Cyber security analyst jobs in Baltimore, MD

Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks. Develops acceptance criteria for cybersecurity architecture. Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems. Assists with defining security objectives and system-level performance requirements. Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities. Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses. Maintains the computer and information security incident, damage and threat assessment programs. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed. Supports the development of integrated system solutions ensuring proprietary/confidential data and systems are protected. Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Minimum Qualifications Bachelor's Degree in Computer Science or a related field or equivalent experience. 2-4 years of experience in systems security. Other Job Specific Skills Must be able to communicate effectively and clearly present technical approaches and findings. Exercises a limited degree of latitude in determining technical objectives of assignments. Excellent attention to detail. Must be able to balance multiple tasks simultaneously. #cjpost

We are seeking multiple mid-level (5 years minimum) Cyber Defense Incident Responders that are available to work the midnight shift (11pm-7:30am) in a Security Operations Center. Clearance Requirements: Top Secret w/SCI Location: Washington, D.C. Job Description: Coordinate incident response functions. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Basic Qualifications- To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: Bachelor's degree or higher 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have,one of the following certifications: CERT Certified Computer Security Incident Handler (CSIH), ECC Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Information Security Fundamentals (GISF), or ISC2 Certified Information System Security Professional (CISSP). Strong written and verbal communication skills. Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). Knowledge of system administration, network, and operating system hardening techniques. Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Demonstrated ability to interact effectively with senior management and leadership. Ability to design incident response for cloud service models. Knowledge of incident categories, incident responses, and timelines for responses. Knowledge of incident response and handling methodologies. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) Desired Skills Experience identifying, capturing, containing, and reporting malware. Skill in preserving evidence integrity according to standard operating procedures or national standards. Strong securing network communications experience. Recognizing and categorizing types of vulnerabilities and associated attacks. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Experience performing damage assessments. Skill in using security event correlation tools and design incident response for cloud service models.

Role: Cybersecurity Engineer III Contract Job Responsibilities / Typical Day in the Role Implement design reviews to evaluate security controls Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively Communicate effectively across all levels of management to articulate Client security goals and vision. Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively (SAAS, on premise or in Cloud) Communicate effectively across all levels of management to articulate Client security goals and vision. Have a team player mentality; strive to contribute to team cohesion however can work independently if the need arises Plan, design, engineer and implement security-related technologies Understanding technical security issues, their implications within Client business units and able to effectively communicate them to management and other business leaders. Configure, troubleshoot, and maintain security infrastructure - including software and hardware in cloud environments, as well as on-premises. Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement. Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals Research and explore emerging security technologies and determine their appropriate use within the company. Prepare, document, and create standard operating procedures and protocols. Crosstrain and mentor other team members as needed Must Have Skills / Requirements Implementing advanced cyber security technology in a complex environment 5+ years of experience; Hands-on experience in security engineering, hands-on experience in building, designing, and maintaining enterprise security tools. Scripting experience (using Python, Go, or other equivalent languages) 5+ years of experience. Hands-on Experience with automation technologies 3+ Years of experience; Terraform, Ansible, CloudFormation, etc. Linux Experience. 5+ years of experience; Ability to construct and maintain complex network infrastructures. Technology requirements: Engineer and administer security platforms including SIEM/SOAR systems, endpoint detection and response, vulnerability management, anomaly detection, and cloud analysis. Experience in managing the Brinqa vulnerability management platform and experience with Groovy programming language Must have 5+ years of scripting experience (using Python or other equivalent languages) Hands-on Experience in public cloud infrastructures like AWS (Amazon Web Services) Nice to Have Skills / Preferred Requirements Security and Cloud certifications are a plus. (CISSP, Splunk Admin, AWS Solution architect). Media/entertainment or distributed global network experience. Soft Skills Hands-on technical experience with networking and computing system architectures, specifically, the security aspects thereof. Thorough understanding of information security principles, techniques, principles, policy frameworks, and best practices Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and review

