Mid-Cyber Security Specialist/Analyst (Dragos Experience)

Role: Senior Technical Engineer - Identity Access Management [Positions -3] Location: San Jose, CA, Austin, TX (Remote ok) Qualifications: ·        Bachelor's Degree in Computer Science or related field. ·        A solid grounding in Computer Science fundamentals. ·        15+ years of experience building successful production software systems. ·        5+ years of relevant experience in Identity Access Management domain & solid understanding of Identity open standards and specs What you need to bring: ·        Expert on open standards such as OAuth 2.0, Open ID Connect, SCIM, FAPI etc. ·        Expert in back-end development using Java EE technologies (e.g. Java language, application servers, servlet containers, JMS, JPA, Spring MVC, Hibernate). ·        Strong OOP skills, with ability to analyze requirements and transform into scalable software designs. ·        Experience with HTTP, REST API's and competent designing and building web services/microservices in a commercial setting. ·        Knowledge of SQL and other/NoSQL/modern database and storage technologies. Desired understanding of Oracle, JDBC and ORM frameworks (e.g. Hibernate). ·        Experience with Design Patterns, MVC and frameworks (e.g. Spring). ·        Competent in design/implementation for reliability, availability, scalability, and performance. ·        Competent in software engineering tools (e.g. Java build tools) and best practices (e.g. unit testing, test automation, continuous integration, etc.). ·        Should be a strong advocate of code craftsmanship, good coding standards and use of tools that will improve the quality of the delivered code. ·        Demonstrate a high level of curiosity, passion for technology, pride of ownership and strive for excellence. ·        Experience with using Agile/Scrum methodology for software development. ·        Good understanding of web services and SOA related standards like REST/OAuth/JSON and SOAP/WSDL. ·        Extra credit: Provide your GitHub account or code samples with your resume!  

Paragon Cyber Solutions is hiring a skilled Information System Security Officer (ISSO) III to support cybersecurity and compliance functions in direct support of the Naval Surface Warfare Center Philadelphia Division (NSWCPD). This position is contingent upon contract award. The ISSO III will play a vital role in implementing and maintaining security controls, supporting incident response, and ensuring overall system compliance with Department of Defense (DoD) cybersecurity standards and frameworks. If you’re looking for an opportunity to make an impact while supporting national security, we want to hear from you. Requirements Ensure security compliance across information systems by implementing DoD cybersecurity policies, standards, and guidelines. Assist in applying Risk Management Framework (RMF) requirements for system security accreditation and authorization. Coordinate and enforce required security changes and control implementations across systems and networks. Conduct vulnerability scans, threat assessments, and cyber risk analysis on mission systems. Support cyber incident response efforts including investigation, containment, documentation, and reporting. Perform continuous monitoring of system security postures and coordinate with other cybersecurity personnel to maintain system integrity. Prepare and maintain system security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and security assessment reports. Participate in site inspections, compliance audits, and assessments by government or third-party assessors. Education Bachelor’s degree in Computer Science, Information Technology, Communications Systems Management, or a related STEM field from an accredited college or university. Experience At least 6 years of relevant experience coordinating security implementation, policy compliance, vulnerability/threat assessments, and supporting incident response and investigation efforts. Certifications (one or more required): Must meet IAM Level II IAWF baseline certification standards under DoD 8140/8570.01-M, with at least one of the following: CAP (Certified Authorization Professional) CASP+ CE (CompTIA Advanced Security Practitioner) CISM (Certified Information Security Manager) CISSP (or Associate) GSLC (GIAC Security Leadership Certification) CCISO (Certified Chief Information Security Officer) HCISPP (HealthCare Information Security and Privacy Practitioner) Benefits Health Care Plan (Medical, Dental & Vision). Retirement Plan (401K w/ employer matching). Paid Time Off & Paid Federal Holidays. Short and Long-Term Disability. Healthy Work-Life Balance.

