitor, troubleshoot, and optimize firewall performance, ensuring high availability, low latency, and robust security across the network. Threat Prevention: Configure and manage advanced Palo Alto features such as URL filtering, WildFire, GlobalProtect VPN, IPS/IDS, and application-based policies to mitigate cyber threats. Incident Response: Investigate and respond to security incidents, perform root cause analysis, and implement corrective actions to prevent recurrence. Automation & Scripting: Utilize scripting (e.g., Python, PowerShell) and automation tools to streamline firewall management, policy updates, and reporting processes. Collaboration: Work closely with network engineers, security analysts, and IT teams to integrate Palo Alto firewalls with other systems, such as SD-WAN, cloud platforms (AWS, Azure, GCP), and SIEM solutions. Documentation & Training: Maintain detailed documentation of firewall configurations, policies, and procedures. Provide training and mentorship to junior team members. Compliance & Auditing: Ensure firewall configurations align with regulatory requirements and participate in security audits and assessments. Upgrades & Maintenance: Plan and execute firmware upgrades, patch management, and system migrations for Palo Alto firewalls and Panorama. Vendor Interaction: Collaborate with Palo Alto Networks support and account teams to resolve complex issues and stay updated on product enhancements. Requirements Minimum of 5-7 years of experience in network security, with at least 3 years focused on Palo Alto Networks firewalls. Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE) required. Additional certifications such as CCNP Security, CISSP, or equivalent are a plus. Technical Skills: In-depth knowledge of Palo Alto Networks firewall platforms (PA-Series, VM-Series, Panorama). Expertise in firewall policy management, NAT, VPN (IPsec/SSL), App-ID, User-ID, and threat prevention. Strong understanding of networking protocols (TCP/IP, BGP, OSPF, VLANs, etc.) and network architecture. Proficiency in scripting (Python, PowerShell, or similar) for automation. Familiarity with cloud security (AWS, Azure, GCP) and SD-WAN integration. Soft Skills: Excellent problem-solving, communication, and teamwork skills. Ability to work under pressure and manage multiple priorities. Education: Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience). Preferred Qualifications: Experience with Palo Alto Networks Prisma Access or Prisma Cloud. Knowledge of other firewall platforms (e.g., Cisco ASA, Fortinet, Check Point). Familiarity with SIEM tools (e.g., Splunk, QRadar) and network monitoring solutions. Experience in a highly regulated industry (e.g., finance, healthcare, government). Working Conditions: May require occasional on-call support for critical incidents. Ability to work in a fast-paced, dynamic environment. Benefits Competitive salary commensurate with experience. Comprehensive health benefits package 401(k) with company match. Paid time off and holidays. American Operations Corporation is an EEO employer and does not discriminate on the basis of race, religion, disability, veteran status, gender or sexual orientation.

Washington, DC, USA

Negotiable Salary

Senior Cloud Security Engineer63843468155011125

Workable

Senior Cloud Security Engineer

Umbra builds next-generation space systems that observe the Earth in unprecedented fidelity. Our mission is to deliver global omniscience. To stay ahead of climate change, geopolitical risk, and other major crises and issues, we need a global understanding of what is changing, where, and how fast. Umbra provides easy access to the highest quality commercial satellite data available, an indispensable tool for the growing number of organizations monitoring the Earth. We empower our customers to create solutions that inform, inspire, and address our planet's most pressing needs. We’re helping to create a new industry that has never meaningfully existed before. As we continue to innovate, we are looking for a dedicated Senior Cloud Security Engineer to join our team. In this critical role, you will lead the charge in designing and implementing robust security measures across our cloud-based infrastructure. You will be responsible for ensuring the compliance, safety, and integrity of our systems while collaborating with engineering and operations teams to integrate security solutions seamlessly into our infrastructure. Your expertise will help in evaluating cloud services and deploy security controls that adhere to best practices, safeguarding our applications and sensitive data from cyber threats. If you are passionate about cloud security and want to make a tangible impact on space technology, we invite you to apply! Our aim is to hire this position to work in Umbra's Santa Barbara/Goleta, CA office. Key Responsibilities Possess a deep understanding of cloud security architecture, threat modeling, and compliance frameworks, and make informed decisions about security trade-offs and risk management. Work with cross-functional teams to design, implement, and continuously improve secure DevOps pipelines and secure software development lifecycles (SDLC). Design and implement security automation tools and processes to improve system security and minimize manual intervention in securing software releases. In partnership with product development and information security team members, support risk assessment activities of cloud environments to identify & remediate vulnerabilities and evaluate security posture. Collaborate with engineering teams to define secure cloud architectures and provide guidance on cloud services and technologies. Be the continuous advocate for improving security best practices and champion for a security minded culture with all technical staff to increase overall awareness and capabilities in addressing security risks. Monitor cloud environments for security incidents and anomalies, responding promptly to alarms, events, and threats Assist in compliance efforts with regulations and standards such as NIST 800-171 and CMMC, and others relevant to cloud security. Implement security frameworks, best practices, and processes for cloud security operations. Take ownership and follow through, consistently and independently delivering results. Possess initiative and urgency, with a bias toward action. Provide training and resources to team members to enhance awareness of cloud security risks and best practices. Other professional duties as assigned. Requirements Required Qualifications Bachelor's degree in Computer Science, Cybersecurity, or a related field. Relevant experience can be a substitute for a degree. 6+ years of experience in cloud security, or similar role deeply integrated into DevOps environments, integrating security into CI/CD pipelines. Strong knowledge of cloud security principles and practices, particularly with major cloud service providers (AWS, Azure, GCP). Experience with security infrastructure tools such as IAM & access control, encryption & key management, vulnerability management and threat detection systems. Experience working with Infrastructure as Code (Terraform, Cloud Formation etc). Familiarity with Kubernetes and container security principles. Familiarity with compliance frameworks and standards relevant to cloud security. Excellent problem-solving skills and the ability to communicate complex concepts clearly to technical and non-technical audiences. A strong understanding of networking concepts, security protocols, and risk management principles. Desired Qualifications Certifications such as Certified Cloud Security Professional (CCSP), AWS Certified Security – Specialty, or equivalent are a plus. Background in threat modeling, penetration testing, or security architecture reviews Experience working in the aerospace or defense sectors is an advantage. Experience with federal compliance frameworks (FedRAMP, CMMC) Strong analytical and strategic thinking skills. Benefits Flexible Time Off, Sick, Family & Medical Leave Medical, Dental, Vision, Life, LTD, STD (employer funded) Vol Life, Critical Illness, Accidental, Hospital Indemnity, Pet Insurance (employee funded) 401k with 3% non-elective company contribution Stock Options Free Parking Free lunch daily in office Umbra is an Equal Opportunity Employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected veteran status, or any other characteristic protected by federal, state, or local law. Employment Eligibility Verification In compliance with federal laws, all hired persons will be required to verify their identity and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire. ITAR/EAR Requirements This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. citizen, U.S. national, U.S. lawful permanent resident, refugee or asylee as defined by 8 U.S.C. § 1324b(a)(3), or must otherwise be eligible to obtain the required authorizations from the U.S. Department of State and/or U.S. Department of Commerce as applicable. Pay Transparency This job posting may cover multiple career levels. To ensure greater transparency, we provide base salary ranges for all roles, regardless of location. Our standard pay ranges are based on the role’s function and level, benchmarked against similar growth-stage companies. Compensation may vary based on geographical location, as certain regions may have different cost-of-living factors. The final offer will also be influenced by the candidate's skills, responsibilities, and relevant experience. Compensation Range The Compensation Range for this role is $140,000 - $175,000 DOE.