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

Senior Security Engineer (Information Security Analyst IV) Clearance: Public Trust (U.S. Citizen or Green Card Holder; 3+ years U.S. residency required) Business Unit: Digital Modernization Role Summary The Senior Security Engineer supports the Department of Transportation's (DOT) Cybersecurity mission by enhancing and maintaining the security posture of DOT information systems and infrastructure. These systems play a critical role in safeguarding U.S. critical infrastructure, including highways, bridges, and roadways. This position provides advanced security engineering, participates in strategic security design, and delivers technical expertise for integrated security systems and endpoint protection. The role requires independent decision-making, leadership, and the ability to guide less experienced staff. It also involves complex problem-solving, interaction with senior federal leadership, and contributions that directly impact mission and schedule outcomes. Key Responsibilities Implement endpoint protection profile changes to address external threats and enforce security requirements. Coordinate with application, infrastructure, and engineering teams to troubleshoot endpoint protection software issues. Integrate endpoint security data with security log aggregation tools, including SIEM platforms. Participate in cybersecurity incident handling activities as requested. Stay current on emerging threats, vulnerabilities, and industry best practices related to endpoint security. Work assigned cybersecurity and security operations ITSM (ServiceNow) tickets through completion. Participate in Cybersecurity and Security Operations (SecOps) meetings. Collaborate on cybersecurity solutions that enhance the DOT's security posture. Configure, validate, and test secure systems and physical controls to detect security weaknesses. Contribute to strategic security design efforts, translating business and security requirements into technical solutions. Recommend policy changes and guide others in achieving departmental cybersecurity objectives. Required Technical Skills Endpoint protection management solutions (hands-on experience). Proven understanding of Federal cybersecurity requirements, including FISMA and the NIST 800 series. Ability to articulate endpoint security concepts to non-technical stakeholders. Demonstrated experience collaborating across cross-functional cybersecurity teams. Ability to evaluate complex security problems and apply judgment within established practices and policies. Experience with integration of endpoint security data into SIEM or log aggregation tools. Experience working security operations tickets within ServiceNow. Knowledge of security systems, secure configuration, validation, and testing methodologies. Preferred / Nice-to-Have Skills Foundational understanding of: Application and technology stacks Cloud-based systems Operating systems Databases Networking Firewalls Data Loss Prevention (DLP) Endpoint security software Network IDS/IPS Host-based IDS/IPS General cybersecurity best practices and industry standards Qualifications & Experience 9+ years of experience in Cybersecurity or related IT fields. Bachelor's degree + 9 years OR Master's degree + 7 years of experience Technical Certifications (one or more required): Network+ Security+ SSCP GISF ISACA Cybersecurity Fundamentals Or similar technical cybersecurity certification Ability to obtain and maintain a Public Trust clearance. Benefits (employee contribution): Health insurance Health savings account Dental insurance Vision insurance Flexible spending accounts Life insurance Retirement plan All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Title: Senior Azure Security Engineer Rate: $80/Hr. w2 Job Qualifications: Skills: Security Controls, Security Tools, System Security Certifications: Active DoD 8570 IAT Level II Certification (Security+, CISSP, CISM) Experience: 10+ years of related experience Clearance Level Must Currently Possess: Secret Clearance Level Must Be Able to Obtain: None Job Description: Information Security Analyst Duties and Responsibilities: Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g.,Azure AD B2B/B2C with CAC/PIV) Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints Automate compliance and security operations using PowerShell, Terraform, or ARM templates Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO) Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls Coordinate security assessments with third-party assessors Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities Ensure continuous monitoring plans meet agency requirements Prepare authorization packages for government review Maintain ongoing compliance through change management processes Serve as the liaison between technical teams and authorizing officials Translate security requirements into actionable tasks Ensure all documentation meets the rigorous standards required for federal information systems Information Security Analyst Requirements and Qualifications: Bachelor's degree in information systems security; master's degree or equivalent professional experience in information security is preferred Active Secret clearance 5+ years in cloud security, including 2+ in Azure Government or DoD environments Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform) Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks Hands-on experience with classified enclaves, hardened images, and enclave-to-enclave connectivity Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends Strong leadership, organizational, and communication skills Secret Clearance to start Knowledge of Agile software development process Required Technical Skills: SCAP, STIG, Patching, eMASS, and related RMF tools Cybersecurity, Systems Administration, implementation of RMF tools and processes Experience with gaining an ATO for systems and working the systems through the assessment and authorization process Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list Excellent communication skills Experience working in Agile software development teams Experience with secure development, coding and engineering practices Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures. Experience 10 years of relevant experience * may vary based on technical training, certification(s), or degree Experience with Cloud Security Experience working with leading firewall, network scanning and authentication technologies Experience working with internet, web, application and network security techniques Experience in Agile methodology Experience in Jira to support development team in agile environment Experience working in Federal or State government environments Ability to work independently and remotely Certification: Active DoD 8570 IAT Level II Certification (Security+, CISSP, CISM) Travel Required: Little to no travel anticipated (may be required upon customer request)