 FirstDiv is seeking a Security Analyst III to support security operations and classified information management for JPM CBRN Sensors. The analyst will enforce compliance with NISPOM and DoDM 5200.01, manage security documentation, and support personnel and facility clearance requirements. The contractor shall perform the following task(s): Maintain classified material control, clearance rosters, and visitor access logs. Support clearance initiation, CAC issuance, and facility access coordination. Conduct annual OPSEC, AT Level I, CUI, and cybersecurity training compliance. Ensure compliance with DD Form 254, FAR 52.204-2, and 32 CFR Part 117. Monitor access control for classified networks and storage of secure media. Provide security briefings and support on-boarding of cleared personnel. Requirements 4+ years supporting DoD industrial security or security administration programs. Experience with JPAS, DISS, and handling classified/SAP/SAR information. Familiarity with PII protection, CAC accountability, and secure facility access. Strong knowledge of NISPOM, DoDM 5200.01, and Army/DoD security policy. Clearance Required: Active Secret Physical Requirements: While performing the duties of this job, the employee may be regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, and keyboard. Specific vision abilities required by this job include close vision requirements due to computer work. Light to moderate lifting may be required. Regular, predictable attendance is required; including quarter-driven hours as business demands dictate.  Work Environment: The work environment characteristics described here are representative of those a teammate encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Moderate noise (i.e., business office with computers, phone, and printers, light traffic). Ability to work in a confined area.    Ability to sit at a computer terminal for an extended period. Benefits Medical, dental, vision, life insurance, STD, LTD, holidays, PTO and 401(k) plan with company match. First Division Consulting is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All fully qualified applicants will receive equal consideration for employment in accordance with all applicable federal, state, and/or local laws prohibiting discrimination by protected classes.

RP Professional Services is a rapidly growing Technology consulting firm headquartered in Virginia. We’re an 8a and Service-Disabled Veteran-Owned Small Business (SDVOSB) serving both federal and commercial customers. At RP, we help our clients achieve their mission by developing value driven, customized solutions that are executed by the best people. Our dedication to our employees and clients is driven by our promise to deliver Excellence, Value, and Flexibility. "People, not just Resources" is more than our motto; it's the foundation on which we are built! RP Professional Services is seeking a Mid-Level Threat Manager to identify, assess, and mitigate security risks, particularly those related to violent threats, insider threats, and intelligence vulnerabilities. This role requires expertise in threat assessment and management (TAM), risk mitigation strategies, and collaboration with military and government agencies. The ideal candidate will possess structured professional judgment expertise, law enforcement and intelligence experience, and a deep understanding of threat management frameworks within the Department of Defense (DoD) and Intelligence Community (IC). This position is contingent upon the contract being awarded to RP Professional Services. Requirements: Conduct structured threat assessments utilizing industry-recognized methodologies. Apply Structured Professional Judgment (SPJ) tools, such as WAVR-21 and TRAP-18, to evaluate threats. Develop and implement risk mitigation strategies for military and civilian leadership. Provide written and verbal briefings on threat intelligence, security risks, and emerging patterns. Support local, state, and federal threat management teams focused on preventing violent behavior. Collaborate with law enforcement, intelligence agencies, and government organizations to assess threats. Utilize DoD and commercial databases to compile and analyze threat intelligence reports. Ensure compliance with national security protocols, regulations, and industry best practices. Conduct training programs for leadership teams on threat management and risk mitigation. Requirements Certified Threat Assessment Professional (administered by the Association of Threat Assessment Professionals - ATAP). Must be an active ATAP member. Minimum six (6) years in threat assessment and/or threat management. Minimum five (5) years of compensated professional experience in Threat Assessment and Management (TAM) OR two (2) years of ATAP membership in good standing and two (2) years of compensated professional experience (which may be concurrent). Minimum three (3) years of experience advising military or civilian leaders on threat assessment strategies. Direct experience working with the DoD population in a security or intelligence capacity. Experience supporting threat management units or teams focused on assessing and mitigating violent behavior risks. Familiarity with Intelligence and/or Law Enforcement communities, including Government, DoD, and commercial databases used to compile analytic products. Preferred Qualifications: Advanced certifications such as CISSP, CISM, CEH, or GCIH. Strong understanding of geopolitical risks and global threat landscapes. Proven ability to train personnel in threat assessment methodologies and risk mitigation strategies. Salary Range: $155,000 - $170,000 The salary range for this role considers a wide range of factors, including, but not limited to, skill sets, equity, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.   Benefits Health Benefits: Medical, Vision, Dental Up to 4% retirement match with 100% vesting Company paid STD and LTD Company paid basic life insurance Competitive PTO package RP Professional Services, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