Goleta, CA, USA

$140,000-175,000/year

Computer Systems Security Specialist I63393562927617126

Workable

Computer Systems Security Specialist I

ProSync is seeking a passionate Computer Systems Security Specialist I to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $100k-116k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT II which requires a Security+ or equivalent and Continuous Education (CE). Five (5) years of experience in: Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Three (3) years of experience in: Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. One (1) year of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. If a proposed individual does not meet both the required education and experience qualifications, nine (9) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these nine (9) years should demonstrate experience in “1” through “3”. Three (3) of these nine (9) years should demonstrate experience in “1” through “3”. At least one (1) of these nine (9) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Port Hueneme, CA, USA

$100,000-116,000/year

Senior Cloud Security Architect63499855442435127

Workable

Senior Cloud Security Architect

as a Senior AWS Security Architect, you will be responsible for designing and implementing secure, scalable, and resilient AWS cloud infrastructures for our organization. You will work closely with engineering, operations, and DevOps teams to ensure the highest level of security throughout our AWS environments. Your expertise will drive best practices for cloud security, risk management, incident response, and security compliance in a complex and dynamic environment. Experience: 15 Years Key responsibilities - · Design, build, and maintain secure AWS cloud architectures, incorporating best practices for identity and access management, data encryption, network security, and secure software development lifecycle. · Lead the development and execution of security strategies to protect AWS environments. Provide thought leadership and guidance to technical teams on security-related matters. · Perform cloud security risk assessments and vulnerability assessments. Propose mitigation strategies and work closely with stakeholders to ensure the security of applications, data, and infrastructure. · Leverage AWS security tools (e.g., AWS Shield, AWS WAF, AWS GuardDuty, AWS Security Hub, AWS IAM) to enforce security policies and detect potential security incidents. · Design and implement incident response plans specific to AWS environments. Act as a lead in security incidents, conduct root cause analysis, and guide teams on post-incident remediation and recovery. · Ensure compliance with industry regulations and standards such as NIST, HIPPA, IRS and SSA in AWS cloud environments. Drive audit readiness and support security certifications. · Collaborate with DevOps teams to incorporate security into CI/CD pipelines, automate security testing, and ensure secure coding practices are followed throughout the software development lifecycle. · Provide mentorship and training to security engineers, developers, and other technical staff on AWS security best practices. Promote a security-first culture within the organization. · Stay up to date with emerging threats, vulnerabilities, and new AWS security features. Continuously improving security processes, tools, and practices to meet evolving security challenges. Required / Desired Skills · Bachelor’s or master’s degree in computer science, Information Security, Engineering, or related field. · 15+ years of experience in IT security, with at least 10 years of hands-on experience securing AWS cloud infrastructures. · Proven track record in designing and implementing secure AWS cloud architectures. · Expertise in security best practices for AWS, including encryption, access control, networking, monitoring, and auditing. · AWS Certified Security – Specialty (Required) · CISSP, CISM, or other recognized security certifications (Required) · Expertise in AWS architecture, security services, and compliance tools. · Strong knowledge of network security, cloud infrastructure, IAM (Identity and Access Management), and encryption methodologies. · Hands-on experience with infrastructure as code (e.g., Terraform, AWS CloudFormation). · Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation and security tools. · Experience in threat hunting, penetration testing, or security vulnerability assessments in AWS environments. · Knowledge of containerization and serverless architectures in AWS (e.g., Docker, Kubernetes, AWS Lambda).

Atlanta, GA, USA

Negotiable Salary

Sr. Information System Security Officer63392080594177128

Workable

Sr. Information System Security Officer

ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! The Senior Information Systems Security Officer (ISSO) will provide aid to the program, organization, system, or enclave's information assurance program and will also lend assistance for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies in addition to the below. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluates security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Requirements A minimum of twelve (12) years of total experience in the information security arena. A minimum of seven (7) years of experience directly as an ISSO supporting IC or DoD programs and contracts of similar scope, type, and complexity. A Bachelors of Science degree in Computer Science, Information Assurance, Information Security, or related discipline. Experience supporting over 30 SSP's. DoD 8570 compliance with IAM Level II or IAT Level III (i.e., CASP, CISSP, or Associate). A Top Secret/SCI w/ Polygraph is required. Benefits Join PROSYNC and enjoy our great benefits! Compensation: We offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement: We offer a comprehensive Health Benefits package and 401K Retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education: Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so you can get your degree or that next certification you need to propel you to the next level. Work/Life Balance: A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life.. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Annapolis Junction, MD, USA

Negotiable Salary

Computer Systems Security Specialist Lead63393555086209129

Workable

Computer Systems Security Specialist Lead

ProSync is seeking passionate Computer Systems Security Lead to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $122k-129k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT III which requires a CISSP or equivalent. Seven (7) years of experience in: Analyzing IT specifications to assess security risks. Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Five (5) years of experience in: Designing and implementing safety measures and data recovery plans. Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. Two (2) years of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. One (1) year of experience supervising junior personnel. If a proposed individual does not meet both the required education and experience qualifications, eleven (11) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these eleven (11) years should demonstrate experience in “1” through “4”. Four (4) of these eleven (11) years should demonstrate experience in “1” through “4”. Two (2) of these eleven (11) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Port Hueneme, CA, USA

$122,000-129,000/year

Senior Cyber Security Engineer (USA)633920762960651210

Workable

Senior Cyber Security Engineer (USA)