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

Chief Information Security Officer (CISO) The Chief Information Security Officer is a senior executive responsible for defining and overseeing the enterprise-wide vision, strategy, and execution of information security programs that safeguard all organizational data and technology. Reporting directly to the CEO and/or Board of Directors, the CISO plays a pivotal role in managing security risk across both the Academic/Research and Clinical/Patient Care operations of the integrated university and hospital system. Position Details Salary: $250-2750k Type: Full-time, direct hire Location: Washington DC, onsite 3 days a week Strategic Direction & Executive Leadership Build and execute a long-term cybersecurity vision that supports the institution's academic initiatives, research priorities, and clinical mission. Lead and develop the security department, offering coaching, structure, and direction to cybersecurity personnel and partner teams. Establish the organization's security policies, governance models, and standards to ensure consistent risk management practices. Oversee financial planning for cybersecurity, including technology investments, service contracts, and budget management. Risk Oversight & Regulatory Alignment Supervise all risk assessments, compliance reviews, and internal/external audits, ensuring timely closure of any identified risks. Maintain adherence to all regulatory requirements applicable to both sectors: Hospital/Clinical: HIPAA/HITECH, CMS guidelines, and relevant state-level data protection rules. University/Research: FERPA, NIST SP 800-171 for research compliance, and PCI DSS for payment and donation processing. Direct the institution's incident management program-coordinating preparation, testing, and response efforts during cybersecurity events affecting either environment. Operational Security Management Lead the selection, deployment, and ongoing support of cybersecurity technologies (e.g., SIEM tools, firewalls, intrusion detection systems, endpoint protection). Oversee vulnerability assessments, penetration testing initiatives, and continuous monitoring activities. Work closely with IT, engineering, research teams, and clinical technology leaders to incorporate secure design principles into all systems and projects. Communication, Influence & Education Act as the organization's primary authority on cybersecurity matters for executives, trustees, faculty, students, clinicians, and administrative teams. Create and oversee training and awareness programs tailored to the specific needs of academic users, researchers handling sensitive data, and clinical professionals. Provide routine briefings to senior leadership and the Board on emerging risks, ongoing initiatives, and the overall security posture. Required Qualifications Education: Bachelor's degree in Computer Science, Information Systems, or a related technical field (Master's preferred). Professional Background: At least 10 years of progressive cybersecurity experience. Minimum 5 years serving in a senior leadership capacity (e.g., CISO, Security Executive, VP of Cybersecurity). Dual-sector experience: Strong understanding of both healthcare and higher-education cybersecurity and regulatory environments. Certifications: One or more required-CISSP, CISM, or equivalent. Key Skills & Core Competencies Advanced knowledge of enterprise security design, network and cloud protection strategies, and modern risk evaluation techniques. Strong familiarity with frameworks such as NIST Cybersecurity Framework, ISO 27001, and the MITRE ATT&CK model. Outstanding leadership presence with the ability to collaborate, influence, and guide diverse groups across a complex institution. Demonstrated success in leading security incident response efforts and handling high-pressure situations. Proven ability to implement practical, scalable security practices in environments balancing open research culture with rigorous patient data protection requirements.

The primary role of the Computer Network Defense Analyst (CNDA) level 2 is to be on the front lines of protecting critical systems, applying your expertise in cybersecurity, network defense, and traffic analysis to detect, respond, and prevent threats. Position Responsibilities Design and develop computer or information systems, including programming and network/cybersecurity solutions. Conduct vulnerability analysis, penetration testing, computer forensics, and information assurance. Perform systems engineering and network/system administration. Analyze data from multiple sources (intrusion detection systems, firewalls, traffic logs, host system logs) to: Identify potential vulnerabilities, Respond to active cyber events, and Defend against emerging threats Basic Qualifications (Required Skills & Experience) Bachelor's in Computer Science, Network Engineering, Information Technology or related STEM discipline or equivalent combination of education, and experience Minimum 5+ years of relevant experience An active TS/SCI with polygraph Salary Range: $95,000 - $130,000 The AV pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Determination of official compensation or salary relies on several factors including, but not limited to, level of position, job responsibilities, geographic location, scope of relevant work experience, educational background, certifications, contract-specific affordability, organizational requirements, alignment with local internal equity as well as alignment with market data. Clearance Level Top Secret with Poly ITAR Requirement: T his position requires access to information that is subject to compliance with the International Traffic Arms Regulations (“ITAR”) and/or the Export Administration Regulations (“EAR”). In order to comply with the requirements of the ITAR and/or the EAR, applicants must qualify as a U.S. person under the ITAR and the EAR, or a person to be approved for an export license by the governing agency whose technology comes under its jurisdiction. Please understand that any job offer that requires approval of an export license will be conditional on AeroVironment's determination that it will be able to obtain an export license in a time frame consistent with AeroVironment's business requirements. A “U.S. person” according to the ITAR definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements. Benefits: AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown. For more information about our company benefit offerings please visit: ********************************** We also encourage you to review our company website at ******************** to learn more about us. Principals only need apply. NO agencies please. Who We Are Based in California, AeroVironment (AVAV) is a global leader in unmanned aircraft systems (UAS) and tactical missile systems. Founded in 1971 by celebrated physicist and engineer, Dr. Paul MacCready, we've been at the leading edge of technical innovation for more than 45 years. Be a part of the team that developed the world's most widely used military drones and created the first submarine-launched reconnaissance drone, and has seven innovative vehicles that are part of the Smithsonian Institution's permanent collection in Washington, DC. Join us today in developing the next generation of small UAS and tactical missile systems that will deliver more actionable intelligence to our customers so they can proceed with certainty - and succeed. What We Do Building on a history of technological innovation, AeroVironment designs, develops, produces, and supports an advanced portfolio of unmanned aircraft systems (UAS) and tactical missile systems. Agencies of the U.S. Department of Defense and allied military services use the company's hand-launched UAS to provide situational awareness to tactical operating units through real-time, airborne reconnaissance, surveillance, and target acquisition. We are proud to be an EEO/AA Equal Opportunity Employer, including disability/veterans. AeroVironment, Inc. is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Qualified applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, protected veteran status, genetic data, sexual orientation, gender identity or other legally protected status. ITAR U.S. Citizenship required

