United States Security Job Listings

Computer Systems Security Specialist I63393562927617120

ProSync is seeking a passionate Computer Systems Security Specialist I to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $100k-116k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT II which requires a Security+ or equivalent and Continuous Education (CE). Five (5) years of experience in: Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Three (3) years of experience in: Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. One (1) year of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. If a proposed individual does not meet both the required education and experience qualifications, nine (9) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these nine (9) years should demonstrate experience in “1” through “3”. Three (3) of these nine (9) years should demonstrate experience in “1” through “3”. At least one (1) of these nine (9) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

$100,000-116,000

Computer Systems Security Specialist Lead63393555086209121

Prosync

Computer Systems Security Specialist Lead

Port Hueneme, CA, USA

ProSync is seeking passionate Computer Systems Security Lead to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $122k-129k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Conducting thorough analysis of IT specifications to meticulously assess potential security risks, ensuring that vulnerabilities are identified and addressed proactively. Installing, configuring, and performing upgrades on security software, maintaining current security measures aligned with the latest threats and technological advancements. Implementing robust network security measures through the use of firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), password protection mechanisms, Access Control Lists (ACLs), Virtual Local Area Networks (V-LANs), and adhering to industry-standard network hardening techniques to create a resilient defense against unauthorized access. Developing and implementing secure frameworks and comprehensive risk management methodologies by utilizing effective patch management strategies, applying Security Technical Implementation Guides (STIGs), and staying informed about information assurance vulnerability alerts and bulletins to protect organizational data. Designing and implementing effective safety measures, including comprehensive data recovery plans that ensure the integrity and availability of critical information in the event of a disaster or security incident. Responding promptly and effectively to privacy breaches and malware threats, employing incident response protocols to mitigate damage and restore secure operations. Serving as a trusted security expert within the organization and conducting in-depth training sessions to elevate awareness and knowledge of security best practices among all staff members. Drafting and refining policies and guidelines that govern security practices, ensuring that they align with regulatory requirements and industry standards while fostering a culture of security mindfulness across the organization. Demonstrated and comprehensive experience with the Risk Management Framework (RMF), showcasing a deep understanding of its structured approach to managing risk through various stages, including preparation, assessment, authorization, and continuous monitoring. This experience includes the application of RMF principles and practices to align information security strategies with organizational goals, ensuring effective risk mitigation and compliance with regulatory standards. Requirements For CSWF Designated Positions - Professional Certifications: IAT III which requires a CISSP or equivalent. Seven (7) years of experience in: Analyzing IT specifications to assess security risks. Installing and configuring and upgrading security software. Securing networks through firewalls, Intrusion Prevention System (IPS)/Intrusion Detection, password protection, Access Control Lists (ACLs), V-LAN, and industry standard network hardening techniques. Implement secure framework and risk management methodologies using patch management, STIG implementation, information assurance vulnerability alerts/bulletins. Five (5) years of experience in: Designing and implementing safety measures and data recovery plans. Acting on privacy breaches and malware threats. Serving as a security expert and conduct training. Draft policies and guidelines. Two (2) years of experience in: System administration or security roles. Networking and System Administration (e.g. TCP/IP, Firewalls). Firewall and endpoint security systems maintenance and functionality. One (1) year of experience supervising junior personnel. If a proposed individual does not meet both the required education and experience qualifications, eleven (11) years of professional technical activities related to Information Technology would be considered equivalent. Five (5) of these eleven (11) years should demonstrate experience in “1” through “4”. Four (4) of these eleven (11) years should demonstrate experience in “1” through “4”. Two (2) of these eleven (11) years should demonstrate experience in "1" through 3". A minimum Secret security clearance or higher with the ability to obtain a Top Secret w/ SCI is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university in an engineering, scientific, business, or technical discipline. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

$122,000-129,000

Jump

Lead Security Engineer

Salt Lake City, UT, USA

Hey there! We are Jump, AI for Financial Advisors. We are growing super fast, have a culture of kindness and ownership, and we’re looking for someone who is absolutely obsessed with security take ownership of it here at Jump. About you You love security. It’s what you are all about and you are very very good at it. You are very motivated and proactive and can get a lot done every day. You love coding and are excited to learn Elixir. You really want to find and fix security vulnerabilities in an Elixir/Phoenix codebase. You are very pleasant to work with and people feel better about themselves after interacting with you. What you’ll do Provide guidance, training, and tools to developers on secure coding principles, common vulnerabilities, and secure design patterns. Analyze, fix, and test vulnerabilities. Do code reviews, audit and analyze source code for vulnerabilities. Monitor the security industry for new developments. Evaluate, recommend, and implement security tools and technologies to improve our application security posture. Conduct threat modeling exercises for new and existing applications and systems. Ensure systems and processes adhere to relevant security standards, regulations (e.g., ISO 27001, SOC 2, GDPR, HIPAA), and internal policies. Implement and manage security controls for cloud environments (e.g., AWS, GCP), including identity and access management (IAM), network security, and data protection. Maintain comprehensive documentation for security processes, tools, and configurations. What success looks like after 12 months Major vulnerabilities are found SOC 2 Type II report continues to be delivered with zero high‑risk exceptions. Mean‑time‑to‑detect (MTTD) ≥ 90 % of employees complete annual security training and phishing tests. Security is a documented, automated part of CI/CD (build fails on critical vulns). Our largest enterprise customers cite security as a strength in renewals. Nice‑to‑haves: experience with multi‑tenant data isolation, SAML/SCIM integrations, or selling to regulated industries (FinTech, HealthTech, GovTech). Compensation & benefits Base salary: $170 k – $260 k USD Benefits: Health/dental/vision, 401k (no match yet) Time‑off: Flexible PTO with manager approval Gear: Top‑spec laptop, stipend for home office/security hardware Hiring process (2–3 weeks total) Homework assignment — Takes about 1hr Intro call (30 min) — with CTO. Paid Trial week — Come work with us for a week and see how you like it Team member intros & Reference checks Offer Other info: We buy the subscriptions you need (Cursor.ai, ChatGPT, etc) We’re a small and efficient dev team We’re growing gangbusters. All revenue-backed, super low churn. Raised a $20M Series-A a few months ago HQ based in SLC, Utah Remote friendly, must be based in the USA Requirements Have 5+ years hands‑on security engineering in cloud‑native (AWS/GCP/Azure) product environments. Can demonstrate end‑to‑end ownership of at least one compliance framework (SOC 2, ISO 27001, HIPAA, PCI DSS, etc.). Are fluent in modern DevSecOps tooling (Terraform, Kubernetes, GitHub Actions, OIDC/OAuth). Write code well enough to build internal tooling or fix a critical bug (we use Elixir & Terraform). Communicate complex risks in plain language to engineers, execs, and customers. Are comfortable being a “team of one” at first and progressively hiring/mentoring teammates.

$170,000-260,000

Systems Security Administrator63393548830467123

OCT Consulting, LLC

Systems Security Administrator

Washington, DC, USA

Systems Security Administrator (15.23) OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. Responsibilities and Duties OCT currently has an opening for a Systems Security Administrator to work with a technology division within the Federal Bureau of Investigation (FBI). This role will require strong knowledge of system administration and attention to detail. Day to day responsibilities include: Establish and manage Role-Based Access Controls (RBAC) for the Unified Financial Management System Secret Cloud (UFMS-SC), including Writing, Itemizing and Recording Expenses (WIRE) as a component of UFMS-SC, the Asset Management System (AMS), the U.S. Treasury Bureau of Fiscal Service’s Invoice Processing Platform (IPP), the U.S. Treasury Bureau of Fiscal Service’s Over-the-Counter Channel Application (OTCNet), and the U.S. Treasury Bureau of Fiscal Service’s G-Invoicing Application (G-INV) (Other applications may subsequently be added). Coordinate with applicable Information System Security Officers (ISSOs) and other system support personnel to ensure user access is implemented and maintained in accordance with governing policies and procedures. Provide recommendations for developing new user security groups, profiles, and roles to ensure compliance with governing policies and procedures. Create, modify and/or delete user access security groups, profiles, and roles in accordance with governing policies and procedures. Add users and assign initial user security groups, profiles, and/or roles which address separation of duties, “need-to-know,” and “least privileges” to ensure compliance with the FBI’s Risk Management Framework policy. Adhere to established RBACs and established policies and procedures when adding/removing/modifying user access accounts. Identify problematic or incomplete information on security access request forms that could delay or negate the processing of the requests; identify items of security concern; determine whether additional checks are necessary based on the evaluation of available information. Review/respond to routine user access requests for supported applications. Develop procedures for managing changes in user access to applications (as required access, “need-to-know,” and/or “least privileges” change) and for terminating user access when no longer required or authorized, in accordance with governing policies and procedures. Develop/maintain SSA Standard Operating Procedures (SOPs). Provide scheduled and ad-hoc reports regarding user access as directed by ISU PM or designee and/or established policies and procedures. Develop/maintain user guidance documentation for supported applications. Develop/maintain procedures and guidelines providing a detailed overview of the establishment and assignment of user security groups, profiles, and roles. Conduct annual user recertifications for the supported financial and facilities applications to ensure compliance with policy requirements. Develop/maintain procedures and guidelines presenting a detailed overview of the annual user recertifications. Obtain developmental training on supported applications’ security administration functionality. Validate current/requested access. Requirements Qualifications/Requirement Must be a US Citizen. Must hold an active DoD Top Secret (TS) clearance. Undergraduate degree, preferably in a math or science field. Minimum of 2 years of experience. Demonstrated experience in systems security administration, as described above. Demonstrated experience analyzing complex problems and identifying and resolving root causes. Strong interpersonal skills; strong analytical, critical thinking, and problem-solving skills. Must be able to work onsite: the primary place of performance will be at FBI facilities in the Washington Metropolitan Area (WMA)/ National Capital Region (NCR). Benefits Benefits OCT offers competitive compensation packages and a full suite of benefits which includes: Medical, Dental, and Vision insurance Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee’s gross salary Paid Time Off and Standard Government Holidays Life Insurance, Short- and Long-Term disability benefits Training Benefits Salary Range: $100,000-$125,000 yearly commensurate with experience, education, etc. About OCT Consulting OCT Consulting LLC is a minority-owned, Small Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the advantage of agility in operations along with a management team with a track record of leading successful engagements at major Federal government agencies. At OCT, we are committed to ensuring equal opportunity for all individuals, recognizing that merit and qualifications are the foundation of our hiring, promotion, and development practices. We believe in creating a work environment where every employee can thrive based on their abilities, skills, and achievements. Our practices are designed to ensure fair treatment and equal access to opportunities for all, regardless of race, ethnicity, gender, sexual orientation, age, abilities, or other personal characteristics. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone’s contributions are valued and recognized.