Trexquant is a growing systematic fund adviser with a core team of highly accomplished technologists. We apply a wide variety of statistical and machine learning techniques to build investment portfolios and trade our client assets in global equity and derivatives markets. Our global team is composed primarily of research professionals with advanced science, math and technology degrees, with locations in the US, China and India. We’re looking for a motivated and technically adept security engineer to support the Technology and Compliance teams in engineer, enhancing and maintaining the Firm’s security program and infrastructure. This opportunity is ideal for a security professional who strives to work on diverse projects in an academically-influenced technologist culture, with mentoring and guidance from veteran staff. Responsibilities Explore, develop and implement innovative security solutions, protocols, and procedures to protect the organization’s systems and networks. Maintain current security platforms and set up preventive measures. Assist in reviewing cybersecurity protocols designed to protect the Firm’s proprietary data, systems and infrastructure in accordance with industry regulations and best practices. Monitor vulnerability awareness platforms, penetration testing results, and other risk analysis to identify and mitigate security weaknesses. Help maintain and review data flow monitoring and configure logging tools to capture and detect suspicious behavior. Assist compliance team with incident response procedures to identify, manage, and mitigate security incidents and breaches, and establish a protocol for security incident reporting. Collaborate with internal stakeholders to carry-out periodic risk assessments and work closely with consultants to ensure ongoing compliance and security readiness. Stay up to date with the latest security trends, technologies, and threat intelligence. Requirements Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Master’s degree in a related field preferred. 3+ years of prior experience in a security engineering or security operations role, ideally at a quantitative adviser, technology company or systematic trading firm. Solid understanding of security concepts such as encryption, authentication, access control, vulnerability management and network monitoring and security. Experience with security tools such as firewalls, SIEM systems, IDS/IPS and vulnerability scanners. Knowledge of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2, PCI-DSS, GDPR). Experience with scripting or automation (e.g., Python, Bash, PowerShell) to implement security measures or automate tasks. Ability to translate complex security concepts to non-technical stakeholders. Industry certifications such as CISSP, CEH, or CompTIA Security+ are preferred. Good knowledge of Unix-like operating systems and experience with FreeBSD is a plus. Benefits Competitive salary, plus bonus based on individual and company performance Collaborative, casual, and friendly work environment while solving the hardest problems in the financial markets PPO Health, dental and vision insurance premiums fully covered for you and your dependents Pre-tax commuter benefits Weekly company meals Trexquant is an Equal Opportunity Employer

Stamford, CT, USA

Negotiable Salary

Identity Access Management Positions -3 - San Jose, CA, Austin, TX (Remote ok)633920667412491211

Workable

Identity Access Management Positions -3 - San Jose, CA, Austin, TX (Remote ok)

Role: Senior Technical Engineer - Identity Access Management [Positions -3] Location: San Jose, CA, Austin, TX (Remote ok) Qualifications: · Bachelor's Degree in Computer Science or related field. · A solid grounding in Computer Science fundamentals. · 15+ years of experience building successful production software systems. · 5+ years of relevant experience in Identity Access Management domain & solid understanding of Identity open standards and specs What you need to bring: · Expert on open standards such as OAuth 2.0, Open ID Connect, SCIM, FAPI etc. · Expert in back-end development using Java EE technologies (e.g. Java language, application servers, servlet containers, JMS, JPA, Spring MVC, Hibernate). · Strong OOP skills, with ability to analyze requirements and transform into scalable software designs. · Experience with HTTP, REST API's and competent designing and building web services/microservices in a commercial setting. · Knowledge of SQL and other/NoSQL/modern database and storage technologies. Desired understanding of Oracle, JDBC and ORM frameworks (e.g. Hibernate). · Experience with Design Patterns, MVC and frameworks (e.g. Spring). · Competent in design/implementation for reliability, availability, scalability, and performance. · Competent in software engineering tools (e.g. Java build tools) and best practices (e.g. unit testing, test automation, continuous integration, etc.). · Should be a strong advocate of code craftsmanship, good coding standards and use of tools that will improve the quality of the delivered code. · Demonstrate a high level of curiosity, passion for technology, pride of ownership and strive for excellence. · Experience with using Agile/Scrum methodology for software development. · Good understanding of web services and SOA related standards like REST/OAuth/JSON and SOAP/WSDL. · Extra credit: Provide your GitHub account or code samples with your resume!

Austin, TX, USA

Negotiable Salary

Information System Security Officer (ISSO) III633920665341471212

Workable

Information System Security Officer (ISSO) III

Paragon Cyber Solutions is hiring a skilled Information System Security Officer (ISSO) III to support cybersecurity and compliance functions in direct support of the Naval Surface Warfare Center Philadelphia Division (NSWCPD). This position is contingent upon contract award. The ISSO III will play a vital role in implementing and maintaining security controls, supporting incident response, and ensuring overall system compliance with Department of Defense (DoD) cybersecurity standards and frameworks. If you’re looking for an opportunity to make an impact while supporting national security, we want to hear from you. Requirements Ensure security compliance across information systems by implementing DoD cybersecurity policies, standards, and guidelines. Assist in applying Risk Management Framework (RMF) requirements for system security accreditation and authorization. Coordinate and enforce required security changes and control implementations across systems and networks. Conduct vulnerability scans, threat assessments, and cyber risk analysis on mission systems. Support cyber incident response efforts including investigation, containment, documentation, and reporting. Perform continuous monitoring of system security postures and coordinate with other cybersecurity personnel to maintain system integrity. Prepare and maintain system security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and security assessment reports. Participate in site inspections, compliance audits, and assessments by government or third-party assessors. Education Bachelor’s degree in Computer Science, Information Technology, Communications Systems Management, or a related STEM field from an accredited college or university. Experience At least 6 years of relevant experience coordinating security implementation, policy compliance, vulnerability/threat assessments, and supporting incident response and investigation efforts. Certifications (one or more required): Must meet IAM Level II IAWF baseline certification standards under DoD 8140/8570.01-M, with at least one of the following: CAP (Certified Authorization Professional) CASP+ CE (CompTIA Advanced Security Practitioner) CISM (Certified Information Security Manager) CISSP (or Associate) GSLC (GIAC Security Leadership Certification) CCISO (Certified Chief Information Security Officer) HCISPP (HealthCare Information Security and Privacy Practitioner) Benefits Health Care Plan (Medical, Dental & Vision). Retirement Plan (401K w/ employer matching). Paid Time Off & Paid Federal Holidays. Short and Long-Term Disability. Healthy Work-Life Balance.

Philadelphia, PA, USA

Negotiable Salary

Cyber Systems Analyst - Junior - TS/SCI - Quantico, VA633935479476491213

Workable

Cyber Systems Analyst - Junior - TS/SCI - Quantico, VA

Quantico, VA 22134, USA

Negotiable Salary

Senior Threat Manager (Top Secret Clearance Required)633935445623071214

Workable

Senior Threat Manager (Top Secret Clearance Required)

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Senior Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum ten (10) years in threat assessment and/or threat management. Minimum ten (10) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $195,000 - $210,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Washington, DC, USA

$195,000-210,000/year

Security Operations Engineer634999837015071215

Workable

Security Operations Engineer

Founded in 2016 in Silicon Valley, Pony.ai has quickly become a global leader in autonomous mobility and is a pioneer in extending autonomous mobility technologies and services at a rapidly expanding footprint of sites around the world. Operating Robotaxi, Robotruck and Personally Owned Vehicles (POV) business units, Pony.ai is an industry leader in the commercialization of autonomous driving and is committed to developing the safest autonomous driving capabilities on a global scale. Pony.ai’s leading position has been recognized, with CNBC ranking Pony.ai #10 on its CNBC Disruptor list of the 50 most innovative and disruptive tech companies of 2022. In June 2023, Pony.ai was recognized on the XPRIZE and Bessemer Venture Partners inaugural “XB100” 2023 list of the world’s top 100 private deep tech companies, ranking #12 globally. As of August 2023, Pony.ai has accumulated nearly 21 million miles of autonomous driving globally. Pony.ai went public at NASDAQ in November 2024. Responsibility Collaborate with IT, Infrastructure, HR, Admin and Technical teams to support staff onboarding and offboarding processes. Continuously monitor security events, threats, and vulnerabilities across systems and networks. Respond to security incidents, support incident investigations, and escalate issues when necessary. Perform threat identification, triage, and risk assessments to inform proactive mitigation strategies. Administration and configuration of tools to log and analyze security and privacy related data. Implement security policies in tools to automate security and privacy monitoring and analytics. Analyze security logs to identify anomalies, policy violations, or indicators of compromise. Identify security and privacy gaps, and propose improvements to strengthen the organization’s overall security framework. Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Minimum of 2 years of hands-on experience in Information Technology, cybersecurity, or working in a Security Operations Center (SOC) or Network Operations Center (NOC). Solid understanding of the threat landscape, attacker tactics (e.g., phishing, malware, APTs, DoS attacks), and defensive strategies. Proficiency in at least one scripting language (e.g., Python preferred). Skilled in security technologies such as SIEM, SOAR, EDR, ID/IPS, access control, vulnerability management, cloud security, and External Attack Surface Management (EASM). Experience with cloud security concepts, tools, and best practices across platforms like AWS, Azure, or GCP. Exceptional written, verbal, and interpersonal communication skills, with strong attention to detail. Proven ability to collaborate across teams and foster a customer-focused and security-aware culture. Compensation and Benefits Base Salary Range: $100,000 - $160,000 Annually Compensation may vary outside of this range depending on many factors, including the candidate’s qualifications, skills, competencies, experience, and location. Base pay is one part of the Total Compensation and this role may be eligible for bonuses/incentives and restricted stock units. Also, we provide the following benefits to the eligible employees: Health Care Plan (Medical, Dental & Vision) Retirement Plan (Traditional and Roth 401k) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation & Public Holidays) Family Leave (Maternity, Paternity) Short Term & Long Term Disability Free Food & Snacks Please click here for our privacy disclosure.

Fremont, CA, USA

$100,000-160,000/year

Workable

COMSEC Specialist

ProSync is seeking a passionate COMSEC Specialist (COMS-S) to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $78k-98k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Preparing comprehensive intelligence reports that distill complex information into clear and actionable insights for various stakeholders. Gathering and meticulously evaluating intelligence from a diverse range of sources, ensuring the validity and reliability of the information collected. Identifying potential threats through thorough analysis and ensuring that vital information is promptly communicated to superiors and critical decision-makers to facilitate timely and informed actions. Conducting briefings for both internal and external stakeholders, providing them with crucial updates and strategic recommendations based on the latest intelligence assessments. Conceptualizing, drafting, coordinating, and publishing in-depth intelligence assessments that address pertinent security issues, thus contributing to the organization's overall situational awareness and strategic planning. Requirements Two (2) years of experience in Intelligence and Analysis in the DoD or IC. Witnessing, delivering, picking up, and processing KOA Material. Reviewing, updating, and applying status markings. File destruction. Performing two-person integrity checks. One (1) year of experience in the following areas of intelligence and analysis: Conducting page checks; Executing material transfers. Providing COMSEC briefings and training. If a proposed individual does not meet both the desired education and experience qualifications, six (6) years of experience related to intelligence and analysis would be considered equivalent. Two (2) of these six (6) years should demonstrate experience in "1" through "4". One (1) of the six (6) years should demonstrate experience in “1” through “3”. A minimum Top Secret security clearance with SCI eligibility or higher is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Port Hueneme, CA, USA

$78,000-98,000/year

Mid-Level Threat Manager (Top Secret Clearance Required)633920467623711217

Workable

Mid-Level Threat Manager (Top Secret Clearance Required)

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Mid-Level Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum six (6) years in threat assessment and/or threat management. Minimum five (5) years of compensated professional experience in Threat Assessment and Management (TAM) OR two (2) years of ATAP membership in good standing and two (2) years of compensated professional experience (which may be concurrent). Minimum three (3) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $155,000 - $170,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Washington, DC, USA

$155,000-170,000/year

Identity Access Engineer - AuthN - Austin, TX, Remote Ok634999823649291218

Workable

Identity Access Engineer - AuthN - Austin, TX, Remote Ok

Identity Access Engineer - AuthN [Positions - 3] Location: Austin, TX, remote Ok Job Description: Responsibilities: · Engage with multiple teams of highly talented engineers and architects to design and develop highly scalable, secure and configurable identity solutions that meet the needs of our customers and stakeholders. · Actively engage with leadership across Product, Architecture, Design and Engineering to design, propose, discuss and refine new features and functionality. · Collaborate with other engineering teams, IT, and business stakeholders to understand requirements and deliver innovative identity solutions that meet organizational needs. · Communicate with stakeholders on technical standards, principles, methodologies and trends. · Enhance overall system operational characteristics by establishing best practices for code quality, reduction in tech debt, building frameworks or shared techniques to improve engineering effectiveness. · Identify opportunities for refactoring, API changes, solution designs and other types of tech debt remediation. · Influence management for driving technical decision-making for the right selection of technology by giving forthright, understandable, and actionable advice. · Work with standards defining organizations to understand the evolving standards, identify gaps, provide inputs on platform gaps, contribute to roadmap planning to build world class CIAM platform. · Drive decision-making with team members with different views for simple to complex problems with the business requirements to help synthesize the best solution. · Engage with business team, highly analytical and have experience designing and implementing A/B tests, with approach like data-based experiments. Required Skills: · 10-15 years of experience building successful production software systems and Identity solutions. · You must have significant business knowledge and technical expertise in application design and architecture, as well as knowledge of related domains of technical architectures (network, security, and infrastructure engineering), information architectures, and data architectures. · In-depth knowledge of identity management technologies, protocols, and standards, and competent in designing solutions for reliability, availability, scalability, and performance. · In-depth knowledge of Identity standards such as OAuth 2.0, Open ID Connect, SCIM etc. · Deep understanding of modern web applications design architecture, good API design patterns, performance, and scale. · Deep understanding of application security, information security, web application fundamentals, authentication & authorization protocols. · You must have experience in modern technologies such as JavaScript, Typescript, React, NextJs, Node. · Understands use cases for advanced design patterns (e.g., service-to-worker, MVC, API gateway, intercepting filter, dependency injection, lazy loading etc) to implement efficient code. · Strong OOP skills, with ability to analyze requirements and transform into scalable software designs. · Experience with HTTP, REST API's and competent designing and building web services/microservices in a commercial setting. · Knowledge of SQL and other/NoSQL/modern database and storage technologies. Desired understanding of Oracle, JDBC and ORM frameworks (e.g. Hibernate). · Experience with Design Patterns, MVC and frameworks (e.g. Spring). · Deep understanding of web services and SOA related standards like REST/OAuth/JSON and SOAP/WSDL. · Extra credit: Provide your GitHub account or code samples with your resume!

Austin, TX, USA

Negotiable Salary

Associate Director, Cyber Incident Response633935315347231219

Workable

Associate Director, Cyber Incident Response

The Associate Director is responsible for managing the Cyber Response Team in the US and leading overall delivery of incident response cases in the region. This role involves leading the technical aspects of the cyber response practice, managing our technical team members as well as managing client relationships. This role will report to Global Head of Cyber Response and work in tandem with European, Middle East and Asia colleagues on a follow-the-sun basis. The successful candidate will have a strong technical skill set, deep understanding of the North American cyber incident response market and a deep understanding of current and emerging advanced threat actors. They will have a proven track record of responding to advanced threats leveraging forensics and threat hunting technology. Role tasks and responsibilities Technical response Oversee incident response cases for all host and network based investigations, be responsible for the overall quality of our technical incident response work. Ownership of the entire lifecycle of a cyber incident including identification, containment, eradication and recovery. A particular area of specialty in eradication and recovery from an incident. Threat hunting using EDR tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity. Perform live compromise assessments for organizations who suspect a compromise. Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment. Demonstrate a deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers. Advise on the safe technical recovery of an organizations IT systems balancing the need to understand what has happened but speed up recovery. Be responsible for Control Risks technical Cyber Response strategy. Identify, design and then implement solutions that meet these strategic objectives. Client Management To build and develop client relationships facilitating where appropriate introduction and provision of additional Control Risks services. Working closely with the Global Head of Cyber Response and Global colleagues to ensure a cohesive go-to-market approach. Possess and develop working knowledge of key insurer and law firm relationships that may drive growth. Reporting Provide situation reports and other significant case related material to the client and the Director of Cyber Response. Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client. Report on the performance of the Technical Cyber Response work and forecast technical and resource requirements in the near and long term. Team management Establish resourcing requirements for our already growing Cyber Response practice, hire and then manage these technical individuals. Establish relationships with key recruiters and where possible align with the Cyber Crisis Management teams resourcing plans. Align with and help to expand the already re-occurring Internship Program and where business need requires onboard interns into the technical team. Define clear roles and responsibilities for new hires including a learning pathway for training & development. Ensure new joiners have appropriate time dedicated to technical development and research whilst balancing un-predictable workload. Governance Own the technical response Standard Operating Procedures, working with the team to ensure they are kept up to date with the latest threats. Ensure issues identified during delivery of cases are identified, escalated and resolved efficiently. Supporting the growth of the Cyber Response practice Refining Control Risks’ cyber response methodologies and approaches and tailoring the approach in changing market conditions. Identifying potential new areas of growth and opportunity. Requirements Candidates must be legally authorized to work in the US on a permanent basis without sponsorship. Candidates must possess unrestricted US work authorization. Proven experience in technically responding to significant and complex cyber attacks and information security related advisory Proven experience of managing and/or building the requisite technologies necessary for responding to a wide variety of common cyber security incidents Demonstrable experience of operating within a commercial environment and engaging with key stakeholders in insurance and risk management. Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments Experience in conducting log analysis and digital forensics following a cyber incident Experience of working with law firms, communications experts, and others on sensitive investigations. Track record of developing consultative relationships with clients Excellent people management skills Fluent in English (written and spoken) Excellent presentation skills Excellent analytical skills Preferred: Strong understanding of MITRE ATT&CK techniques / sub-techniques. The ability to articulate TTPs to clients in non-technical terms. Preferred: Experience in generating SIGMA rules for host detection, SNORT rules for network detection and YARA Signatures for file and memory artefact identification. Preferred: Experience in engaging in industry and law enforcement intelligence forums Preferred: Experience of supporting cross-jurisdictional response cases Preferred: Qualifications such as: CREST Registered Intrusion Analyst (CRIA), Certified Network Intrusion Analyst (CCNIA), Certified Host Intrusion Analyst (CCHIA), SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) or Enterprise-Class Incident Response & Threat Hunting (FOR608), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and full membership of ISACA. The base salary range for this position is $140,000-$150,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Washington, DC, USA

$140,000-150,000/year

Workable

Network Security SME

Job Description:: Responsibilities: • Serve as the primary subject matter expert for Zero Trust Network Access (ZTNA) solutions within the organization. • Lead the research, evaluation, and selection of ZTNA vendors and technologies that align with our security requirements and business objectives. • Design and architect robust and scalable ZTNA solutions, considering various deployment models (e.g., client-initiated, service-initiated). • Develop and document comprehensive ZTNA implementation plans, including architecture diagrams, policy frameworks, and integration strategies. • Collaborate with network engineering, security operations, and application development teams to integrate ZTNA seamlessly into our existing infrastructure and workflows. • Define and implement granular access policies based on the principles of least privilege, explicit verification, and contextual awareness. • Configure and manage ZTNA gateways, brokers, and policy enforcement points. • Integrate ZTNA solutions with existing Identity and Access Management (IAM) systems, including Multi-Factor Authentication (MFA) and Single Sign-On (SSO). • Develop and maintain documentation related to ZTNA architecture, policies, procedures, and troubleshooting guides. Qualifications: • Minimum [Specify Number, e.g., 5-8] years of experience in network security, with a significant focus on access control technologies. • Extensive knowledge on SDWAN, SDLAN and networking core principles • Proven expertise or strong working knowledge of Zero Trust Network Access (ZTNA) principles, architectures, and implementation methodologies. • Hands-on experience with one or more leading ZTNA solutions (e.g., Zscaler, Palo Alto Networks Prisma Access, Okta, Cisco Secure Access, Cloudflare Access, Fortinet). • Deep understanding of network protocols (TCP/IP, DNS, HTTP/S), firewall technologies, and network segmentation concepts. • Strong understanding of Identity and Access Management (IAM) principles and technologies (e.g., LDAP, SAML, OAuth, OIDC). • Experience with implementing and managing Multi-Factor Authentication (MFA) solutions. • Knowledge of device posture assessment and endpoint security technologies. • Excellent analytical, problem-solving, and troubleshooting skills. • Strong communication (both written and verbal) and presentation skills. • Ability to work independently and collaboratively within a team environment. • Relevant security certifications such as CISSP, CISM, CompTIA Security+, or vendor-specific ZTNA certifications are highly desirable.

Irving, TX, USA

Negotiable Salary

Automotive Cybersecurity Test Engineer633920299860511221

Workable

Automotive Cybersecurity Test Engineer

We’re seeking a motivated and technically curious individual to join our growing cybersecurity team as an Automotive Cybersecurity Test Engineer. In this role, you’ll support the evaluation and validation of cybersecurity requirements across a wide range of modern automotive systems. You’ll help shape how vehicle cybersecurity testing is performed— executing hands-on tests, refining test procedures, researching emerging solutions, and developing tools that improve how requirements are verified in real-world applications. This is a growth-oriented role designed for someone with 1 to 3 years of experience in computer or hardware systems who is eager to deepen their knowledge in vehicle cybersecurity and become a technical contributor in a rapidly evolving field. Perform hands-on testing to verify and validate cybersecurity requirements across cybersecurity relevant vehicle systems. Develop and refine cybersecurity test procedures for in-vehicle systems and connected ecosystems. Research emerging cybersecurity threats, tools, and solutions related to automotive systems. Translate security requirements into actionable test strategies and contribute to a comprehensive cybersecurity testing playbook for internal team use. Collaborate with engineering teams to ensure test procedures align with evolving system architectures and security requirements. Develop internal tools, scripts, or frameworks to support and automate the evaluation of cybersecurity requirements. Contribute to long-term goals of scalable and automated cybersecurity testing across the full automotive technology stack. Requirements Bachelor’s degree in Computer Engineering, Electrical Engineering, Computer Science, or related field. 1 to 3 years of industry or academic experience working with hardware systems, embedded software, or computer security. Familiarity with vehicle architectures, embedded systems, or automotive networking (CAN, LIN, Ethernet) is a plus. Strong understanding of APIs and application security, with hands-on experience in authentication protocols like OAuth, SAML, etc. Interest in modern connected vehicle systems including mobile app integration, cloud-based services, and EV infrastructure. Strong interest in cybersecurity and willingness to learn hands-on techniques related to threat modeling, test design, and system evaluation. Ability to document technical processes clearly and follow structured workflows. Proficiency in scripting or programming languages (e.g., Python, C/C++, Bash) is preferred. Self-motivated, detail-oriented, and collaborative.

Plano, TX, USA

Negotiable Salary

COMSEC Support Specialist - Active Secret Clearance633935209872671222

Workable

COMSEC Support Specialist - Active Secret Clearance

*** This role is contingent upon Contract Award*** The COMSEC Support Specialist is responsible for supporting the lifecycle management and accountability of Communications Security (COMSEC) material and equipment in accordance with National and Department of the Navy (DON) standards. The ideal candidate has prior experience as a COMSEC Manager or Key Management Infrastructure (KMI) Registration Manager and a strong understanding of CNSSI 4005, CNSSI 4006, and DON CMS (Communications Material System) policies. Key Responsibilities: Provide technical and operational support to COMSEC account managers in the daily handling, safeguarding, distribution, and destruction of COMSEC keying material and equipment. Serve as a subject matter expert on KMI operations, including user registration, key generation, and key transfer activities. Assist with the administration and operation of Tier 0–Tier 3 KMI components, including Local Management Devices (LMDs) and Electronic Key Management System (EKMS) devices. Perform accountability and inventory tasks in accordance with CNSSI 4005/4006, EKMS-1(series), and DON CMS policy. Monitor and maintain accurate records of COMSEC assets via KMI/EKMS or other COMSEC accounting systems. Prepare and process COMSEC material requests, transaction reports, and other documentation as required. Support audit readiness by conducting internal inspections and assisting with external inspections by NSA or designated authorities. Provide training and guidance to COMSEC users and assist in ensuring compliance with physical and information security regulations. Coordinate with Information Assurance, Network, and Security teams to support secure communications in SIPRNet and other mission-critical environments. Requirements Active Secret clearance (with TS/SCI eligibility preferred). 3–5 years of experience in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Previous experience as a COMSEC Manager, Alternate COMSEC Manager, or KMI Registration Manager. In-depth knowledge of CNSSI 4005 (Safeguarding COMSEC) and CNSSI 4006 (Communications Security (COMSEC) Monitoring). Familiarity with Department of the Navy (DON) CMS policies, including EKMS and LMD/KP procedures. Proficient with COMSEC equipment such as SKL, DTD, KIK-30, KIK-11, and legacy key loaders. Strong organizational and documentation skills; ability to maintain 100% accountability in high-tempo environments. DoD 8570 IAT Level II certification (e.g., Security+ CE) preferred. Excellent interpersonal and communication skills; capable of working independently and as part of a secure operations team. Preferred Qualifications: Completion of NSA COMSEC Manager or KMI Operator training courses. Familiarity with Navy-specific COMSEC systems (e.g., Navy Key Management System - NKMS). Experience supporting Navy, Marine Corps, or Joint COMSEC operations in garrison or deployed environments. Benefits Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients. Why ENS? Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS 401k Contribution from Day 1 PTO + 11 Paid Federal Holidays Long & Short Term Disability Insurance Group Term Life Insurance Tuition, Certification & Professional Development Assistance Workers’ Compensation Relocation Assistance

Joint Base Andrews, MD, USA

Negotiable Salary

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time633935194836511223

Workable

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time

Penetration Tester, Expert (Federal agency) Core Hours: 9:00 am – 3:00 pm Location: Tysons, VA • Job Type: Full-time (40 hours per week) with benefits. • Availability: immediate. • Security Clearance: TS/SCI with CI of FS Polygraph. Years of Experience: 4 years with a PhD 8 years with a BS degree. 6 years with a master’s degree 10 years with an AA degree 12 years with an HS diploma Job Description Required Skills • Conduct internal penetration testing and vulnerability assessment of servers, web applications, webservices, and databases • Manually exploit and compromise operating systems, web applications, and databases • Examine results of web/OS scanners, scans and static source code analysis • Identify vulnerabilities, misconfigurations, and compliance issues • Write final reports, defend all findings to include the risk or vulnerability, mitigation strategies, and references • Ability to meet and coordinate with various audiences to include developers, system administrators, project managers, and senior government stakeholders • Provide security recommendations for developers, system administrators, project managers, and senior government stakeholders • Report vulnerabilities identified during security assessments • Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard operating procedures (SOP) • Conduct security reviews, technical research, and provided reporting to increase security defense mechanisms • Experience with NIST 800-53 and Risk Management Framework Desired Skills • Certifications: CEH – Certified Ethical Hacker Certification, CPT – Certified Penetration Tester • Strong writing skills • Experience with AWS Cloud Security

Tysons, VA, USA

Negotiable Salary

F5 Security Engineer - Active TS/SCI with CI Poly633920213966091224

Workable

F5 Security Engineer - Active TS/SCI with CI Poly

Participate in the development and support of customer technical requirements Champion a collaborative, team-based environment, sharing standard methodologies and success and building positive relationships Plan, Design, Develop, Implement and Operate F5 products such as LTM, ASM, BIG-IQ and APM Manage the configuration on multiple physical and virtual F5 across multiple data centers Develop scripts and tools to automate configuration of a large number of network security devices distributed across multiple data centers Propose and implement system enhancements that will improve the performance and reliability of the network security infrastructure Applies capacity planning configuration changes as demanded by the business Address performance, scalability, and service architecture administration issues Design, install, configure, maintain network security services, equipment and devices Plan and support network security infrastructure Provide clear technical documentation and written procedures for issues identified and addressed Monitoring and troubleshooting of platform and OS based problems, network security infrastructure and connectivity issues Perform launch testing for new software releases and the introduction of new features Coordinate equipment orders including physical or virtual appliances, as well as upgrading, monitoring, testing and servicing the systems as needed Demonstrates knowledge of a broad range of technology towers i.e.: Storage, Virtualization, Intel, Networking, Data Center Migration and Disaster Recovery Knowledge of risk and controls landscape, ensuring company-wide standards are met Participate in change and incident management Anticipating potential problems and acting to minimize the impact they may have on the project or unit Ability to collaborate with different technology towers to achieve common goals Requirements Bachelor’s degree in computer science, information systems, telecommunications, or an engineering focused field Must have an Active TS/SCI and willing to obtain a CI Poly 5+ years of relevant F5 experience with F5 LTM, ASM, BIG-IQ, and/or APM administration and life cycle management including experience with advanced iRule creation and troubleshooting Ability to handle multiple complex F5 configurations and deployments at once Understanding of networking at all layers of the OSI model; and Previous experience with web application technologies Experience deploying, managing, and troubleshooting network systems, switching, and routing protocol standards such as: TCP/IP, MPLS, OSPF, BGP, SDN, and 802.1x. Experience managing and troubleshooting DNS, DHCP, IPAM, and NTP in a large multi-site environment Ability to manage multiple stands of work simultaneously. Executes within a customer-centric environment. Excellent verbal and written communication skill Hands on experience with Python and APIs Self-driven with the ability to manage workload without direct supervision Must have the F5 201 certification 8570 IAT Level II Certification required Preferred Skills/Qualifications Experience with Infoblox DDI, Microsoft DNS, Dyn, VMWare Automation products (vRO, vRA) Benefits Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients. Why ENS? Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS 401k Contribution from Day 1 PTO + 11 Paid Federal Holidays Long & Short Term Disability Insurance Group Term Life Insurance Tuition, Certification & Professional Development Assistance Workers’ Compensation Relocation Assistance