Grow, innovate, and generate progress: Harness your expertise to solve challenges and celebrate success! JCS Solutions LLC (JCS) is seeking a Cyber Security Analyst to support our federal client. This position offers a great opportunity to be part of a high-performing team responsible for supporting a full complement of customer-centric technical support services. Must be a U.S. Citizen and able to obtain a Public Trust Clearance. If you are interested in a challenge and a great working environment, apply today! What's in it for you: Join a premier technology firm specializing in innovative solutions. Be part of a collaborative, inclusive, and innovative work culture. Enjoy tremendous growth potential in a high-performing team environment. A robust benefits package: Health, dental, and vision insurance Life insurance Short-and-long term disability Paid time off (PTO) 401k retirement plan with employer match Annual Professional Development Reimbursement Program And more! What you will do: Designs, develops, implements, and integrates information assurance architecture, systems, or system components for use within data center, network, and enclave environments. Ensures that the architecture and design of information systems are functional and secure. Supports: policy development and implementation; security engineering and security architecture; certification and accreditation processes and activities; continuity of operations planning, testing, and maintenance; security testing and analysis. Provides secure solutions to complex security issues. Upgrades systems by implementing and maintaining security controls. Participates on security and related working groups as required and at various levels. Develops and presents security solutions and recommendations to senior management for sites, systems, and networks. Keeps users informed by preparing performance reports and communicating system status. What you will bring: Four (4) years of cybersecurity experience Bachelor's degree in a relevant field of study Strong written and verbal communication skills (English) Demonstrated experience working with multiple assignments or multiple stakeholder groups Strong foundational understanding of information security and privacy practices and regulations How you will wow us: Hands-on experience using new and emerging cybersecurity technologies Hands-on experience using tools such as BigFix, Splunk, Tripwire, Cylance, Tenable, etc Experience running scans, reporting results, working with staff to support patching, documentation for SOPs and other areas, completing security waivers, validating identities for RSA tokens, triaging security tickets, monitoring Incident Response Team (IRT) requests, and working closely with desktop teams to resolve security issues Experience using a helpdesk ticketing system such as ServiceNow JCS Solutions (JCS) is a premier technology firm providing innovative solutions and high-quality services in defense, national security, and civilian sectors. JCS offers enterprise-wide solutions including cloud computing, software development, cybersecurity, digital modernization, and management consulting for the federal government. At JCS, we elevate our customers' mission through the application of technology and professional services. Our commitment to investing in our workforce drives innovation and progress for our clients, employees, and communities. JCS has been certified as a Great Place to Work four years in a row and was awarded Washington Post's Top Places to Work for 2024 and 2025. Our employees embody our core values, and we are looking for others who do too! Customer Experience: Strive for excellence and delight our clients Innovation: Embrace creative thinking to enable continual growth and powerful solutions Accountability: Take ownership of and pride in our actions and service delivery Inspire: Be inspired to be your best self and have fun in the process Integrity: Do the right thing, the right way, every time! Stewardship: The careful and responsible management of something entrusted to our care. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to any status protected by applicable federal, state, or local laws.

A day in the life: As an Intrusion Analyst, you'll support critical missions through analysis of data derived from various network and telecom communication systems. Your responsibilities will include (but not be limited to): Analyze target digital network data to discover, analyze, and document malicious or unauthorized activity using information collected from a variety of SIGINT and computer network defense resources Analyze metadata collected from tasked communications systems in order to identify, locate, and track targets, and to accurately report the intelligence gained from metadata analysis Categorize traffic as benign, suspicious, or malicious activity Document malicious tactics, techniques, and procedures (TTPs) Develop and implement mitigation strategies What you bring to the table: Level 1: A Bachelor's degree in a technical discipline and 2+ years of relevant experience Experience in malware analysis Programming experience in C, C#, Java, Perl or Python is preferred An active TS/SCI with Polygraph Level 2: A Bachelor's degree in a technical discipline and 5+ years of relevant experience OR a Master's Degree and 3+ years of relevant experience CISSP, CEH, Sec+, Net+, GIAC GREM and/or CREA Certification Experience in malware analysis An active TS/SCI with Polygraph Level 3: A Bachelor's degree in a technical discipline and 8+ years of relevant experience OR a Master's Degree and 6+ years of relevant experience CISSP, CEH, Sec+, Net+, GIAC GREM and/or CREA Certification Experience in malware analysis An active US Government TS/SCI security clearance with Polygraph Bonus Skills: Level 1: CISSP, GIAC GREM or CREA Certification is preferred The total package: Our total compensation package was strategically designed with our members in mind with the intention to: reward our members for their hard work and commitment to our customers' missions; allow members to share in Red Alpha's success as we continue to grow and expand our footprint; provide long-term career opportunities through stability and internal mobility; and provide the resources our members need to support themselves and their dependents in the form of a robust benefits package. Our total compensation package includes a competitive base salary and benefits such as health, life/disability, 401k, paid time off, professional development, and generous bonus programs. Please visit our benefits tab for additional information. Salary Range: Disclosed pay ranges are a general guideline, and are not a guarantee of a final salary or compensation. Our approach in determining final salaries takes into consideration a number of factors such as education, certifications, total years of relevant professional experience, actual level of expertise, and the responsibilities of the role itself. Based on the outlined roles, responsibilities, and requirements, the projected pay range for these positions are: Level 1: $80,000 - $125,000 Level 2: $120,000 - $160,000 Level 3: $140,000 - $180,000 Level 4: $165,000 - $215,000 Some of our additional perks and benefits include: Retire sooner than planned: Get closer to retirement with up to 10% in 401k contributions, immediately vested. Have a career AND a life: Enjoy up to 5 weeks of leave (25 days of personal time off) and 11 paid floating holidays. Stay at your best: As a member, we'll pay 100% of your premiums for comprehensive health, dental, and vision insurance. We'll also pay the majority of the premiums for your family. Let's not forge free access to a fully equipped state of the art gym! Keep current on new technologies and technological advancements : $5250 per year towards ongoing education, trainings, certifications, and maintaining professional memberships. Dress in style: Spend up to $300 per year on company branded merchandise featuring top quality brands such as Under Armour, Nike, Carhartt, YETI, etc. Enjoy the culture: Attend fun company events throughout the year such as our Oktoberfest, summer picnic, and annual holiday party! These are all in additon to your team events which may include happy hours, baseball games, snowboarding, RenFest, and more! Every day, our elite customers are pushing through "the grind" to defeat the enemy, even putting their lives on the line for our freedom. Rise to the occasion with us to deliver engineering excellence, to match their dedication to this nation. Join us as we bring digital transformation to the fight!