$100,000-125,000

Cyber Systems Analyst - Junior - TS/SCI - Quantico, VA63393547947649124

Global Dimensions

Cyber Systems Analyst - Junior - TS/SCI - Quantico, VA

Quantico, VA 22134, USA

Negotiable Salary

Senior Threat Manager (Top Secret Clearance Required)63393544562307125

RP Pro Services

Senior Threat Manager (Top Secret Clearance Required)

Washington, DC, USA

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Senior Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum ten (10) years in threat assessment and/or threat management. Minimum ten (10) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $195,000 - $210,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

$195,000-210,000

Senior Security Analyst63393541510145126

DMV IT Service

Senior Security Analyst

Seattle, WA, USA

Job Title: Senior Security Analyst Location: Seattle, WA Employment Type: Contract About Us: DMV IT Service LLC is a trusted IT consulting firm, established in 2020. We specialize in optimizing IT infrastructure, providing expert guidance, and supporting workforce needs with top-tier staffing services. Our expertise spans system administration, cybersecurity, networking, and IT operations. We empower our clients to achieve their technology goals with a client-focused approach that includes online training and job placements, fostering long-term IT success. Job Purpose: The Cyber Security Senior Analyst will play a pivotal role in Security Operations, focusing on incident response, threat detection, malware analysis, and monitoring. This role requires a senior technical expert who can enhance security defenses, mentor junior analysts, and contribute to continuous improvement in security operations. Requirements Key Responsibilities Conduct advanced threat assessments, malware analysis, and support incident response efforts. Lead complex security investigations escalated from junior SOC analysts. Provide mentorship and technical guidance to Tier 1 and Tier 2 SOC teams. Perform root cause analyses and recommend containment and remediation strategies. Identify attacker tactics, techniques, and procedures (TTPs), and apply Indicators of Compromise (IOCs) for proactive defense. Develop internal tools, scripts, and automated solutions to strengthen detection and response capabilities. Collaborate with technical and business teams, acting as the subject matter expert for SOC initiatives. Engage in proactive threat hunting to identify potential vulnerabilities and threats. Create and maintain SOC documentation, including runbooks and process guidelines. Support security audits and ensure adherence to compliance standards and regulations. Participate in on-call rotations and provide after-hours incident response support when required. Required Skills & Experience Bachelor’s degree in cybersecurity, computer science, IT, or a related field. Over 5 years of experience in a Security Operations Center or incident response role. Strong knowledge of NIST 800-61 incident response frameworks. Proven expertise in handling advanced security incidents and investigations. Solid background in disciplines like host forensics, malware analysis, network traffic inspection, container security, insider threat, and alert tuning. Comprehensive knowledge of cloud security across Azure, AWS, and GCP platforms. Experience with security tools such as Azure Sentinel, Splunk, Microsoft Defender Suite, IDS/IPS, firewalls, antispam solutions, and device hardening. Understanding of security methodologies like MITRE ATT&CK, Cyber Kill Chain, and defense-in-depth strategies. Expertise in operating systems including Windows, Linux, and Mac OS. Proficiency in KQL, SPL, and scripting languages like Bash, PowerShell, or Python. Familiarity with security orchestration, automation, and response (SOAR) tools. Strong verbal and written communication skills tailored for varied technical audiences. Excellent analytical, troubleshooting, and problem-solving abilities under high-pressure scenarios. Knowledge of ISO 27001, PCI DSS, NIST standards. Experience with forensic analysis of network data, DNS logs, proxy logs, and host-based security logs. Proficiency with Cloud Security Posture Management (CSPM) tools and best practices.

Negotiable Salary

Prosync

COMSEC Specialist

Port Hueneme, CA, USA

ProSync is seeking a passionate COMSEC Specialist (COMS-S) to help ensure security and intelligence compliance with policies and regulations, drawing on some of the nation's leading personnel and cybersecurity thought leaders for enhancing, accelerating, and assuring the United States Navy's ability to counter existing and emerging security threats. This position offers a salary in the range of $78k-98k based on numerous factors, including degree and overall experience. ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! RESPONSIBILITIES This position handles the support of the Sensitive Compartment Information Facility. This role includes: Preparing comprehensive intelligence reports that distill complex information into clear and actionable insights for various stakeholders. Gathering and meticulously evaluating intelligence from a diverse range of sources, ensuring the validity and reliability of the information collected. Identifying potential threats through thorough analysis and ensuring that vital information is promptly communicated to superiors and critical decision-makers to facilitate timely and informed actions. Conducting briefings for both internal and external stakeholders, providing them with crucial updates and strategic recommendations based on the latest intelligence assessments. Conceptualizing, drafting, coordinating, and publishing in-depth intelligence assessments that address pertinent security issues, thus contributing to the organization's overall situational awareness and strategic planning. Requirements Two (2) years of experience in Intelligence and Analysis in the DoD or IC. Witnessing, delivering, picking up, and processing KOA Material. Reviewing, updating, and applying status markings. File destruction. Performing two-person integrity checks. One (1) year of experience in the following areas of intelligence and analysis: Conducting page checks; Executing material transfers. Providing COMSEC briefings and training. If a proposed individual does not meet both the desired education and experience qualifications, six (6) years of experience related to intelligence and analysis would be considered equivalent. Two (2) of these six (6) years should demonstrate experience in "1" through "4". One (1) of the six (6) years should demonstrate experience in “1” through “3”. A minimum Top Secret security clearance with SCI eligibility or higher is required to be considered for this position. EDUCATIONAL REQUIREMENTS A Bachelor’s degree or higher from an accredited college or university. Benefits Join PROSYNC and enjoy our great benefits! Compensation We also offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement We offer a comprehensive Health Benefits package and 401K retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so they can get their degree or that next certification they need to propel them to the next level. Work/Life Balance A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

$78,000-98,000

Associate Director, Cyber Incident Response63393531534723128

Control Risks

Associate Director, Cyber Incident Response

Washington, DC, USA

The Associate Director is responsible for managing the Cyber Response Team in the US and leading overall delivery of incident response cases in the region. This role involves leading the technical aspects of the cyber response practice, managing our technical team members as well as managing client relationships. This role will report to Global Head of Cyber Response and work in tandem with European, Middle East and Asia colleagues on a follow-the-sun basis. The successful candidate will have a strong technical skill set, deep understanding of the North American cyber incident response market and a deep understanding of current and emerging advanced threat actors. They will have a proven track record of responding to advanced threats leveraging forensics and threat hunting technology. Role tasks and responsibilities Technical response Oversee incident response cases for all host and network based investigations, be responsible for the overall quality of our technical incident response work. Ownership of the entire lifecycle of a cyber incident including identification, containment, eradication and recovery. A particular area of specialty in eradication and recovery from an incident. Threat hunting using EDR tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity. Perform live compromise assessments for organizations who suspect a compromise. Detect and hunt unknown live, dormant, and custom malware in memory across multiple systems in an enterprise environment. Demonstrate a deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers. Advise on the safe technical recovery of an organizations IT systems balancing the need to understand what has happened but speed up recovery. Be responsible for Control Risks technical Cyber Response strategy. Identify, design and then implement solutions that meet these strategic objectives. Client Management To build and develop client relationships facilitating where appropriate introduction and provision of additional Control Risks services. Working closely with the Global Head of Cyber Response and Global colleagues to ensure a cohesive go-to-market approach. Possess and develop working knowledge of key insurer and law firm relationships that may drive growth. Reporting Provide situation reports and other significant case related material to the client and the Director of Cyber Response. Provide documentation to the relevant consultants in sufficient time to allow review and feedback, before submitting to a client. Report on the performance of the Technical Cyber Response work and forecast technical and resource requirements in the near and long term. Team management Establish resourcing requirements for our already growing Cyber Response practice, hire and then manage these technical individuals. Establish relationships with key recruiters and where possible align with the Cyber Crisis Management teams resourcing plans. Align with and help to expand the already re-occurring Internship Program and where business need requires onboard interns into the technical team. Define clear roles and responsibilities for new hires including a learning pathway for training & development. Ensure new joiners have appropriate time dedicated to technical development and research whilst balancing un-predictable workload. Governance Own the technical response Standard Operating Procedures, working with the team to ensure they are kept up to date with the latest threats. Ensure issues identified during delivery of cases are identified, escalated and resolved efficiently. Supporting the growth of the Cyber Response practice Refining Control Risks’ cyber response methodologies and approaches and tailoring the approach in changing market conditions. Identifying potential new areas of growth and opportunity. Requirements Candidates must be legally authorized to work in the US on a permanent basis without sponsorship. Candidates must possess unrestricted US work authorization. Proven experience in technically responding to significant and complex cyber attacks and information security related advisory Proven experience of managing and/or building the requisite technologies necessary for responding to a wide variety of common cyber security incidents Demonstrable experience of operating within a commercial environment and engaging with key stakeholders in insurance and risk management. Technical degree or demonstrated knowledge of common networks, software and hardware used in business environments Experience in conducting log analysis and digital forensics following a cyber incident Experience of working with law firms, communications experts, and others on sensitive investigations. Track record of developing consultative relationships with clients Excellent people management skills Fluent in English (written and spoken) Excellent presentation skills Excellent analytical skills Preferred: Strong understanding of MITRE ATT&CK techniques / sub-techniques. The ability to articulate TTPs to clients in non-technical terms. Preferred: Experience in generating SIGMA rules for host detection, SNORT rules for network detection and YARA Signatures for file and memory artefact identification. Preferred: Experience in engaging in industry and law enforcement intelligence forums Preferred: Experience of supporting cross-jurisdictional response cases Preferred: Qualifications such as: CREST Registered Intrusion Analyst (CRIA), Certified Network Intrusion Analyst (CCNIA), Certified Host Intrusion Analyst (CCHIA), SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) or Enterprise-Class Incident Response & Threat Hunting (FOR608), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and full membership of ISACA. The base salary range for this position is $140,000-$150,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