The Office of Emergency Management (A/DOES/OEM) is the Department of State organization responsible for fulfilling the Department’s responsibilities mandated by Presidential Policy Directive 40 (PPD-40), National Continuity Policy. The Department’s Continuity programs cover the full range of threats to national security that derive from natural disasters, military and terrorist attacks, technological emergencies, or other emergencies. The Continuity Communications Division (A/DOES/OEM/CCD), Office of Emergency Management is responsible for developing emergency and continuity plans and programs and an appropriate state of readiness that prepare the Secretary and the Department to respond to any national security emergency. The scope of this requirement encompasses obtaining Audio Visual (AV), Telecommunications/PBX, and Information Technology (IT) communications systems support and continuity communications services necessary for the design, development, implementation, deployment, operation, and maintenance in support of the Bureau’s continuity-specific hardware and software applications, telecommunications/networking systems, and continuity communications operations. The tasks described below will be performed as a part of a technical team including other contract and government personnel. The objective of this requirement is to provide A/DOES/OEM/CCD with real-time services for the operations, maintenance, testing, and development of Audio Visual (AV), Information Technology (IT), and telecommunications systems, and Security/COMSEC program support for continuity communications operations that enable the Bureau of Administration and A/DOES/OEM/CCD to conduct the Department of State’s domestic emergency continuity mission. The purpose of this task order is to provide technical/professional personnel to provide planning, analysis requirements definition, design, development, implementation, integration, and training to support its mandated mission. Job Duties: Personnel, information, physical, industrial and operations security in support of collateral, special access program (SAP), sensitive compartmented information (SCI), Insider Threat (InT), security education training and awareness (SETA) and alternative compensatory control measures (ACCM) programs. Assist with day‑to‑day security operations at operating sites and serves as a liaison with other USG Departments and agencies with respect to OEM’s COMSEC, accreditation, physical, personnel, and information security issues. Assist the primary Unit Security Officer with OEM facilities. Will assist the senior Special Security Representative (SSR) with OEM spaces. Assist with developing, implementing, managing, and monitoring policies, instructions, procedures, control systems, and methods to prevent compromise or loss of classified information or material. Assist with access control equipment, access administration (access lists and rosters), access procedures, safes, safe inventories, safe and door combinations, vaults, locks, and keys for doors within OEM facilities Assist with visitor access and access control processes and procedures, and non-disclosure agreements. Assist with security support to conferences (i.e. process VARs, verification of participant clearances, provide/transport classified information/materials, site surveys, on-site support, etc.). With Government direction, prepare and deliver security indoctrinations and briefings on all security procedures and topics. Input and update badge and credential records in the badge system. Assist with physical security, surveys, and inspections. Assist with maintaining correspondence suspense files, records, files for reports, operating procedures, internal memorandums, and composes correspondence. Maintain security-related databases to ensure the integrity of the applicable information. Assist with providing COMSEC and related security guidance to OEM staff at multiple geographically separated facilities and with the design and implementation of COMSEC and other security training programs for Office staff. Provide technical and operational support to COMSEC account managers in the daily handling, safeguarding, distribution, and destruction of COMSEC keying material and equipment. Ensures COMSEC material is handled in accordance with federal regulations, that there are no infractions in the process, and that transfers of accountable material are properly recorded and reported. Proficient with COMSEC equipment such as SKL, KIK-30, KIK-11, and legacy key loaders. Proficient