Tyto Athene is searching for a **Incident Detection Analyst** to support our customer in Washington, DC. **Responsibilities:** + Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs. + Conduct Incident Triage to prioritize newly identified security incidents for follow-on action. Identify all relevant data sources for initial collection to determine prioritization and resource application based on the criticality of the incident. Conduct immediate actions to evaluate and contain threats as necessary in accordance with the Judiciary Security Operations Center Incident Response Plan (JSOCIRP), Incident Response Operations Guide, and any other published SOC operations guides and manuals. Please see SLA SOC3. + Perform deep dive analysis (manual and automated) of malicious links and files. + Ensure efficient configuration and content tuning of shared SOC security tools to eliminate or significantly reduce false alert events. + Provide Executive Summary in accordance to IDT Operations Guide. + Provide 5W briefing slides for each event for leadership briefing. + Provide on demand time/trend/event based metric reports for SOC management. + Provide clear and actionable event notifications to customers. Notifications to customers will be clear and provide sufficient detail for a mid-level system or network administrator to understand what has occurred and what needs to take place to remediate the event. + Coordinate and provide direct support to local incident responders at the circuit, local court unit and program office levels. Provide notifications, guidance and end to end incident response support to local incident responders to ensure the appropriate actions are properly taken to detect, contain, eradicate and recover from identified security incidents. Coordinate with various other SOC teams to leverage the appropriate resources to enable local incident responders. Participate in course of action (COA) development and execution as necessary. + Document all communications and actions taken in response to assigned incidents in the SOC ticketing system. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through the Contractor management as necessary. + Directly support the Judiciary Special Tactics and Active Response (JSTAR) team and provide incident response support for critical security incidents as they arise. + Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors shall track all notifications in the SOC ticketing system and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the JSOCIRP escalation and reporting procedures. + Continuously review and update the Incident Handlers (IH) Guide and provide recommendations to annual updates for the JSOCIRP. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption. + Incident Responders must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework for the role of Cyber Defense Incident Responder **Qualifications** **Required:** + 6 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; + Ability to communicate clearly both orally and in writing. + Working experience with Splunk SIEM. + At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments **Education/Certifications:** + Bachelor's degree in information systems, Computer Science or related field is preferred. // Splunk Fundamentals I & II certification. **Clearance:** + Public Trust **Hours of Operation/Shift:** + Monday-Friday 3PM EST - 1130PM EST **About Tyto Athene** **Compensation:** + Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. **Benefits:** + Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave. Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide. At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto? Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law. Submit a Referral (******************************************************************************************************************************* **Location** _US-DC-Washington_ **ID** _2025-1522_ **Category** _Cybersecurity_ **Position Type** _Full-Time_

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** We have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value. Job Description Position Title : Network Sniffer Analysis Location : Mclean, VA Length : Full time / Permanent Position Work Status : US Citizen/ Green Card Holder/ EAD (GC) Required Skills • Strong data analysis ability with sniffer, packet, net flow data. • Perform sniffer data analysis to identify traffic profile among servers supporting specific business applications. • Familiar Opnet AppMapper or similar tool that helps identifies application dependency to map between the application and infrastructure components. Technologies Sniffer, Net flow, Gigamon, InfiniStream, Opnet AppMapper, Infoblox .., Software Application If you are qualified, available, planning to make a change, and have an interest in this or other projects with E*Pro, I would like to coordinate a time to talk with you at your earliest convenience. Please forward a recent version of your resume to my email address at [email protected] and the best time/day to follow up with you for discussion. Sincerely Yours, Ranjit Technical Recruiter | E*Pro Inc., Work: ************ x (234) Email: [email protected] E*Pro Inc. | 1000 Route 9 North, Suite 303 | Woodbridge Township, NJ 07095 Additional Information All your information will be kept confidential according to EEO guidelines.