$140,000-150,000

Axiom Software Solutions Limited

Network Security SME

Irving, TX, USA

Job Description:: Responsibilities: • Serve as the primary subject matter expert for Zero Trust Network Access (ZTNA) solutions within the organization. • Lead the research, evaluation, and selection of ZTNA vendors and technologies that align with our security requirements and business objectives. • Design and architect robust and scalable ZTNA solutions, considering various deployment models (e.g., client-initiated, service-initiated). • Develop and document comprehensive ZTNA implementation plans, including architecture diagrams, policy frameworks, and integration strategies. • Collaborate with network engineering, security operations, and application development teams to integrate ZTNA seamlessly into our existing infrastructure and workflows. • Define and implement granular access policies based on the principles of least privilege, explicit verification, and contextual awareness. • Configure and manage ZTNA gateways, brokers, and policy enforcement points. • Integrate ZTNA solutions with existing Identity and Access Management (IAM) systems, including Multi-Factor Authentication (MFA) and Single Sign-On (SSO). • Develop and maintain documentation related to ZTNA architecture, policies, procedures, and troubleshooting guides. Qualifications: • Minimum [Specify Number, e.g., 5-8] years of experience in network security, with a significant focus on access control technologies. • Extensive knowledge on SDWAN, SDLAN and networking core principles • Proven expertise or strong working knowledge of Zero Trust Network Access (ZTNA) principles, architectures, and implementation methodologies. • Hands-on experience with one or more leading ZTNA solutions (e.g., Zscaler, Palo Alto Networks Prisma Access, Okta, Cisco Secure Access, Cloudflare Access, Fortinet). • Deep understanding of network protocols (TCP/IP, DNS, HTTP/S), firewall technologies, and network segmentation concepts. • Strong understanding of Identity and Access Management (IAM) principles and technologies (e.g., LDAP, SAML, OAuth, OIDC). • Experience with implementing and managing Multi-Factor Authentication (MFA) solutions. • Knowledge of device posture assessment and endpoint security technologies. • Excellent analytical, problem-solving, and troubleshooting skills. • Strong communication (both written and verbal) and presentation skills. • Ability to work independently and collaboratively within a team environment. • Relevant security certifications such as CISSP, CISM, CompTIA Security+, or vendor-specific ZTNA certifications are highly desirable.

Negotiable Salary

COMSEC Support Specialist - Active Secret Clearance633935209872671210

ENS Solutions, LLC

COMSEC Support Specialist - Active Secret Clearance

Joint Base Andrews, MD, USA

*** This role is contingent upon Contract Award*** The COMSEC Support Specialist is responsible for supporting the lifecycle management and accountability of Communications Security (COMSEC) material and equipment in accordance with National and Department of the Navy (DON) standards. The ideal candidate has prior experience as a COMSEC Manager or Key Management Infrastructure (KMI) Registration Manager and a strong understanding of CNSSI 4005, CNSSI 4006, and DON CMS (Communications Material System) policies. Key Responsibilities: Provide technical and operational support to COMSEC account managers in the daily handling, safeguarding, distribution, and destruction of COMSEC keying material and equipment. Serve as a subject matter expert on KMI operations, including user registration, key generation, and key transfer activities. Assist with the administration and operation of Tier 0–Tier 3 KMI components, including Local Management Devices (LMDs) and Electronic Key Management System (EKMS) devices. Perform accountability and inventory tasks in accordance with CNSSI 4005/4006, EKMS-1(series), and DON CMS policy. Monitor and maintain accurate records of COMSEC assets via KMI/EKMS or other COMSEC accounting systems. Prepare and process COMSEC material requests, transaction reports, and other documentation as required. Support audit readiness by conducting internal inspections and assisting with external inspections by NSA or designated authorities. Provide training and guidance to COMSEC users and assist in ensuring compliance with physical and information security regulations. Coordinate with Information Assurance, Network, and Security teams to support secure communications in SIPRNet and other mission-critical environments. Requirements Active Secret clearance (with TS/SCI eligibility preferred). 3–5 years of experience in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Previous experience as a COMSEC Manager, Alternate COMSEC Manager, or KMI Registration Manager. In-depth knowledge of CNSSI 4005 (Safeguarding COMSEC) and CNSSI 4006 (Communications Security (COMSEC) Monitoring). Familiarity with Department of the Navy (DON) CMS policies, including EKMS and LMD/KP procedures. Proficient with COMSEC equipment such as SKL, DTD, KIK-30, KIK-11, and legacy key loaders. Strong organizational and documentation skills; ability to maintain 100% accountability in high-tempo environments. DoD 8570 IAT Level II certification (e.g., Security+ CE) preferred. Excellent interpersonal and communication skills; capable of working independently and as part of a secure operations team. Preferred Qualifications: Completion of NSA COMSEC Manager or KMI Operator training courses. Familiarity with Navy-specific COMSEC systems (e.g., Navy Key Management System - NKMS). Experience supporting Navy, Marine Corps, or Joint COMSEC operations in garrison or deployed environments. Benefits Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients. Why ENS? Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS 401k Contribution from Day 1 PTO + 11 Paid Federal Holidays Long & Short Term Disability Insurance Group Term Life Insurance Tuition, Certification & Professional Development Assistance Workers’ Compensation Relocation Assistance

Negotiable Salary

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time633935194836511211

iSoftTek Solutions Inc

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time

Tysons, VA, USA

Penetration Tester, Expert (Federal agency) Core Hours: 9:00 am – 3:00 pm Location: Tysons, VA • Job Type: Full-time (40 hours per week) with benefits. • Availability: immediate. • Security Clearance: TS/SCI with CI of FS Polygraph. Years of Experience: 4 years with a PhD 8 years with a BS degree. 6 years with a master’s degree 10 years with an AA degree 12 years with an HS diploma Job Description Required Skills • Conduct internal penetration testing and vulnerability assessment of servers, web applications, webservices, and databases • Manually exploit and compromise operating systems, web applications, and databases • Examine results of web/OS scanners, scans and static source code analysis • Identify vulnerabilities, misconfigurations, and compliance issues • Write final reports, defend all findings to include the risk or vulnerability, mitigation strategies, and references • Ability to meet and coordinate with various audiences to include developers, system administrators, project managers, and senior government stakeholders • Provide security recommendations for developers, system administrators, project managers, and senior government stakeholders • Report vulnerabilities identified during security assessments • Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard operating procedures (SOP) • Conduct security reviews, technical research, and provided reporting to increase security defense mechanisms • Experience with NIST 800-53 and Risk Management Framework Desired Skills • Certifications: CEH – Certified Ethical Hacker Certification, CPT – Certified Penetration Tester • Strong writing skills • Experience with AWS Cloud Security

Negotiable Salary

Dragos Cyber Security Specialist/Analyst633935182762251212

Avint

Dragos Cyber Security Specialist/Analyst

Camp Lejeune, NC 28547, USA

Avint LLC is seeking a dedicated and technically skilled Dragos Cyber Security Specialist/Analyst for an on-site position in Camp Jejeune, NC. In this critical role, you will support and maintain enterprise IT infrastructure in a mission-driven environment, ensuring system reliability, security, and performance. You’ll be responsible for administering and monitoring servers, applying system patches and updates, managing user accounts, and supporting virtualization platforms. Experience with tools such as Active Directory, Windows Server, Linux, VMware or Nutanix, and scripting for automation (PowerShell, Bash, etc.) is essential. Familiarity with security tools and practices, including STIGs, vulnerability remediation, and participation in system accreditation processes, is highly desirable. This position involves working closely with IT, cybersecurity, and operations teams to support day-to-day system functionality, troubleshoot issues, and contribute to system hardening and compliance initiatives. Location: 100% on-site in Camp Lejeune, NC **THIS POSITION REQUIRES AT LEAST 1 YEAR OF EXPERIENCE WITH THE DRAGOS PLATFORM** Responsibilities: Assist with the administration and monitoring of Nutanix Hyperconverged environments supporting FRCS Monitoring servers and applications. Support the deployment, configuration, and maintenance of the Cyber Monitoring Services OT Monitoring Platform, including Central Store, Site Store, and Sensors in lab and production settings. Perform routine configuration and maintenance of Microsoft SQL Server and Windows Server systems to support cybersecurity operations. Utilize the Marine Corps Certification and Accreditation Support Tool (MCCAST V2) to help document compliance efforts and system security posture. Provide day-to-day support for network infrastructure within a DoD environment, helping to ensure secure and stable connectivity. Understand and assist with interfacing cybersecurity practices across high voltage, water/wastewater, and mechanical control systems. Support the administration and monitoring of Unix and Windows systems, applying knowledge of TCP/IP protocols and basic security controls. Monitor and maintain Host-Based Security System (HBSS) to detect and respond to potential threats within DoD systems. Assist in the monitoring and basic troubleshooting of Automated Metering systems used for energy and utilities management. Support DEVSECOPS-aligned activities within USMC environments, ensuring compliance with established cybersecurity policies for ICS/OT systems. Assist in routine updates and support of ICS systems such as Metasys, Niagara AX, Alerton, Honeywell, Trend, KMC, American Automatrix, Loytec, Rockwell, and OSI. Support communications and system integration using protocols such as BACnet/MSTP, BACnet/IP, N2, LON, and SCADA systems related to high voltage and water/wastewater. Apply system and security patches to ICS/OT systems including Metasys, Niagara, Itron, Honeywell, Rockwell, and OSI as part of standard maintenance procedures. Assist in executing components of the USMC Assessment & Authorization (A&A) process, including use of MCCAST 2.0 and support for RMF documentation and compliance. Help manage and track Plans of Action and Milestones (POAMs) to address findings and vulnerabilities. Apply DISA STIGs in coordination with senior staff to ensure systems meet DoD security baselines. Assist in interpreting and implementing security controls based on NIST 800-53 and DoDI 8510.01 frameworks. Conduct preliminary vulnerability assessments and support risk analysis activities to identify and report on security issues. Monitor and analyze cybersecurity data using the Dragos platform to support OT threat detection and situational awareness. Requirements Experience: Minimum 3 years of relevant IT/system administration experience supporting virtualized environments, networks, and OT systems. Minimum 1 year of experience using the Dragos Platform. Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Security Clearance: Active Secret clearance required. Certifications: One or more of the following certifications (or equivalent) are highly desired: Cyber Monitoring Services Platform Certified User Certification ITIL v4 Foundations ICS-VLP Certificate (Courses 210W-01 through 210W-10) Risk Management Framework (RMF) Training – USMC specific Cisco Certified Entry Networking Technician (CCENT) or Cisco Certified Network Associate (CCNA) CompTIA Security+ (Sec+) Certified Information Systems Security Professional (CISSP) Microsoft Certifications (Server, Azure, or related) Benefits Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous PTO and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development! Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. The salary range for this position is: $100,000-$110,000

$100,000-110,000

Mid-Level Cyber Security Specialist (Top Secret Clearance Required)633935126795551213

RP Pro Services

Mid-Level Cyber Security Specialist (Top Secret Clearance Required)

Washington, DC, USA

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Mid-Level Cybersecurity Specialist to support and advise security professionals on emerging cyber threats, risk mitigation strategies, and compliance standards within the Department of Defense (DoD) Intelligence Community (IC). The ideal candidate will have a strong technical background in classified and unclassified systems, insider threat tools, user activity monitoring (UAM), and cyber threat intelligence. This role requires expertise in offensive and defensive cyber capabilities, network security frameworks, and collaboration across government organizations to enhance cybersecurity posture and threat detection capabilities. This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Advise security professionals on emerging cyber threats, risk mitigation strategies, and industry regulations. Support DoD Intelligence Community operations with expertise in cybersecurity threat management. Apply classified and unclassified system knowledge to facilitate security standards and compliance. Assist non-IT professionals in understanding Department of Defense network standards for effective insider threat tool deployment. Coordinate with cyber threat intelligence teams to develop strategic threat assessments and response plans. Promote and implement technical solutions that support mission-critical cybersecurity objectives. Conduct user activity monitoring (UAM) and cybersecurity evaluations to detect anomalous behaviors and insider threats. Assess and advise on both offensive and defensive cybersecurity strategies within DoD and Intelligence frameworks. Utilize expertise in at least one of the following cybersecurity domains: Risk/Vulnerability/Threat Assessments Cloud Security Security Operations Firewall (FW), Intrusion Prevention System (IPS), Intrusion Detection System (IDS) Configuration Penetration Testing Forensics Threat Intelligence Threat Hunting Maintain awareness of state, local, and federal cybersecurity developments, standards, frameworks, and regulations and their impact on operations. Support counterintelligence, insider threat, and law enforcement investigations through cybersecurity expertise. Requirements Bachelor’s degree in Computer Science or a related field. Minimum eight (8) years of experience advising security professionals on emerging cyber threats. Minimum eight (8) years of experience working within the DoD Intelligence Community. Demonstrated knowledge of DoD/IC computer systems, protections, and cybersecurity threats. Experience advising non-IT professionals on DoD network standards for insider threat tools. Strong coordination skills for collaborating across organizations and implementing cybersecurity solutions. Preferred Qualifications: Certified Information Systems Security Professional (CISSP). Knowledge of user activity monitoring (UAM) software and processes. Expertise in DoD cybersecurity compliance frameworks and regulations. Strong background in counterintelligence and insider threat investigations. Experience working across government security agencies, military cybersecurity teams, and intelligence divisions. Salary Range: $175,000 - $195,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

$175,000-195,000

Apex Informatics

Cybersecurity Analyst

Atlanta, GA, USA

The Georgia Department of Human Services, Office of Information Technology, is seeking a qualified candidate for the temporary contractor staffing position of Cybersecurity Analyst as part of the Information Security Team. *REQUIRED CERTIFICATIONS MUST BE UPLOADED* The Office of Information Technology is the office within DHS that provides computing, applications management, IT procurement, network and telecommunications services to all DHS divisions and offices. Responsibilities Proven experience in cybersecurity operations with hands-on expertise in monitoring and managing multiple security tools, including vulnerability scanning platforms such as Tenable (Nessus, Tenable.sc, or Tenable.io). Continuously monitor security tools and systems (e.g., SIEM, IDS/IPS, CrowdStrike EDR, DLP, Tenable vulnerability scanners) to detect, investigate, and respond to potential threats in real time. Maintain and oversee the CrowdStrike platform, ensuring proper configuration, alert triage, threat hunting, and endpoint coverage across the organization. Analyze data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations. Interact at multiple levels of the organization to establish and maintain a strong and adaptive security posture that aligns with organizational risk tolerance, information access requirements, business strategies, and compliance requirements. Integrate overarching security frameworks across multiple, complex disciplines in support of the business needs of the Agency to provide customer-focused technology solutions in a secure, cost-effective, and efficient manner. Strong knowledge of system administration, including configuration, hardening, patch management, and monitoring of Windows and Linux servers Coordinate and oversee the production of evidence to support internal and external audits. Conduct internal risk, vulnerability, and compliance assessments to: Identify risks, vulnerabilities, and compliance shortcomings; and recommend/develop security measures, policies, and controls for risk/vulnerability mitigation and remediation of compliance findings. Prepare and/or update incident response plans and perform incident response activities as directed and in accordance with established Agency procedures and guidelines and those of the Georgia Technology Authority (GTA). Ensure periodic monitoring of audit logs occurs in accordance with requirements, and report findings and concerns for further analysis and/or action, including breach notification and initiation of incident response, in accordance with Agency protocols/procedures and CISO direction/guidance. Work with developers to plan, implement, manage, and coordinate appropriate security measures for information systems/applications that control access to data, and prevent unauthorized modification, destruction, or disclosure of information in accordance with federal, state, local, and agency requirements, policies, and directives. Prepare and/or update Plan of Actions & Milestones (POA&M) that identify security weaknesses and establish milestones and compensating controls for remediating these weaknesses and tracking the progress and effectiveness of the remediation. Serve as a Subject Matter Expert (SME), advising on current best practice and strategies for the protection, auditing, and monitoring of data, data storage, and transmission paths. Work with business owners, IT managers, staff, and vendors to provide timely and efficient coordination of information assurance/security services to meet Agency needs. Prepare and communicate status of Agency information security programs and projects to senior executives through oral and written reports and presentations. Assist with information security awareness training activities and preparation of awareness training materials. Develop and communicate security metrics to assess effectiveness of, and compliance with, the Agency’s InfoSec policies and controls. Performs other professional responsibilities as assigned. Qualifications: Bachelor's degree in information technology, computer science, information assurance, or a related field from an accredited college or university AND Five years of information technology experience, One year of which in information security or information assurance. Note: An equivalent combination of education and job specific experience that provided the knowledge, experience and competencies required to successfully perform the job at the level listed may be substituted on a year-over-year basis. Desired Skills/Qualifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Demonstrated professional experience developing and communicating an information security strategy and aligning projects, initiatives, and resources to execute against the strategy.

Negotiable Salary

Security Architect IAM633934918301471215

Qode

Security Architect IAM

Massachusetts, USA

Primary responsibilities include Develop and Design Secure platform architectures, ensuring that architecture is consistent with enterprise architecture standards, guidelines and principles. Review Architecture and Implementations for consistency to CFG security standards Develop standards, recommendations, requirements, and security guidance in support of business activities Evaluate, design, and test IAM technologies to ensure secure, scalable, and cost-effective solutions. Guide IAM integration for new tools and systems, including configuration, debugging and deployment. Perform security assessments on projects across multiple CFG business product lines Participate in code and design reviews with teams of software, network and cloud engineers to ensure that solutions meet enterprise IAM and security standards. Collaborate with application teams across CFG to guide the direction of designing secure products. Collaborate with other functional teams' leadership and engineers to ensure solutions align with organizational goals and user needs. Contribute to technology direction, develop architecture and influence implementation to gain measurable business improvements. Stay ahead of industry trends to advise CFG identity strategies and strengthen the company security posture. Qualifications, Education, Certifications and/or Other Professional Credentials 8+ years of professional Security & Identity experience with 5+ years as a Principal Architect Experience designing security and identity solutions for 10K+ headcount organizations Extensive experience designing and implementing IAM solutions in enterprise environments with strong knowledge of identity lifecycle, access control, authentication and hybrid cloud security Demonstrable experience in leading IAM modernization initiatives, encompassing Active Directory, Entra ID, Single Sign On, MFA, Privileged Identity Management, and Zero Trust. Experience with IAM tools such as SailPoint, Okta, CyberArk, HashiCorp, Entra ID and Active Directory preferred Strong working knowledge of regulatory and compliance frameworks, including GDPR, NIST, and ISO 27001, and their application to enterprise identity preferred. Familiar with public cloud platforms (e.g. AWS, Entra, GCP) and Continuous Integration/Continuous Delivery (CI/CD) practices preferred. Deep understanding of Zero Trust, SD WAN and SASE approaches and platforms preferred Industry certifications like CISSP, CISM, CCSP, AWS, Azure or GCP highly valued

Negotiable Salary

Principal, Cyber Assurance633934875288331216

Control Risks

Principal, Cyber Assurance

Washington, DC, USA

This role may be based in NYC or Washington DC. We are seeking a senior leader to drive the growth of Digital Risks in the United States, with a primary focus on cyber assurance, third-party risk management, and large-scale regulatory compliance audits. In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include overseeing the assessment, and improving client cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program Evaluation Lead cyber assurance engagements, assessing client cybersecurity programs for compliance with industry standards such as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Third-Party Risk Management Audits Oversee large-scale third-party risk and compliance audits, ensuring alignment with industry-specific frameworks, regulatory standards, and contractual obligations. Regulatory Compliance Audits Oversee regulatory compliance audits to ensure clients meet required standards and regulations. Advise clients on audit preparation and guide them through maintaining compliance while improving cybersecurity measures. Ensure clients' compliance programs address both current and emerging regulatory requirements. Penetration Testing & Vulnerability Management Support Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews. Lead remediation efforts for high-risk vulnerabilities, aligning them with the client’s overall compliance and cybersecurity objectives. Client Relationship & Business Development Build and sustain relationships with key stakeholders, especially C-suite executives, positioning Digital Risks as a leader in cyber assurance and regulatory compliance. Identify and capitalize on new business opportunities in cyber assurance, third-party risk assessments, and compliance audits. Provide thought leadership on cyber assurance trends, regulatory updates, and best practices to enhance client relationships and grow the practice. Advise clients on continuously improving their cybersecurity and compliance frameworks based on audit findings and risk assessments. Practice Development & Team Leadership Recruit, develop, and lead a high-performing team specializing in cyber assurance, third-party risk management, and regulatory compliance. Foster a culture of continuous learning, ensuring the team stays ahead of emerging trends in cybersecurity and compliance. Contribute to the creation of innovative services and solutions to meet clients' evolving needs in cyber assurance and compliance auditing. Requirements Candidates must be legally authorized to work in the US on a permanent basis without sponsorship. Candidates must possess unrestricted US work authorization. Experience & Knowledge: 12+ years of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors. Experience integrating penetration testing and vulnerability assessments into broader cyber assurance strategies. Education & Certifications: Bachelor's or master’s degree in information security, Computer Science, Engineering, or a related field. Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services. Exceptional communication, presentation, and analytical skills with the ability to influence senior stakeholders and deliver impactful insights that improve cybersecurity resilience and regulatory compliance. The base salary range for this position in Washington DC is $180,000-$205,000 per year. The base salary range for this position in New York City is $200,000-$215,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

$180,000-215,000

Ping Identity SME - Active TS/SCI with CI Poly633934871630111217

ENS Solutions, LLC

Ping Identity SME - Active TS/SCI with CI Poly

Joint Base Anacostia-Bolling, Washington, DC 20032, USA

As an Identity and Access Management (IAM) specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We’re looking for someone like you to help our clients meet their missions without disruption. As a Ping Identity Subject Matter Expert, you’ll play a critical role in the world of IAM and zero trust. You’ll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles within them. You’ll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You’ll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets. From single sign-on to privileged access systems, you’ll have the chance to implement enterprise-class solutions and stop adversaries in their tracks. Requirements 5+ years of experience designing and deploying Identity and Access Management systems 3+ years of experience with PingFederate, PingAccess, PingDirectory, and PingAuthorize, including design, implementation, and integration in large-scale, complex environments Experience with IAM concepts such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), Zero Trust, and Passwordless Experience with IAM protocols such as SAML, OAuth, or OIDC Experience with IAM concepts such as federation and single sign-on (SSO) Active TS/SCI and willingness to obtain a CI Poly HS diploma or GED Security+ certification required. Nice If You Have: Experience with Identity governance processes and entitlement management programs Knowledge of system, network, application, and security architectures and cybersecurity solutions Knowledge of key cyber processes such as incident handling, risk measurement, and change management Knowledge of key cyber threats, including nation state actors, malware or ransomware, command and control infrastructures, and mitigations Ability to collaborate with the professional confidence and credibility to effectively engage and interact with technologists and leaders across the enterprise Ability to quickly comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and drive closure Benefits Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients. Why ENS? Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS 401k Contribution from Day 1 PTO + 11 Paid Federal Holidays Long & Short Term Disability Insurance Group Term Life Insurance Tuition, Certification & Professional Development Assistance Workers’ Compensation Relocation Assistance

Negotiable Salary

Senior IA/Cybersecurity Lead633920901973791218

Aretum

Senior IA/Cybersecurity Lead

Washington, DC, USA

ARETUM is seeking a Senior IA/Cybersecurity Lead to oversee and enhance our information assurance strategies while ensuring compliance with cybersecurity regulations and frameworks. In this pivotal role, you will guide a talented team in developing, implementing, and maintaining robust information assurance and cybersecurity programs tailored for our government clients. As a Senior IA/Cybersecurity Lead, you will be responsible for evaluating and strengthening security controls, conducting risk assessments, and managing compliance with Federal Information Security Management Act (FISMA) requirements. Your leadership will be crucial in establishing a security-first culture within the organization, and will directly contribute to safeguarding critical information systems. Key Responsibilities Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Monitor DOD, and other sites (e.g. Army Cyber) for new standards, regulations and policies. Review contract deliverables for compliance. Support risk management framework (RMF) implementation. Assess Information Assurance Vulnerability Alert (IAVA) management plans and processes. Develop and maintain Plans of Actions and Milestones (POAMs) for security related activities. Manage DD2875 submissions and support provisioning activities. Lead a Cybersecurity team and support interaction with other IT teams. Requirements A minimum of ten years of DoD IA experience Possess one of the following certifications: GSLC, CISSP, CISM, and CISA, or another DoD 8570.01-M Level 3 authorized IAT/IAM certification. A minimum of eight years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing tools and work efforts. A minimum of eight years of experience with the NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA. A minimum of eight years of experience supporting DoD defensive cyber operational activities, including, but not limited to, information system protection, defense, response (incident handling), reporting, and recovery. A minimum of eight years of experience in managing complex DoD projects. Possess a minimum of a favorably adjudicated NACLC/ANACI investigation (Tier 3) at proposal submission. Preferred Qualifications A bachelor’s degree in an IT related field Strong verbal and written communication skills as well as the ability to work independently. Experience leading teams. Experience writing Standard Operation Procedures (SOP), COOP Planning, POA&Ms, and other documentation in support of RMF as required. The ability to provide technical evaluation of proposed system(s) and application approaches. Work Environment & Physical Requirements This is a remote/work-from-home position. The employee is expected to maintain a professional and distraction-free home office environment with reliable internet access and the ability to participate in video and audio calls during standard working hours. Standard office equipment such as a computer, phone, and webcam will be used regularly. The physical demands described here are representative of those that must be met to successfully perform the essential functions of this job: Prolonged periods of sitting and working on a computer. Frequent use of hands and fingers to operate computer and telephone equipment. Must be able to lift up to 15 pounds occasionally (e.g., moving equipment). Ability to participate in virtual meetings and communicate clearly via video/audio platforms. Travel Requirement This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible. EEO & Pay Transparency Statement Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance. As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws. We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience. If you require a reasonable accommodation during the hiring process due to a disability, please contact our Talent Acquisition team for assistance. In compliance with Executive Order 13665, Aretum will not discharge or otherwise discriminate against employees or applicants for inquiring about, discussing, or disclosing their own pay or that of another employee or applicant. U.S. Work Authorization Applicants must be U.S. citizens and currently authorized to work in the United States on a full-time basis. This position supports a federal government contract and therefore requires an active Top Secret Clearance or the ability to obtain one. Benefits Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Family Leave (Maternity, Paternity) Short Term & Long-Term Disability Training & Development

Negotiable Salary

Mid-Cyber Security Specialist/Analyst (Dragos Experience)633920907479071219

Avint

Mid-Cyber Security Specialist/Analyst (Dragos Experience)

Camp Lejeune, NC 28547, USA

Avint LLC is seeking a dedicated and technically skilled Mid-Cyber Security Specialist/Analyst for an on-site position in Camp Jejeune, NC. In this critical role, you will support and maintain enterprise IT infrastructure in a mission-driven environment, ensuring system reliability, security, and performance. You’ll be responsible for administering and monitoring servers, applying system patches and updates, managing user accounts, and supporting virtualization platforms. Experience with tools such as Active Directory, Windows Server, Linux, VMware or Nutanix, and scripting for automation (PowerShell, Bash, etc.) is essential. Familiarity with security tools and practices, including STIGs, vulnerability remediation, and participation in system accreditation processes, is highly desirable. This position involves working closely with IT, cybersecurity, and operations teams to support day-to-day system functionality, troubleshoot issues, and contribute to system hardening and compliance initiatives. Location: 100% on-site in Camp Lejeune, NC **THIS POSITION REQUIRES AT LEAST 1 YEAR OF EXPERIENCE WITH THE DRAGOS PLATFORM** Responsibilities: Assist with the administration and monitoring of Nutanix Hyperconverged environments supporting FRCS Monitoring servers and applications. Support the deployment, configuration, and maintenance of the Cyber Monitoring Services OT Monitoring Platform, including Central Store, Site Store, and Sensors in lab and production settings. Perform routine configuration and maintenance of Microsoft SQL Server and Windows Server systems to support cybersecurity operations. Utilize the Marine Corps Certification and Accreditation Support Tool (MCCAST V2) to help document compliance efforts and system security posture. Provide day-to-day support for network infrastructure within a DoD environment, helping to ensure secure and stable connectivity. Understand and assist with interfacing cybersecurity practices across high voltage, water/wastewater, and mechanical control systems. Support the administration and monitoring of Unix and Windows systems, applying knowledge of TCP/IP protocols and basic security controls. Monitor and maintain Host-Based Security System (HBSS) to detect and respond to potential threats within DoD systems. Assist in the monitoring and basic troubleshooting of Automated Metering systems used for energy and utilities management. Support DEVSECOPS-aligned activities within USMC environments, ensuring compliance with established cybersecurity policies for ICS/OT systems. Assist in routine updates and support of ICS systems such as Metasys, Niagara AX, Alerton, Honeywell, Trend, KMC, American Automatrix, Loytec, Rockwell, and OSI. Support communications and system integration using protocols such as BACnet/MSTP, BACnet/IP, N2, LON, and SCADA systems related to high voltage and water/wastewater. Apply system and security patches to ICS/OT systems including Metasys, Niagara, Itron, Honeywell, Rockwell, and OSI as part of standard maintenance procedures. Assist in executing components of the USMC Assessment & Authorization (A&A) process, including use of MCCAST 2.0 and support for RMF documentation and compliance. Help manage and track Plans of Action and Milestones (POAMs) to address findings and vulnerabilities. Apply DISA STIGs in coordination with senior staff to ensure systems meet DoD security baselines. Assist in interpreting and implementing security controls based on NIST 800-53 and DoDI 8510.01 frameworks. Conduct preliminary vulnerability assessments and support risk analysis activities to identify and report on security issues. Monitor and analyze cybersecurity data using the Dragos platform to support OT threat detection and situational awareness. Requirements Experience: Minimum 3 years of relevant IT/system administration experience supporting virtualized environments, networks, and OT systems. Minimum 1 year of experience using the Dragos Platform. Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Security Clearance: Active Secret clearance required. Certifications: One or more of the following certifications (or equivalent) are highly desired: Cyber Monitoring Services Platform Certified User Certification ITIL v4 Foundations ICS-VLP Certificate (Courses 210W-01 through 210W-10) Risk Management Framework (RMF) Training – USMC specific Cisco Certified Entry Networking Technician (CCENT) or Cisco Certified Network Associate (CCNA) CompTIA Security+ (Sec+) Certified Information Systems Security Professional (CISSP) Microsoft Certifications (Server, Azure, or related) Benefits Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous PTO and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development! Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. The salary range for this position is: $100,000-$110,000

$100,000-110,000

Cybersecurity Systems Administrator633920858575371220

Triage Staffing

Cybersecurity Systems Administrator

Cincinnati, OH, USA

The Cybersecurity Systems Administrator plays a critical hybrid role, bridging traditional IT systems administration with advanced information security responsibilities. This position ensures the confidentiality, integrity, and availability of organizational systems by managing security tools, responding to threats, and maintaining secure infrastructure across cloud and on-prem environments. This is a hands-on role assisting with Tier 2/Tier 3 escalations and strategic cybersecurity tasks, such as monitoring security alerts, conducting phishing campaigns, managing vendor relationships, and writing security policies. You'll work cross-functionally to support tool integrations, secure network operations, and align the organization with industry security standards. Core Functions & Responsibilities Cybersecurity & Risk Management Monitor and respond to security alerts and incidents, using tools such as SIEMs and endpoint protection platforms. Manage and maintain core security infrastructure, including firewalls, antivirus, encryption, and multi-factor authentication systems. Lead phishing simulation campaigns and drive employee cybersecurity awareness training. Write, implement, and maintain information security policies, procedures, and best practices. Oversee identity and access management (IAM) systems, including SSO implementations and integrations with enterprise platforms. Assist with vulnerability scanning, patching coordination, and hardening of systems based on industry frameworks. Support regulatory and compliance needs (e.g., Joint Commision, HIPAA, GDPR, PCI-DSS), ensuring ongoing audit readiness. IT Systems Administration & Tool Management Administer and configure Microsoft-based infrastructure, including Active Directory, Azure AD, and Microsoft 365. Manage security groups, application integrations, and group policy management across systems. Provide Tier 2/Tier 3 escalation support for complex IT and security issues, including advanced troubleshooting. Maintain and support cloud and on-prem environments, including campus networking, DNS, Web Application Firewall (WAF), servers, and endpoint provisioning. Configure and optimize Intune, Windows Deployment Services, and automation tools to improve operational efficiency. Support system stability and reliability across enterprise networks and SaaS platforms. Collaboration & Strategic Support Partner with IT, compliance, and business teams to integrate security best practices into daily operations and project workflows. Serve as a technical lead during incident response efforts, including documentation, colleague communication, and root cause analysis. Collaborate with third-party vendors for tool evaluation, contract review, and ongoing vendor management. Manage cloud-based applications and infrastructure including Azure AD, Microsoft 365, and enterprise SaaS platforms. Requirements Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field. 2+ years of experience in a hybrid IT/security role or cybersecurity-focused systems administration. Proficient in managing and securing cloud platforms such as Microsoft Azure and SaaS environments. Familiarity with security frameworks and tools (e.g., NIST CSF, SIEM, IDS/IPS, MFA, VPNs). Hands-on experience with firewalls, encryption, group policy, and endpoint protection tools. Strong knowledge of network protocols and system hardening best practices. Experience responding to incidents and conducting root cause analysis and remediation. Working knowledge of compliance frameworks like Joint Commission, HIPAA, PCI-DSS, and GDPR. Experience with vulnerability scanning (e.g., Qualys, Tenable, Rapid7) and code scanning tools (e.g., Snyk, SonarQube, GitHub Advanced Security). Excellent troubleshooting skills, communication skills, and documentation habits. Preferred: Certifications such as Security+, CISSP, CISM, CEH, or Microsoft/Azure certifications. Experience with ITIL processes or other service management methodologies. Work Schedule In-office with flexibility to work from home with manager approval. Benefits Why Triage? Our commitment to creating a unique work culture sets us apart from the rest—no corporate robots here. Triage values transparency and autonomy, and we believe in recognizing your efforts and dedication. Join us on this exciting journey as we continue to be recognized among Inc. Magazine's 5000 fast-growing companies in America. Triage Staffing is an equal-opportunity employer committed to fostering diversity and inclusion in the workplace. We prohibit discrimination and harassment based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Note: This job description outlines the primary duties and responsibilities of the Intern role but is not an exhaustive list. Additional tasks may be assigned by your supervisor or manager. All duties are subject to change and may be modified to reasonably accommodate individuals with disabilities. Your performance will be evaluated based on your execution of the tasks outlined in this job description.

Negotiable Salary

Sr. Information System Security Officer633920805941771221

Prosync

Sr. Information System Security Officer

Annapolis Junction, MD, USA

ProSync Technology Group, LLC (ProSync) is an award-winning, SDVOSB Defense Contracting company with a strong military heritage and a record of excellence in supporting the Department of Defense and the Intelligence Community. If you have prior military service or government contracting experience, are proud to serve and support our nation, and want to help support ProSync's mission to "Define and Redefine the State of Possible,” please apply today! The Senior Information Systems Security Officer (ISSO) will provide aid to the program, organization, system, or enclave's information assurance program and will also lend assistance for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies in addition to the below. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluates security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Assists security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF). Requirements A minimum of twelve (12) years of total experience in the information security arena. A minimum of seven (7) years of experience directly as an ISSO supporting IC or DoD programs and contracts of similar scope, type, and complexity. A Bachelors of Science degree in Computer Science, Information Assurance, Information Security, or related discipline. Experience supporting over 30 SSP's. DoD 8570 compliance with IAM Level II or IAT Level III (i.e., CASP, CISSP, or Associate). A Top Secret/SCI w/ Polygraph is required. Benefits Join PROSYNC and enjoy our great benefits! Compensation: We offer bonuses that are awarded quarterly to our employees and our compensation rates are highly competitive. Health & Retirement: We offer a comprehensive Health Benefits package and 401K Retirement plan so you can take care of yourself and your family, now and in the future. Other health-related benefits include an employee assistance program for those difficult times or when you need to take care of your mental health. Education: Individual growth is a priority at ProSync. Employees are encouraged to take advantage of our company-sponsored continuing education program so you can get your degree or that next certification you need to propel you to the next level. Work/Life Balance: A healthy work/life balance is essential for building and executing your work effectively at ProSync, but it’s also necessary to allow you the room to pursue everything else you want to develop in your personal life.. We offer generous Paid Time Off and 11 paid holidays a year. ProSync also provides flexible work options that work with your schedule and lifestyle.

Negotiable Salary

Cyber Detection & Automation Engineer633920787626271222

DMV IT Service

Cyber Detection & Automation Engineer

Seattle, WA, USA

Job Title: Cyber Detection & Automation Engineer Location: Seattle, WA Employment Type: Contract About Us: DMV IT Service LLC is a trusted IT consulting firm, established in 2020. We specialize in optimizing IT infrastructure, providing expert guidance, and supporting workforce needs with top-tier staffing services. Our expertise spans system administration, cybersecurity, networking, and IT operations. We empower our clients to achieve their technology goals with a client-focused approach that includes online training and job placements, fostering long-term IT success. Job Purpose: The Cyber Detection & Automation Engineer will design, build, and maintain advanced detection logic and automation workflows across various security platforms. This role works closely with SOC analysts, threat intelligence teams, and incident responders to enhance threat detection, streamline security operations, and improve overall response capabilities. Requirements Key Responsibilities Develop and automate high-precision detection rules across SIEM, EDR, and cloud telemetry sources (e.g., Sentinel, Defender, AWS). Continuously monitor and optimize detection alerts to minimize false positives and enhance accuracy. Validate and test detection mechanisms to ensure ongoing reliability and effectiveness. Document detection methods, engineering processes, and knowledge transfer materials. Conduct detection coverage assessments and improve resilience and accuracy through gap analysis. Create security automation workflows using SOAR platforms, particularly Microsoft Sentinel and Logic Apps. Build custom integrations between security platforms, including SIEM, EDR, threat intelligence feeds, and ticketing systems. Automate repetitive SOC tasks like alert triage, IOC lookups, and ticket creation. Develop dashboards and utilities that provide insights into SOC metrics and operational performance. Collaborate with SOC analysts and threat intelligence teams to stay ahead of emerging threats using the MITRE ATT&CK framework. Maintain and update playbooks, runbooks, and documentation related to detection strategies and attacker behaviors. Prepare reports on detection performance, automation activities, and recommended improvements for leadership. Required Skills & Experience Bachelor’s degree in cybersecurity, computer science, IT, or related discipline. 5+ years of experience in cybersecurity, with at least 3 years focused on detection and automation engineering. Proficient in writing detection logic using KQL, SPL, or similar query languages. Skilled in scripting with Bash, PowerShell, Python, or JavaScript. Hands-on experience developing automation with SOAR platforms, particularly Microsoft Sentinel/Logic Apps. Strong understanding of SOC operations, incident response workflows, and threat detection strategies. Experience working with RESTful APIs and integrating third-party security tools. Background in cloud environments, preferably AWS and Azure. In-depth knowledge of the MITRE ATT&CK framework and threat modeling. Practical understanding of attacker TTPs and detection methodologies. Familiarity with version control (Git), CI/CD pipelines, and infrastructure as code. Ability to process and analyze large datasets to detect patterns and threats. Effective communication skills for diverse technical audiences. Collaborative mindset with the ability to work across multiple teams in a fast-paced environment. Preferred Certifications Microsoft SC-200, Azure Security Engineer Associate AWS Certified Security – Specialty GIAC (GCIA, GCTI, GDAT) CISSP, CISM

Negotiable Salary

Senior Cyber Security Engineer (USA)633920762960651223

Trexquant Investment

Senior Cyber Security Engineer (USA)

Stamford, CT, USA

Trexquant is a growing systematic fund adviser with a core team of highly accomplished technologists. We apply a wide variety of statistical and machine learning techniques to build investment portfolios and trade our client assets in global equity and derivatives markets. Our global team is composed primarily of research professionals with advanced science, math and technology degrees, with locations in the US, China and India. We’re looking for a motivated and technically adept security engineer to support the Technology and Compliance teams in engineer, enhancing and maintaining the Firm’s security program and infrastructure. This opportunity is ideal for a security professional who strives to work on diverse projects in an academically-influenced technologist culture, with mentoring and guidance from veteran staff. Responsibilities Explore, develop and implement innovative security solutions, protocols, and procedures to protect the organization’s systems and networks. Maintain current security platforms and set up preventive measures. Assist in reviewing cybersecurity protocols designed to protect the Firm’s proprietary data, systems and infrastructure in accordance with industry regulations and best practices. Monitor vulnerability awareness platforms, penetration testing results, and other risk analysis to identify and mitigate security weaknesses. Help maintain and review data flow monitoring and configure logging tools to capture and detect suspicious behavior. Assist compliance team with incident response procedures to identify, manage, and mitigate security incidents and breaches, and establish a protocol for security incident reporting. Collaborate with internal stakeholders to carry-out periodic risk assessments and work closely with consultants to ensure ongoing compliance and security readiness. Stay up to date with the latest security trends, technologies, and threat intelligence. Requirements Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Master’s degree in a related field preferred. 3+ years of prior experience in a security engineering or security operations role, ideally at a quantitative adviser, technology company or systematic trading firm. Solid understanding of security concepts such as encryption, authentication, access control, vulnerability management and network monitoring and security. Experience with security tools such as firewalls, SIEM systems, IDS/IPS and vulnerability scanners. Knowledge of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2, PCI-DSS, GDPR). Experience with scripting or automation (e.g., Python, Bash, PowerShell) to implement security measures or automate tasks. Ability to translate complex security concepts to non-technical stakeholders. Industry certifications such as CISSP, CEH, or CompTIA Security+ are preferred. Good knowledge of Unix-like operating systems and experience with FreeBSD is a plus. Benefits Competitive salary, plus bonus based on individual and company performance Collaborative, casual, and friendly work environment while solving the hardest problems in the financial markets PPO Health, dental and vision insurance premiums fully covered for you and your dependents Pre-tax commuter benefits Weekly company meals Trexquant is an Equal Opportunity Employer

Negotiable Salary

Identity Access Management Positions -3 - San Jose, CA, Austin, TX (Remote ok)633920667412491224

iSoftTek Solutions Inc

Identity Access Management Positions -3 - San Jose, CA, Austin, TX (Remote ok)

Austin, TX, USA

Role: Senior Technical Engineer - Identity Access Management [Positions -3] Location: San Jose, CA, Austin, TX (Remote ok) Qualifications: · Bachelor's Degree in Computer Science or related field. · A solid grounding in Computer Science fundamentals. · 15+ years of experience building successful production software systems. · 5+ years of relevant experience in Identity Access Management domain & solid understanding of Identity open standards and specs What you need to bring: · Expert on open standards such as OAuth 2.0, Open ID Connect, SCIM, FAPI etc. · Expert in back-end development using Java EE technologies (e.g. Java language, application servers, servlet containers, JMS, JPA, Spring MVC, Hibernate). · Strong OOP skills, with ability to analyze requirements and transform into scalable software designs. · Experience with HTTP, REST API's and competent designing and building web services/microservices in a commercial setting. · Knowledge of SQL and other/NoSQL/modern database and storage technologies. Desired understanding of Oracle, JDBC and ORM frameworks (e.g. Hibernate). · Experience with Design Patterns, MVC and frameworks (e.g. Spring). · Competent in design/implementation for reliability, availability, scalability, and performance. · Competent in software engineering tools (e.g. Java build tools) and best practices (e.g. unit testing, test automation, continuous integration, etc.). · Should be a strong advocate of code craftsmanship, good coding standards and use of tools that will improve the quality of the delivered code. · Demonstrate a high level of curiosity, passion for technology, pride of ownership and strive for excellence. · Experience with using Agile/Scrum methodology for software development. · Good understanding of web services and SOA related standards like REST/OAuth/JSON and SOAP/WSDL. · Extra credit: Provide your GitHub account or code samples with your resume!

Negotiable Salary

Mid-Level Threat Manager (Top Secret Clearance Required)633920467623711225

RP Pro Services

Mid-Level Threat Manager (Top Secret Clearance Required)

Washington, DC, USA

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Mid-Level Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum six (6) years in threat assessment and/or threat management. Minimum five (5) years of compensated professional experience in Threat Assessment and Management (TAM) OR two (2) years of ATAP membership in good standing and two (2) years of compensated professional experience (which may be concurrent). Minimum three (3) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $155,000 - $170,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

$155,000-170,000

Information System Security Officer (ISSO) III633920665341471226

Paragon Cyber Solutions

Information System Security Officer (ISSO) III

Philadelphia, PA, USA

Paragon Cyber Solutions is hiring a skilled Information System Security Officer (ISSO) III to support cybersecurity and compliance functions in direct support of the Naval Surface Warfare Center Philadelphia Division (NSWCPD). This position is contingent upon contract award. The ISSO III will play a vital role in implementing and maintaining security controls, supporting incident response, and ensuring overall system compliance with Department of Defense (DoD) cybersecurity standards and frameworks. If you’re looking for an opportunity to make an impact while supporting national security, we want to hear from you. Requirements Ensure security compliance across information systems by implementing DoD cybersecurity policies, standards, and guidelines. Assist in applying Risk Management Framework (RMF) requirements for system security accreditation and authorization. Coordinate and enforce required security changes and control implementations across systems and networks. Conduct vulnerability scans, threat assessments, and cyber risk analysis on mission systems. Support cyber incident response efforts including investigation, containment, documentation, and reporting. Perform continuous monitoring of system security postures and coordinate with other cybersecurity personnel to maintain system integrity. Prepare and maintain system security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and security assessment reports. Participate in site inspections, compliance audits, and assessments by government or third-party assessors. Education Bachelor’s degree in Computer Science, Information Technology, Communications Systems Management, or a related STEM field from an accredited college or university. Experience At least 6 years of relevant experience coordinating security implementation, policy compliance, vulnerability/threat assessments, and supporting incident response and investigation efforts. Certifications (one or more required): Must meet IAM Level II IAWF baseline certification standards under DoD 8140/8570.01-M, with at least one of the following: CAP (Certified Authorization Professional) CASP+ CE (CompTIA Advanced Security Practitioner) CISM (Certified Information Security Manager) CISSP (or Associate) GSLC (GIAC Security Leadership Certification) CCISO (Certified Chief Information Security Officer) HCISPP (HealthCare Information Security and Privacy Practitioner) Benefits Health Care Plan (Medical, Dental & Vision). Retirement Plan (401K w/ employer matching). Paid Time Off & Paid Federal Holidays. Short and Long-Term Disability. Healthy Work-Life Balance.