Washington, DC, USA

Negotiable Salary

Mid-Level Cyber Security Specialist (Top Secret Clearance Required)633935126795551225

Workable

Mid-Level Cyber Security Specialist (Top Secret Clearance Required)

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Mid-Level Cybersecurity Specialist to support and advise security professionals on emerging cyber threats, risk mitigation strategies, and compliance standards within the Department of Defense (DoD) Intelligence Community (IC). The ideal candidate will have a strong technical background in classified and unclassified systems, insider threat tools, user activity monitoring (UAM), and cyber threat intelligence. This role requires expertise in offensive and defensive cyber capabilities, network security frameworks, and collaboration across government organizations to enhance cybersecurity posture and threat detection capabilities. This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Advise security professionals on emerging cyber threats, risk mitigation strategies, and industry regulations. Support DoD Intelligence Community operations with expertise in cybersecurity threat management. Apply classified and unclassified system knowledge to facilitate security standards and compliance. Assist non-IT professionals in understanding Department of Defense network standards for effective insider threat tool deployment. Coordinate with cyber threat intelligence teams to develop strategic threat assessments and response plans. Promote and implement technical solutions that support mission-critical cybersecurity objectives. Conduct user activity monitoring (UAM) and cybersecurity evaluations to detect anomalous behaviors and insider threats. Assess and advise on both offensive and defensive cybersecurity strategies within DoD and Intelligence frameworks. Utilize expertise in at least one of the following cybersecurity domains: Risk/Vulnerability/Threat Assessments Cloud Security Security Operations Firewall (FW), Intrusion Prevention System (IPS), Intrusion Detection System (IDS) Configuration Penetration Testing Forensics Threat Intelligence Threat Hunting Maintain awareness of state, local, and federal cybersecurity developments, standards, frameworks, and regulations and their impact on operations. Support counterintelligence, insider threat, and law enforcement investigations through cybersecurity expertise. Requirements Bachelor’s degree in Computer Science or a related field. Minimum eight (8) years of experience advising security professionals on emerging cyber threats. Minimum eight (8) years of experience working within the DoD Intelligence Community. Demonstrated knowledge of DoD/IC computer systems, protections, and cybersecurity threats. Experience advising non-IT professionals on DoD network standards for insider threat tools. Strong coordination skills for collaborating across organizations and implementing cybersecurity solutions. Preferred Qualifications: Certified Information Systems Security Professional (CISSP). Knowledge of user activity monitoring (UAM) software and processes. Expertise in DoD cybersecurity compliance frameworks and regulations. Strong background in counterintelligence and insider threat investigations. Experience working across government security agencies, military cybersecurity teams, and intelligence divisions. Salary Range: $175,000 - $195,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Washington, DC, USA

$175,000-195,000/year

Workable

SAP Security Analyst

A highly skilled and experienced SAP Security Specialist is needed to join the team. The specialist will focus on the secure and compliant operation of the SAP landscape, specifically across SAP BusinessObjects Data Services BODS, SAP Landscape Transformation Replication Server SLT, SAP Ariba, and SAP Signavio. The specialist will be responsible for designing, implementing, and maintaining robust security solutions that meet business needs and compliance requirements. This role requires a strong understanding of SAP authorization concepts, risk management, and the ability to work collaboratively across various teams. Responsibilities: Design, develop, and maintain SAP security roles and authorizations within BODS, SLT, Ariba, and Signavio environments, aligning with security policies, standards, and SoD requirements. Administer user access, troubleshoot issues, and oversee GRC implementation and user access reviews for the specified SAP applications. Conduct security assessments, monitor and report on security events, and support audits. Collaborate with IT and functional teams to define and implement security policies and provide user support. Lead SAP security tasks in projects, supporting implementations and managing change control processes. Develop and maintain the SAP Signavio Process Intelligence security model and ensure secure data access control. Manage SSO, user provisioning, and integrations with IdMGRC if applicable. Analyze and troubleshoot access issues, ensuring least privilege and SoD compliance. Maintain audit trails and ensure system compliance with internal and external controls e.g., SOX. Work closely with SAP Basis and Cloud Identity Services for user lifecycle and identity federation. Participate in system upgrades, patching, and cutovers by validating security impacts. Provide documentation and knowledge transfer to support and audit teams. Qualifications: Bachelor's degree in a relevant field. Minimum of 10+ years of SAP Security experience with proven project delivery. Strong knowledge in: SAP BODS repository and runtime user security. SLT rolebased access control and connection configurations. SAP Ariba user provisioning via Ariba Administration, CIG or BTP, integration with SSO and Active Directory. Signavio cloud user management and role assignments through SAP BTP cockpit or SCIMbased provisioning. Expert knowledge of SAP authorization security, implementation methodologies, and SoD concepts. Experience with SAP GRC Access Control. Demonstrated ability to design SAP security solutions and experience in endtoend SAP security project lifecycles. Excellent communication and collaboration skills. Preferred Qualifications: SAP Ariba certification. Experience with EIMSailPoint, SAP Solution ManagerChaRM, and SAP Business Technology Platform BTP. Bachelor's degree in Computer Science, Information Technology, or related discipline. SAP Security or GRC certification is a plus. Experience in multitenant SAP Ariba or Signavio deployment models. Knowledge of compliance frameworks e.g., ISO, NIST, SOX. This job description provides an overview of the responsibilities and qualifications required for an SAP Security Specialist role with a focus on BODS, SLT, Ariba, and Signavio. It can be further customized based on specific organizational needs and the seniority level of the position.

Raritan, NJ, USA

Negotiable Salary

Senior ISSO - US Citizenship Required634998259123231227

Workable

Senior ISSO - US Citizenship Required

Ready to Ignite your career and work alongside some of the most innovative and brightest professionals in innovative technology? Join us and unleash your potential working in an Agile environment while modernizing enterprise systems and applications needed to support the men and women charged with safeguarding the American people and enhancing the Nation’s safety, security, and prosperity. As a Senior ISSO, you will assist Cybersecurity Team members while being responsible for the Information Assurance and Security of application, database, and enterprise network services. You will also be responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include: Implement Cybersecurity Program strategy Apply information security in accordance with National/DHS/CBP directives security policy including, but not limited to, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, DHS 4300A, CBP Handbook 1400-05D Assess entire system lifecycle requirements and network security impacts Support creation of, and ensure approval for, Department of Homeland Security (DHS) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures Document DHS RMF Security Implementation Plan artifacts. Coordinate and assist development team with application artifact documentation Assist government personnel in preparing and presenting Information Assurance Compliance System (IACS) packages to the Control Assessor (SCA) Assess and analyze the current threat environment Enhance – Implement Cybersecurity vulnerability/A&A hardening testing Optimize – Cybersecurity development environment certification Architect & Engineer security – develop security goals, capabilities, controls, and architecture Design & Implement security – vulnerability management, build security into development Integrate & Test Security – test patches and settings, document A&A artifacts Validate & Verify security – validate patch status and software control status Implement security – apply patches and security settings, performance incident handling and remediation Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation Enable assurance for information security during all phases of agile software development and deployment Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth Identify, assess, and recommend zero-day cyber threat remediation Address Cybersecurity issues to help maintain Continuity of Operations Plans (COOP) Perform information security vulnerability testing and mitigate any nonconformance Supports reviews and audits of continuous system monitoring and contingency planning. Updates associated documentation as needed Create and manage Plan of Action & Milestones (POA&M) Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects Understand and assist developers with static code analysis processes Report and help investigate security-related incidents and security violations as requested by the Computer Security Incident Response Center (CSIRC) Monitor and inspect for approved software usage and implementation of approved antivirus and other security related software Develop and maintain security training programs are developed and maintained Requirements Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include: 3-year check for felony convictions 1-year check for illegal drug use 1-year check for misconduct such as theft or fraud College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred Demonstrated knowledge DHS 4300A, “Sensitive Systems Handbook”, and CBP Handbook 1400-05D, “Information Systems Security Policies and Procedures Handbook” Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems” and NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems” Professional Experience: 10+ years related technical experience Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement Working knowledge of Federal Information Security Management Act (FISMA) reporting requirements and processes Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness Experience with continuous integration tools and environments Experience with scripting languages Experience with Computer Network Defense (CND) processes, procedures, and tools Acting independently to expose and resolve problems Demonstrated experience with HP Fortify Software Security Center Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies Demonstrated experience using IACS Demonstrated ability to identify and manage risk Benefits 401(k) 401(k) matching Dental insurance Flexible schedule Flexible spending account Health insurance Health savings account Life insurance Paid time off Professional development assistance Referral program Retirement plan Tuition reimbursement Vision insurance

Ashburn, VA, USA

Negotiable Salary

Workable

Cybersecurity Analyst

The Georgia Department of Human Services, Office of Information Technology, is seeking a qualified candidate for the temporary contractor staffing position of Cybersecurity Analyst as part of the Information Security Team. *REQUIRED CERTIFICATIONS MUST BE UPLOADED* The Office of Information Technology is the office within DHS that provides computing, applications management, IT procurement, network and telecommunications services to all DHS divisions and offices. Responsibilities Proven experience in cybersecurity operations with hands-on expertise in monitoring and managing multiple security tools, including vulnerability scanning platforms such as Tenable (Nessus, Tenable.sc, or Tenable.io). Continuously monitor security tools and systems (e.g., SIEM, IDS/IPS, CrowdStrike EDR, DLP, Tenable vulnerability scanners) to detect, investigate, and respond to potential threats in real time. Maintain and oversee the CrowdStrike platform, ensuring proper configuration, alert triage, threat hunting, and endpoint coverage across the organization. Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations. Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements. Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner. Strong knowledge of system administration, including configuration, hardening, patch management, and monitoring of Windows and Linux servers Coordinate and oversee the production of evidence to support internal and external audits. Conduct internal risk, vulnerability, and compliance assessments to: Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings. Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Georgia Technology Authority (GTA). Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance. Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives. Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation. Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths. Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs. Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations. Assist with information security awareness training activities and preparation of awareness training materials. Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency’s InfoSec policies and controls. Performs other professional responsibilities as assigned. Qualifications: Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in information security or information assurance. Note: An equivalent combination of education and job specific experience that provided the knowledge, experience and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis. Desired Skills/Qualifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy.

Atlanta, GA, USA

Negotiable Salary

Principal, Cyber Assurance633934875288331229

Workable

Principal, Cyber Assurance

This role may be based in NYC or Washington DC. We are seeking a senior leader to drive the growth of Digital Risks in the United States, with a primary focus on cyber assurance, third-party risk management, and large-scale regulatory compliance audits. In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include overseeing the assessment, and improving client cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program Evaluation Lead cyber assurance engagements, assessing client cybersecurity programs for compliance with industry standards such as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Third-Party Risk Management Audits Oversee large-scale third-party risk and compliance audits, ensuring alignment with industry-specific frameworks, regulatory standards, and contractual obligations. Regulatory Compliance Audits Oversee regulatory compliance audits to ensure clients meet required standards and regulations. Advise clients on audit preparation and guide them through maintaining compliance while improving cybersecurity measures. Ensure clients' compliance programs address both current and emerging regulatory requirements. Penetration Testing & Vulnerability Management Support Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews. Lead remediation efforts for high-risk vulnerabilities, aligning them with the client’s overall compliance and cybersecurity objectives. Client Relationship & Business Development Build and sustain relationships with key stakeholders, especially C-suite executives, positioning Digital Risks as a leader in cyber assurance and regulatory compliance. Identify and capitalize on new business opportunities in cyber assurance, third-party risk assessments, and compliance audits. Provide thought leadership on cyber assurance trends, regulatory updates, and best practices to enhance client relationships and grow the practice. Advise clients on continuously improving their cybersecurity and compliance frameworks based on audit findings and risk assessments. Practice Development & Team Leadership Recruit, develop, and lead a high-performing team specializing in cyber assurance, third-party risk management, and regulatory compliance. Foster a culture of continuous learning, ensuring the team stays ahead of emerging trends in cybersecurity and compliance. Contribute to the creation of innovative services and solutions to meet clients' evolving needs in cyber assurance and compliance auditing. Requirements Candidates must be legally authorized to work in the US on a permanent basis without sponsorship. Candidates must possess unrestricted US work authorization. Experience & Knowledge: 12+ years of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. Experience integrating penetration testing and vulnerability assessments into broader cyber assurance strategies. Education & Certifications: Bachelor's or master’s degree in information security, Computer Science, Engineering, or a related field. Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services. Exceptional communication, presentation, and analytical skills with the ability to influence senior stakeholders and deliver impactful insights that improve cybersecurity resilience and regulatory compliance. The base salary range for this position in Washington DC is $180,000-$205,000 per year. The base salary range for this position in New York City is $200,000-$215,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Washington, DC, USA

$180,000-215,000/year