Job Description SierTeK proudly serves our clients by providing expertise in the Program Management, Information Technology, and Administrative Support domains. Founded in 2007 as a minority and service-disabled veteran-owned company, we serve as prime- and subcontractor for a multitude of Federal Department of Defense contracts. By focusing on continual improvement, our services remain at the forefront of our industry, and we pride ourselves on delivering our services with the highest degree of integrity. SierTeK Ltd. is seeking a Visual Imagery Intrusion Detection System (VIIDS) to support an opportunity at Joint Base Andrews, MD. PLEASE APPLY DIRECTLY ON OUR WEBSITE: *********************** POSITION OVERVIEW SECTION The employee shall provide Tiers 2 and 3 support to install, configure, administer, manage, maintain/update and provide VIIDS support and repairs required to keep listed critical VIIDS systems and components fully operational. The employee shall ensure the VIIDS as a whole and all hardware and software components meet or exceed all applicable Government standards and regulations. The employee shall ensure all listed VIIDS, and components are kept updated to meet or exceed all industry standards and are fully functional. The employee shall maintain and keep current any relevant Government documentation on a SharePoint site or similar web/application-based tracking tool (on premise) for all VIIDS. Essential Job Functions Provide onsite emergency support to resolve any issues within 1 hour of notification by the Government to include outside normal duty hours. The Government will determine what constitutes an emergency on a case-by-case basis. Prepare and maintain project planning documentation, create, and maintain network maps/diagrams (static and active/dynamic which are maintained/updated continuously), and presentation material. Acceptable Formats are Adobe Acrobat and Visio. The employee shall provide these materials to the Government within three (3) business days of the request and follow all required document classification requirements. The employee shall provide a written monthly status report on the VIIDS repair and maintenance activities in a mutually agreed upon format. Qualifications Minimum Position Requirements 3+ years of experience in network design and administration and possess Cisco or equivalent certification, e.g., CCNA, CCNP. Individual(s) shall have advanced understanding of server maintenance and operation. Honeywell Vindicator Intrusion Detection System, Access Control, and Vindicator Command and Control certification and maintain active certification with Honeywell. Certification shall be maintained for the duration of the task order. Top Secret with capability of being upgraded to Yankee White SierTeK is an equal opportunity employer and values diversity. Employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, gender identity and sexual orientation. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, and training. If you need assistance or accommodation due to a disability, you may contact us at 1+************.

SierTeK proudly serves our clients by providing expertise in the Program Management, Information Technology, and Administrative Support domains. Founded in 2007 as a minority and service-disabled veteran-owned company, we serve as prime- and subcontractor for a multitude of Federal Department of Defense contracts. By focusing on continual improvement, our services remain at the forefront of our industry, and we pride ourselves on delivering our services with the highest degree of integrity. SierTeK Ltd. is seeking a Visual Imagery Intrusion Detection System (VIIDS) to support an opportunity at Joint Base Andrews, MD. PLEASE APPLY DIRECTLY ON OUR WEBSITE: *********************** POSITION OVERVIEW SECTION The employee shall provide Tiers 2 and 3 support to install, configure, administer, manage, maintain/update and provide VIIDS support and repairs required to keep listed critical VIIDS systems and components fully operational. The employee shall ensure the VIIDS as a whole and all hardware and software components meet or exceed all applicable Government standards and regulations. The employee shall ensure all listed VIIDS, and components are kept updated to meet or exceed all industry standards and are fully functional. The employee shall maintain and keep current any relevant Government documentation on a SharePoint site or similar web/application-based tracking tool (on premise) for all VIIDS. Essential Job Functions Provide onsite emergency support to resolve any issues within 1 hour of notification by the Government to include outside normal duty hours. The Government will determine what constitutes an emergency on a case-by-case basis. Prepare and maintain project planning documentation, create, and maintain network maps/diagrams (static and active/dynamic which are maintained/updated continuously), and presentation material. Acceptable Formats are Adobe Acrobat and Visio. The employee shall provide these materials to the Government within three (3) business days of the request and follow all required document classification requirements. The employee shall provide a written monthly status report on the VIIDS repair and maintenance activities in a mutually agreed upon format. Qualifications Minimum Position Requirements 3+ years of experience in network design and administration and possess Cisco or equivalent certification, e.g., CCNA, CCNP. Individual(s) shall have advanced understanding of server maintenance and operation. Honeywell Vindicator Intrusion Detection System, Access Control, and Vindicator Command and Control certification and maintain active certification with Honeywell. Certification shall be maintained for the duration of the task order. Top Secret with capability of being upgraded to Yankee White SierTeK is an equal opportunity employer and values diversity. Employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, gender identity and sexual orientation. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, and training. If you need assistance or accommodation due to a disability, you may contact us at 1+************.

We're seeking a talented and motivated Network and Security Analyst to join our team. In this role, you will lead infrastructure upgrades and strengthen our IT security. This role is perfect for a senior-level professional ready to own key projects and grow into a future leadership role. Key Responsibilities Lead the setup and deployment of new office network infrastructure (firewalls, switches, Wi-Fi) Assess and improve existing IT systems and processes Coordinate with vendors for cabling, equipment, and installation Set up and recommend equipment for new hires Manage access control systems, surveillance integration, and UPS/power solutions Evaluate and improve domain/web infrastructure Ensure HIPAA and data privacy compliance in all IT operations Required Qualifications Bachelor's degree or equivalent with industry certifications (e.g., CCNA, Network+, Security+) 5-10+ years in IT infrastructure, networking, or systems analysis Hands-on experience with firewalls, structured cabling, wireless APs, UPS, and access control Familiar with HIPAA, PII, and cybersecurity best practices Experience with Microsoft 365, Power BI, and Asana (preferred) Preferred Qualifications Healthcare or regulated industry experience Why Join Vheda Health? At Vheda Health, we invest in our team's wellbeing with a comprehensive benefits package: Compensation: Competitive salary within the published range plus performance bonus and equity opportunities Healthcare: Comprehensive medical, dental, and vision coverage Financial Security: 401(k) retirement plan, voluntary life insurance, short and long-term disability Work-Life Balance: Unlimited paid time off and 11 paid company holidays Community: Engaging team events and activities throughout the year

Network Security AnalystLOCATIONAnnapolis Junction, MD 20701CLEARANCETS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARYWe are looking for a detail-oriented and proactive Network Security Analyst to join our cybersecurity team. In this role, you will monitor, analyze, and protect the organization's network infrastructure against potential threats and vulnerabilities. You will be responsible for identifying security risks, responding to incidents, and implementing measures to safeguard sensitive information. Collaborating with cross-functional teams, you will play a key role in enhancing the organization's overall network security posture. The ideal candidate is passionate about cybersecurity, thrives in a dynamic environment, and is committed to staying ahead of emerging threats and technologies. *** Please note that our job openings are dynamic and can open or close quickly (much faster than we can publish). If you do not see an opening you are looking for, know that we see almost all types of positons. We strive to keep our listings up to date, but please consider submitting your current resume. Our team will work with you to identify the most recent opportunities that align with your skillset and career goals. We look forward to you joining our family. *** SIMILAR CAREER TITLESCybersecurity Analyst, Information Security Analyst, Security Operations Center (SOC) Analyst, Network Defense Analyst, Threat Intelligence Analyst, IT Security Specialist, Vulnerability Analyst, Incident Response Analyst, Security Monitoring Analyst, Cyber Defense Analyst, Infrastructure Security Analyst, etc.DEGREE (Level Desired) Bachelor's DegreeALTERNATE EXPERIENCEGeneral comment on degrees: Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some contracts give 4-5 years experience credit for a Bachelor's Degree. Some contracts give 2 years experience credit for a Master's Degree. We will work with you to find the right fit.POSITION RESPONSIBILITIES Monitor network traffic for anomalies Investigate and resolve security incidents Maintain and update security systems Generate and analyze security reports Assist in developing incident response plans Ensure adherence to security policies REQUIRED SKILLS Proficiency in monitoring tools like IDS/IPS Strong analytical and problem-solving skills Understanding of network protocols (TCP/IP, DNS) Knowledge of malware analysis tools Ability to interpret security logs Familiarity with vulnerability scanning tools DESIRED SKILLS Experience with advanced threat detection Knowledge of forensics methodologies Understanding of regulatory frameworks (e.g., GDPR, HIPAA) Experience with SOC workflows Familiarity with automation and scripting Knowledge of threat intelligence platforms PLUG IN to CYMERTEK - And design your future... YOUR FOREVER CAREER STARTS HERE Are you looking for more than just a job? Join a company where employees are treated like family, and your career is built to last. We are a growing small business and a trusted federal contractor offering full scope consulting services in information technology, cybersecurity, and analyst workforce development. At our company, you come first. We're committed to creating an environment where you'll thrive professionally and personally. We provide meaningful, challenging work using cutting-edge technologies while investing in your growth and success. With direct access to company leadership, a laid-back and inclusive atmosphere, and exceptional work-life balance, you'll feel valued every day. We also believe in taking care of our family - both yours and ours. Our benefits are phenomenal, family-friendly, and designed with your well-being in mind. From employee and family events to career-long support, we create a community you'll never want to leave. Ready to make your next move the best one? Join us and experience the difference. BENEFITS Excellent Salaries Flexible Work Schedule Cafeteria Style Benefits 10% - 401k Matching (Vested Immediately) Additional 401k Profit Sharing 30 days Paid Leave/Holiday (No Use or Lose!) The day off for your birthday Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus) HSA/FSA AFLAC Long Term/Short Term Disability - 100% employee coverage. No cost to you. Life Insurance - 100% employee coverage. No cost to you. Additional Discretionary Life Insurance Paid Training No long, wordy reviews with tons of paperwork!!! Referral bonus program with recurring annual payments HOW TO APPLY Email us at ***************** or apply today: **************** Want to see what our employees think? Click here . EQUAL OPPORTUNITY EMPLOYER STATEMENT Cymertek is proud to be an Equal Opportunity Employer committed to fostering an inclusive and diverse workplace. We embrace and celebrate differences in our employees, recognizing that a diverse workforce enhances our creativity, innovation, and overall success. At Cymertek, employment decisions are made based on merit, qualifications, and business needs without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by applicable laws. We believe in creating an environment where all individuals are treated with respect and dignity, and where opportunities for professional growth and advancement are accessible to everyone, regardless of background or identity.

We are currently seeking a Cybersecurity Engineer to become part of the Federal Strategic Cyber group. Location: Arlington, VA. This is a full-time, working on-site role. The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges. About the Role Support the Security Standards & Baselines (SSB) section within the Technology, Innovation, and Engineering (TIE) Office. Identify and provide solutions to enhance and/or streamline processes and automate work flow. Need to have a strong technical background and expertise in various areas of cybersecurity. Promote awareness of security issues among management and ensure sound security principles are reflected in organizations' visions and goals. Communicate complex security concepts to both technical and non-technical stakeholders, including senior management. Possess strong problem-solving and decision-making abilities to guide the organization in making informed security decisions. Perform extensive research and documentation of security threat vectors. Provide guidance and coaching to team members. Create bulletins, alerts, and/or advisories related to published or developmental standards and/or security principal documents. Ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services. Evaluate a wide array of existing, new, modified, and/or emerging technologies and develop recommended security configuration baselines documents that implement Departmental policy, technical security solutions, and industry best practices in alignment with Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) as much as possible. Respond to various technical and policy questions from a wide range of customers/users with guidance and clarifications. Promote awareness of cybersecurity standards and principles among the customer stakeholders, coworkers, and the Department users. Collaborate with fellow team members and various internal and external stakeholders to share information and knowledge to establish and maintain a productive line of communication. Streamline processes to improve efficiency of Mission goals. Manage information and updates in SharePoint repositories. Keep awareness of items involving fellow team members to provide back up support and coverage as needed. Qualifications: Bachelor's degree and a minimum of 5 years' of relevant experience. An additional 4 years of experience will be considered in lieu of degree/education. Either possess or obtain prior to start date ONE of the following certifications: CAP, CASP+ CE, CCISO, CCNA-Security, CISM, CISSP (or Associate), CISSP (or Associate), CND, CSSLP, CySA+, GICSP, GSEC, GSLC, Security+ CE, SSCP, PPDA, Agile IC, SNOW App Dev. Experience with DISA STIG - Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG). Experience developing and executing research plans. Experience working with Windows Server on an enterprise level. Experience managing Active Directory in a multi-domain environment. Experience working with server/application virtualization on an enterprise. Demonstrated excellence in business acumen, team orientation and strong customer service skills. U.S. citizenship required. Active Secret security clearance. Ability to obtain a final Top Secret security clearance. Highly Desired: Experience with process automation. Technical writing skills. Engineering/maintaining database infrastructure including SQL and Oracle experience. Active Directory Federation Services (ADFS), Azure, Active Directory experience. Experience developing and managing virtualized IT systems. Networking technologies experience. Configuration and/or administrating enterprise mobile device deployments experience. Experience working with Red Hat Enterprise Linux servers on an enterprise level. For any questions regarding this job announcement or the status of your application, please contact our Director of Recruiting, Mr. Brian Jennings, via email at ********************.

Vulnerability Management Specialist will perform the following: Defines, maintains, and enforces application security best practices Conduct vulnerability assessment and manual/automated code reviews Demonstrate vulnerabilities to application owners and provide mitigation recommendations Proficient in any SAST, DAST, and OSA tools. In depth knowledge with any programming language like Java, .NET, C#, etc. Performs and conducts penetration tests and manual/automated code reviews. Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc. Identify AppSec related tools/conduct tool analysis, and provide recommendations Vulnerability Management Specialist will have at least five years of working knowledge and hands-on experience with five or more of the following tools: BurpSuite, SonarQube, OWASP/Maven, Fortify, Tenable, STIG Viewer, AWS Security Hub, AWS Inspector, ePO, ServiceNow, Jira, ADO, eMASS or equivalent GRC Tools. Experience in infrastructure and container scanning Minimum Qualifications Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline and a minimum of 5 years of working knowledge and hands-on equivalent relevant experience. Candidates must have a Security+ certification or similar Candidates must have an active secret security clearance. Position requires on-site work in Alexandria VA 2-3 days/week. Other Job Specific Skills Working knowledge and hands-on experience with the following: BurpSuite SonarQube OWASP/Maven Fortify, Tenable STIG Viewer AWS Security Hub AWS Inspector ePO, ServiceNow Jira ADO eMASS or equivalent GRC Tools