Negotiable Salary

First Division Consulting

Security Analyst III

Edgewood, MD, USA

FirstDiv is seeking a Security Analyst III to support security operations and classified information management for JPM CBRN Sensors. The analyst will enforce compliance with NISPOM and DoDM 5200.01, manage security documentation, and support personnel and facility clearance requirements. The contractor shall perform the following task(s): Maintain classified material control, clearance rosters, and visitor access logs. Support clearance initiation, CAC issuance, and facility access coordination. Conduct annual OPSEC, AT Level I, CUI, and cybersecurity training compliance. Ensure compliance with DD Form 254, FAR 52.204-2, and 32 CFR Part 117. Monitor access control for classified networks and storage of secure media. Provide security briefings and support on-boarding of cleared personnel. Requirements 4+ years supporting DoD industrial security or security administration programs. Experience with JPAS, DISS, and handling classified/SAP/SAR information. Familiarity with PII protection, CAC accountability, and secure facility access. Strong knowledge of NISPOM, DoDM 5200.01, and Army/DoD security policy. Clearance Required: Active Secret Physical Requirements: While performing the duties of this job, the employee may be regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, and keyboard. Specific vision abilities required by this job include close vision requirements due to computer work. Light to moderate lifting may be required. Regular, predictable attendance is required; including quarter-driven hours as business demands dictate. Work Environment: The work environment characteristics described here are representative of those a teammate encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Moderate noise (i.e., business office with computers, phone, and printers, light traffic). Ability to work in a confined area. Ability to sit at a computer terminal for an extended period. Benefits Medical, dental, vision, life insurance, STD, LTD, holidays, PTO and 401(k) plan with company match. First Division Consulting is an Equal Opportunity Employer. All employment decisions are based on merit, qualifications, skills, and abilities. All fully qualified applicants will receive equal consideration for employment in accordance with all applicable federal, state, and/or local laws prohibiting discrimination by protected classes.

Negotiable Salary

COMSEC Security Specialist-536387633920460508191228

Delaware Nation Industries

COMSEC Security Specialist-536387

Bluemont, VA 20135, USA

The Office of Emergency Management (A/DOES/OEM) is the Department of State organization responsible for fulfilling the Department’s responsibilities mandated by Presidential Policy Directive 40 (PPD-40), National Continuity Policy. The Department’s Continuity programs cover the full range of threats to national security that derive from natural disasters, military and terrorist attacks, technological emergencies, or other emergencies. The Continuity Communications Division (A/DOES/OEM/CCD), Office of Emergency Management is responsible for developing emergency and continuity plans and programs and an appropriate state of readiness that prepare the Secretary and the Department to respond to any national security emergency. The scope of this requirement encompasses obtaining Audio Visual (AV), Telecommunications/PBX, and Information Technology (IT) communications systems support and continuity communications services necessary for the design, development, implementation, deployment, operation, and maintenance in support of the Bureau’s continuity-specific hardware and software applications, telecommunications/networking systems, and continuity communications operations. The tasks described below will be performed as a part of a technical team including other contract and government personnel. The objective of this requirement is to provide A/DOES/OEM/CCD with real-time services for the operations, maintenance, testing, and development of Audio Visual (AV), Information Technology (IT), and telecommunications systems, and Security/COMSEC program support for continuity communications operations that enable the Bureau of Administration and A/DOES/OEM/CCD to conduct the Department of State’s domestic emergency continuity mission. The purpose of this task order is to provide technical/professional personnel to provide planning, analysis requirements definition, design, development, implementation, integration, and training to support its mandated mission. Job Duties: Personnel, information, physical, industrial and operations security in support of collateral, special access program (SAP), sensitive compartmented information (SCI), Insider Threat (InT), security education training and awareness (SETA) and alternative compensatory control measures (ACCM) programs. Assist with day‑to‑day security operations at operating sites and serves as a liaison with other USG Departments and agencies with respect to OEM’s COMSEC, accreditation, physical, personnel, and information security issues. Assist the primary Unit Security Officer with OEM facilities. Will assist the senior Special Security Representative (SSR) with OEM spaces. Assist with developing, implementing, managing, and monitoring policies, instructions, procedures, control systems, and methods to prevent compromise or loss of classified information or material. Assist with access control equipment, access administration (access lists and rosters), access procedures, safes, safe inventories, safe and door combinations, vaults, locks, and keys for doors within OEM facilities Assist with visitor access and access control processes and procedures, and non-disclosure agreements. Assist with security support to conferences (i.e. process VARs, verification of participant clearances, provide/transport classified information/materials, site surveys, on-site support, etc.). With Government direction, prepare and deliver security indoctrinations and briefings on all security procedures and topics. Input and update badge and credential records in the badge system. Assist with physical security, surveys, and inspections. Assist with maintaining correspondence suspense files, records, files for reports, operating procedures, internal memorandums, and composes correspondence. Maintain security-related databases to ensure the integrity of the applicable information. Assist with providing COMSEC and related security guidance to OEM staff at multiple geographically separated facilities and with the design and implementation of COMSEC and other security training programs for Office staff. Provide technical and operational support to COMSEC account managers in the daily handling, safeguarding, distribution, and destruction of COMSEC keying material and equipment. Ensures COMSEC material is handled in accordance with federal regulations, that there are no infractions in the process, and that transfers of accountable material are properly recorded and reported. Proficient with COMSEC equipment such as SKL, KIK-30, KIK-11, and legacy key loaders. Proficient in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Monitor and maintain accurate records of COMSEC assets via KMI/EKMS or other COMSEC accounting systems. Prepare and process COMSEC material requests, transaction reports, and other documentation as required. Requirements At least 5 years of experience in the security functional area, and 3-5 years’ experience in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Previous experience as an COMSEC Manager, Alternate COMSEC Manager, or KMI Registration Manager. In-depth knowledge of CNSSI 4005 (Safeguarding COMSEC) and CNSSI 4006 (Communications Security (COMSEC) Monitoring). At least 5 years of experience with the latest security policies, processes, and procedures including personnel, information, physical, industrial and operations security in support of collateral, special access program (SAP), sensitive compartmented information (SCI), Insider Threat (InT), security education training and awareness (SETA) and alternative compensatory control measures (ACCM) programs. Completion of NSA COMSEC Manager or KMI Operator training courses. Experience with the Federal government level security policy and procedures. Experience with handling classified correspondence and materials, knowledge of Microsoft Office suite tools, and experience in writing, editing, and managing executive correspondence. Demonstrated subject matter knowledge of intelligence community, and national-level personnel security policies and procedures. Thorough understanding of the federal rules and regulations that encompass the SCI and collateral security process. Excellent interpersonal skills and the ability to work in a fast-paced team environment. Ability to use discretion when handling sensitive personal information. Strong organizational and documentation skills; ability to maintain 100% accountability in high-tempo environments. The ability to work independently, be self-motivated, and problem solve. Must be able to follow established policies and regulations with exact precision and attention to detail. Must be able to develop and maintain productive working relationships with colleagues both internal and external to the Department. Must be in good physical health to deal with long hours occasionally needed in emergency situations. Top-Secret clearance, with the ability to acquire Sensitive Compartmented Information (SCI) access. Occasional travel to support remote locations throughout the country, as needed, may be required.

Negotiable Salary

Axiom Software Solutions Limited

SAP Security Analyst

Raritan, NJ, USA

A highly skilled and experienced SAP Security Specialist is needed to join the team. The specialist will focus on the secure and compliant operation of the SAP landscape, specifically across SAP BusinessObjects Data Services BODS, SAP Landscape Transformation Replication Server SLT, SAP Ariba, and SAP Signavio. The specialist will be responsible for designing, implementing, and maintaining robust security solutions that meet business needs and compliance requirements. This role requires a strong understanding of SAP authorization concepts, risk management, and the ability to work collaboratively across various teams. Responsibilities: Design, develop, and maintain SAP security roles and authorizations within BODS, SLT, Ariba, and Signavio environments, aligning with security policies, standards, and SoD requirements. Administer user access, troubleshoot issues, and oversee GRC implementation and user access reviews for the specified SAP applications. Conduct security assessments, monitor and report on security events, and support audits. Collaborate with IT and functional teams to define and implement security policies and provide user support. Lead SAP security tasks in projects, supporting implementations and managing change control processes. Develop and maintain the SAP Signavio Process Intelligence security model and ensure secure data access control. Manage SSO, user provisioning, and integrations with IdMGRC if applicable. Analyze and troubleshoot access issues, ensuring least privilege and SoD compliance. Maintain audit trails and ensure system compliance with internal and external controls e.g., SOX. Work closely with SAP Basis and Cloud Identity Services for user lifecycle and identity federation. Participate in system upgrades, patching, and cutovers by validating security impacts. Provide documentation and knowledge transfer to support and audit teams. Qualifications: Bachelor's degree in a relevant field. Minimum of 10+ years of SAP Security experience with proven project delivery. Strong knowledge in: SAP BODS repository and runtime user security. SLT rolebased access control and connection configurations. SAP Ariba user provisioning via Ariba Administration, CIG or BTP, integration with SSO and Active Directory. Signavio cloud user management and role assignments through SAP BTP cockpit or SCIMbased provisioning. Expert knowledge of SAP authorization security, implementation methodologies, and SoD concepts. Experience with SAP GRC Access Control. Demonstrated ability to design SAP security solutions and experience in endtoend SAP security project lifecycles. Excellent communication and collaboration skills. Preferred Qualifications: SAP Ariba certification. Experience with EIMSailPoint, SAP Solution ManagerChaRM, and SAP Business Technology Platform BTP. Bachelor's degree in Computer Science, Information Technology, or related discipline. SAP Security or GRC certification is a plus. Experience in multitenant SAP Ariba or Signavio deployment models. Knowledge of compliance frameworks e.g., ISO, NIST, SOX. This job description provides an overview of the responsibilities and qualifications required for an SAP Security Specialist role with a focus on BODS, SLT, Ariba, and Signavio. It can be further customized based on specific organizational needs and the seniority level of the position.

Negotiable Salary