in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Monitor and maintain accurate records of COMSEC assets via KMI/EKMS or other COMSEC accounting systems. Prepare and process COMSEC material requests, transaction reports, and other documentation as required. Requirements At least 5 years of experience in the security functional area, and 3-5 years’ experience in COMSEC operations, including key management, handling classified COMSEC material, and supporting audit and inspection activities. Previous experience as an COMSEC Manager, Alternate COMSEC Manager, or KMI Registration Manager. In-depth knowledge of CNSSI 4005 (Safeguarding COMSEC) and CNSSI 4006 (Communications Security (COMSEC) Monitoring). At least 5 years of experience with the latest security policies, processes, and procedures including personnel, information, physical, industrial and operations security in support of collateral, special access program (SAP), sensitive compartmented information (SCI), Insider Threat (InT), security education training and awareness (SETA) and alternative compensatory control measures (ACCM) programs. Completion of NSA COMSEC Manager or KMI Operator training courses. Experience with the Federal government level security policy and procedures. Experience with handling classified correspondence and materials, knowledge of Microsoft Office suite tools, and experience in writing, editing, and managing executive correspondence. Demonstrated subject matter knowledge of intelligence community, and national-level personnel security policies and procedures. Thorough understanding of the federal rules and regulations that encompass the SCI and collateral security process. Excellent interpersonal skills and the ability to work in a fast-paced team environment. Ability to use discretion when handling sensitive personal information. Strong organizational and documentation skills; ability to maintain 100% accountability in high-tempo environments. The ability to work independently, be self-motivated, and problem solve. Must be able to follow established policies and regulations with exact precision and attention to detail. Must be able to develop and maintain productive working relationships with colleagues both internal and external to the Department. Must be in good physical health to deal with long hours occasionally needed in emergency situations. Top-Secret clearance, with the ability to acquire Sensitive Compartmented Information (SCI) access. Occasional travel to support remote locations throughout the country, as needed, may be required.

Control Risks is seeking a highly motivated and detail-oriented GSOC Specialist to join our embedded team supporting a high-profile global client. In this fast-paced role, you’ll be on the front lines of global security—tracking world events in real time, identifying potential threats, and driving rapid, intelligent responses to protect people, assets, and operations across the globe. This role will be part of a 24/7/365 function, and as such will require holiday and weekend work. This application is for the Day/Swing shift. Monitor global incidents—ranging from natural disasters and political unrest to major crimes and infrastructure disruptions—and assess their potential impact on the Client’s personnel and operations. Turn intelligence into action. Draft sharp, impactful alerts and situational updates for senior stakeholders and global security leaders to support informed, timely decisions. Operate in a high-stakes environment. Collaborate closely with security professionals in a 24/7/365 GSOC, where every second counts and your insights make a difference. Support crisis management efforts by facilitating escalations and coordinating emergency communications across global and regional leadership levels. Deliver executive-level briefings. Provide clear, concise, and confident updates—both written and verbal—on emerging threats and evolving incidents. Engage in regular drills and exercises to maintain readiness and align with best-in-class procedures. Conduct after-action reviews (AARs) to capture key lessons and enhance future responses. Work with internal and external partners including Protective Services and Systems & Technology teams to strengthen a holistic security posture. Represent both Control Risks and our client with professionalism, discretion, and composure—especially in high-pressure situations. Requirements Bachelor’s degree in related field 1+ years' experience in government, corporate security or a similar role.​ Experience working with global risk intelligence and incident response software.​ Experience with emergency mass notification systems.​ Experience with travel risk management software platforms.​ Experience working in a collaborative environment such as government or corporate global security operations center, emergency operations center, or a major urban area fusion center.​ Experience evaluating open-source information (media, social media, and unclassified government websites) to conduct incident analysis. The base salary range for this position is $70,000-75,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. We operate a discretionary bonus scheme that incentivizes, and rewards individuals based on company and individual performance. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov.