Cyber security analyst jobs in District of Columbia

Central Intelligence Agency Print Share * * * * Save * This job is open to * Requirements * How you will be evaluated * Required documents * How to apply Cyber Threat Analysts conduct all-source analysis of foreign Cyber intentions and capabilities in support of U.S. Government efforts to counter threats to U.S. national security interests. Summary Cyber Threat Analysts conduct all-source analysis of foreign Cyber intentions and capabilities in support of U.S. Government efforts to counter threats to U.S. national security interests. Overview Help Accepting applications Open & closing dates 10/01/2025 to 09/30/2026 Salary $63,307 to - $156,755 per year Pay scale & grade GS 8 - 15 Location Many vacancies in the following location: Washington, DC Remote job No Telework eligible No Travel Required Occasional travel - You may be expected to travel for this position. Relocation expenses reimbursed Yes-You may qualify for reimbursement of relocation expenses in accordance with agency policy. Appointment type Permanent Work schedule Full-time Service Excepted Promotion potential None Job family (Series) * 0132 Intelligence Supervisory status No Security clearance Sensitive Compartmented Information Drug test Yes Financial disclosure Yes Bargaining unit status No Announcement number 23-11942190-6868/AHD Control number 722102800 This job is open to Help The public U.S. Citizens, Nationals or those who owe allegiance to the U.S. Federal employees - Competitive service Current federal employees whose agencies follow the U.S. Office of Personnel Management's hiring rules and pay scales. Federal employees - Excepted service Current federal employees whose agencies have their own hiring rules, pay scales and evaluation criteria. Videos Duties Help As a Cyber Threat Analyst at CIA, you will conduct all-source analysis of foreign cyber intentions and capabilities in support of U.S. Government efforts to counter threats to U.S. national security interests. In particular, you will help identify, monitor, and counter threats posed by foreign cyber actors against US information systems, critical infrastructure, and other cyber-related interests. Analysts will apply their foreign affairs, scientific and/or technical knowledge to solve complex intelligence problems, produce short-term and long-term written assignments, and brief U.S. policymakers and others in the U.S. cyber defense community. You will have the opportunity to maintain and broaden your professional ties throughout your career through academic study, collaboration with Intelligence Community peers, and attendance at professional meetings. Opportunities exist for foreign and domestic travel, language training, and analytic tradecraft and management training. You will have an opportunity to develop deep substantive expertise and participate in broadening assignments with other offices in the Agency and across the U.S. Government. Requirements Help Conditions of employment * You must be physically in the United States or one of its territories when you submit your resume via MyLINK. * You must be registered for the Selective Service, if applicable. * You must be a U.S. citizen and at least 18 years of age (dual-national US citizens are eligible). * You must be willing to move to the Washington, DC area. * You must successfully complete a thorough medical and psychological exam, a polygraph interview, and a comprehensive background investigation. * For further information, please visit: **************************************** Qualifications Minimum Qualifications Interested candidates should be passionate about the ideals of our American republic, committed to upholding the rule of law and the U.S. Constitution, and committed to improving the efficiency of the Federal government. Hiring decisions will not be based on race, sex, color, religion, or national origin. A mix of international and technical studies, to include a bachelor's or master's degree in the following fields: * International Relations, Foreign Affairs, or Security Studies * Cyber Security * Computer Science * Digital Forensics * Telecommunications * Information Assurances * Interest in international affairs * Awareness of U.S. national security interests * At lease a 3.0 GPA on a 4-point scale is preferred * Ability to work under tight deadlines * Excellent analytic abilities and relevant experience * Strong critical thinking, problem solving skills, and ability to think creatively * Ability to meet the minimum requirements for joining CIA, including U.S. citizenship and a background investigation Desired Qualifications * Foreign language proficiency * Strong verbal presentation skills * Demonstrated ability to write clear, concise text * Research experience in international affairs * Ability to work in a team environment * Interest in a career that requires regular writing assignments Education * Bachelor's or master's degree in one of the following fields: * Computer Science * Computer Engineering * Digital Forensics * Cyber Security * Telecommunications * Information Assurances * Security Studies * A mix of international and technical studies * At least a 3.0 GPA on a 4-point scale is preferred Additional information Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution. Benefits Help A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new window Learn more about federal benefits. Review our benefits Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered. How you will be evaluated You will be evaluated for this job based on how well you meet the qualifications above. You will be evaluated for this job based on how well you meet the qualifications of the specific position to which you are applying. For further information about this position, please visit: ***************************** Benefits Help A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new window Learn more about federal benefits. Review our benefits Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered. Required documents Required Documents Help For further information about this position, please visit: ***************************** If you are relying on your education to meet qualification requirements: Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. How to Apply Help This post is for viewing purposes only. To get started, please visit ***************************** where you can read more about this position and express your interest in up to four jobs. Upon expressing your interest, you will be taken to MyLINK, which allows you to submit your resume and job rankings and provide basic information about yourself. Agency contact information Central Intelligence Agency Website *********************** Next steps After you express interest for up to four positions on cia.gov/careers, a CIA recruiter may contact you for further discussion if your qualifications meet our needs. See the MyLINK FAQs on our website for more information. Fair and transparent The Federal hiring process is set up to be fair and transparent. Please read the following guidance. Criminal history inquiries Equal Employment Opportunity (EEO) Policy Financial suitability New employee probationary period Privacy Act Reasonable accommodation policy Selective Service Signature and false statements Social security number request Required Documents Help For further information about this position, please visit: ***************************** If you are relying on your education to meet qualification requirements: Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.

Requirements - Bachelor's degree in Cybersecurity, Information Technology, or a related field is preferred. - Relevant certifications (CISSP, CEH, etc.) are a plus. - Previous experience in a cybersecurity role, especially within government or federal organizations, is desired. Salary Description 100,000 - 120,000

We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Clearance: T5/6C High Risk Public Trust (required) Summary:Provide continuous monitoring, vulnerability assessment, incident response, and compliance documentation for OIG systems. Ensure compliance with NIST 800-53, FedRAMP, and FISMA standards. Key Duties: Monitor network activity with SIEM tools; investigate and report security incidents. Conduct vulnerability scans; implement patches and remediation. Support POA&Ms, ATO documentation, and FedRAMP compliance. Assist with contingency planning and incident response exercises. Qualifications: Bachelor's degree in Cybersecurity, IT, or related field. 8+ years of cybersecurity experience. Certifications: CISSP, CEH, CCSP, or equivalent.

Cyberspace Solutions, a Crimson Phoenix company seeks an exceptionally qualified Mid Cyber Analyst with a TS/SCI clearance to support an ongoing government customer. Crimson Phoenix supports the US national security community and its allies with a wide range of analytic and cyber effect solutions that accelerate informed decision made in the telephony, IP messaging, cyber, and multi-source arenas. Our customers require insight from the endless volume and variety of data to make critical, high integrity decisions at mission speed. We are an innovative solutions company striving to be a global leader in multi-source data collection, predictive analysis and mobile/network surveillance (4G/5G) and assurance, from the Edge of Collection to the Core of Exploitation, Tactical to Strategic, Endpoint to the Enterprise. Responsibilities The contractor shall provide on-site functional and technical intelligence support to the DIA Intelligence Integration Centers including the collection, analysis, and production of all-source intelligence pertaining to foreign national Cyber MILCAP and foreign use of the Cyberspace Domain in compliance with DIA's SOP for the Cyber FPA, DIA ADO, ICD 203 and 206 sourcing, analysis, production, and DIA tradecraft standards. Qualifications Clearance: Top Secret//SCI Polygraph: Counterintelligence (CI) polygraph HS Diploma or GED and 7+ years of experience with analysis or Bachelor's degree and 3+ years of experience with analysis Experience with all-source intelligence analysis and production on foreign national cyber military capabilities and foreign use of cyberspace, including but not limited to doctrine, intent, operations, supporting services and infrastructure, and vulnerabilities Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Preferred Qualifications: Experience with authoring current DoD product lines and utilizing ICD 203 tradecraft standards Experience with producing vector map products and conducting network analysis using geo enabled processes Experience with data analytics, analysis, and visualization Knowledge of the intelligence cycle Knowledge of one of the following AORs: the Americas, the Asia-Pacific, Eurasia, or the Middle East Equal employment opportunity employer: All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Crimson Phoenix is committed to providing veteran employment opportunities to our service men and women.

Join the Nalley Consulting team as a full-time Cyber Analyst at DIA HQ. Cyber Analyst LCAT: Mid Shift work: No Clearance requirement: TS/SCI clearance; CI poly or willingness to take a polygraph Description Conducts analysis using intelligence and information from multiple sources to assess, interpret, forecast, and explain a range of national security issues and developments specific to the cyber domain. Provides analytic support to collections, operations, investigations, and other defense intelligence analytic requirements. Basic Qualifications 3+ years of experience in IT, in cybersecurity, or in cyber-focused intelligence analysis Knowledge of computer and IT infrastructure Understanding of computer network vulnerabilities and access vectors Knowledge of the IC and Combatant Command environment Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Education and certifications Bachelor's degree and 3+ years of experience in intelligence or cybersecurity OR 7+ years of experience in intelligence or cybersecurity in lieu of degree CompTIA+ certificate preferred but not required Additional Qualifications Knowledge of the intelligence cycle Experience with authoring DoD product lines and utilizing ICD 203 tradecraft standards Experience with data analytics, analysis, and visualization ABOUT NALLEY CONSULTING Nalley Consulting is a Service Disabled Veteran Owned Small Business working with prime partners to staff Department of Defense and Intelligence Community positions. Created by a U.S. Navy intelligence veteran, Nalley Consulting has grown to include multiple IDIQ vehicles in several states. Nalley Consulting fringe benefits include: Excellent medical, dental, and vision benefits PTO 11 paid federal holidays Tuition assistance Paid military-reserve leave Paid parental leave for birth or adoption 401k matching up to 5 percent of the base salary Flex time Company-paid short-term disability, long-term disability, and life insurance.

Tyto Athene is searching for a **Incident Detection Analyst** to support our customer in Washington, DC. **Responsibilities:** + Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs. + Conduct Incident Triage to prioritize newly identified security incidents for follow-on action. Identify all relevant data sources for initial collection to determine prioritization and resource application based on the criticality of the incident. Conduct immediate actions to evaluate and contain threats as necessary in accordance with the Judiciary Security Operations Center Incident Response Plan (JSOCIRP), Incident Response Operations Guide, and any other published SOC operations guides and manuals. Please see SLA SOC3. + Perform deep dive analysis (manual and automated) of malicious links and files. + Ensure efficient configuration and content tuning of shared SOC security tools to eliminate or significantly reduce false alert events. + Provide Executive Summary in accordance to IDT Operations Guide. + Provide 5W briefing slides for each event for leadership briefing. + Provide on demand time/trend/event based metric reports for SOC management. + Provide clear and actionable event notifications to customers. Notifications to customers will be clear and provide sufficient detail for a mid-level system or network administrator to understand what has occurred and what needs to take place to remediate the event. + Coordinate and provide direct support to local incident responders at the circuit, local court unit and program office levels. Provide notifications, guidance and end to end incident response support to local incident responders to ensure the appropriate actions are properly taken to detect, contain, eradicate and recover from identified security incidents. Coordinate with various other SOC teams to leverage the appropriate resources to enable local incident responders. Participate in course of action (COA) development and execution as necessary. + Document all communications and actions taken in response to assigned incidents in the SOC ticketing system. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through the Contractor management as necessary. + Directly support the Judiciary Special Tactics and Active Response (JSTAR) team and provide incident response support for critical security incidents as they arise. + Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors shall track all notifications in the SOC ticketing system and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the JSOCIRP escalation and reporting procedures. + Continuously review and update the Incident Handlers (IH) Guide and provide recommendations to annual updates for the JSOCIRP. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption. + Incident Responders must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework for the role of Cyber Defense Incident Responder **Qualifications** **Required:** + 6 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; + Ability to communicate clearly both orally and in writing. + Working experience with Splunk SIEM. + At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments **Education/Certifications:** + Bachelor's degree in information systems, Computer Science or related field is preferred. // Splunk Fundamentals I & II certification. **Clearance:** + Public Trust **Hours of Operation/Shift:** + Monday-Friday 3PM EST - 1130PM EST **About Tyto Athene** **Compensation:** + Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. **Benefits:** + Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave. Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide. At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto? Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law. Submit a Referral (******************************************************************************************************************************* **Location** _US-DC-Washington_ **ID** _2025-1522_ **Category** _Cybersecurity_ **Position Type** _Full-Time_

Job DescriptionWhy Argo Cyber Systems At Argo, you'll be part of a mission-driven, veteran-founded cybersecurity team protecting America's most critical systems. We combine hands-on technical excellence with operational precision to outpace the threat. Join us to defend, detect, and innovate at the cyber edge. Argo Cyber is supporting a U.S. Government customer on a mission-critical cyber operations program. We are seeking a ServiceNow SecOps Business Process / Technical Consultant to design, develop, and implement ServiceNow Security Operations (SecOps) solutions that enhance the customer's ability to detect, respond, and remediate security threats. This hybrid role combines ServiceNow SecOps development, integration engineering, and process consulting. The ideal candidate will work directly with security stakeholders, translate mission requirements into technical designs, and deliver scalable, secure, and automated SecOps capabilities within the ServiceNow platform. Responsibilities Include: • Designing, prototyping, and implementing ServiceNow SecOps applications, including: o Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks. o Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation. o Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards. o Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows. • Supporting the customer's roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards. • Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server. • Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions. • Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards. • Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions. • Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture. • Supporting incident resolution, troubleshooting, and sustainment of the ServiceNow SecOps environment. • Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment. Required Skills: • U.S. Citizenship required. • Must be able to obtain DHS program suitability and a TS/SCI clearance. • 8+ years of software development, IT security, or IT systems engineering experience. • Minimum 4+ years of ServiceNow experience, with at least 2+ years focused on SecOps applications (SIR, VR, CC, or TI). • Strong knowledge of ServiceNow administration, advanced configuration, and custom application development. • Experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms. • Hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server. • Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO). • Familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK). • Strong communication, presentation, and documentation skills for technical and business stakeholders. Desired Skills: • Experience supporting DHS, DoD, or Intelligence Community customers. • Experience deploying future-state SecOps processes including incident triage, vulnerability management, compliance automation, and threat intel workflows. • Familiarity with Splunk use cases for security operations and event correlation. • Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence). • Strong problem-solving, analytical, and consulting skills in complex security environments. • Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired. Desired Certifications: • ServiceNow Certified System Administrator (CSA). • ServiceNow Certified Application Developer. • ServiceNow Certified Implementation Specialist - SecOps (SIR, VR, or CC). • ITIL v4 Foundation certification (or willingness to complete within one year). • DoD 8570.1-M Compliance at IAT Level I (e.g., Certified Information Systems Security Professional (CISSP)) certification highly desired Argo Cyber systems is an Equal Opportunity Employer! Background & Drug Screening Disclaimer © Argo Cyber Systems, LLC - All Rights Reserved Argo Cyber Systems, LLC is committed to maintaining a safe, secure, and trusted workplace for all employees and our federal clients. Employment with Argo Cyber Systems is contingent upon successful completion of all required background investigations and pre-employment screenings, which may include, but are not limited to: Criminal background checks (federal, state, and local) Employment and education verification Reference checks Drug screening (in compliance with federal and state law) Security clearance verification (as applicable for classified positions) Candidates selected for employment in positions requiring access to sensitive or classified information may also be subject to additional U.S. Government background investigations and security adjudication processes, including DHS Entry on Duty (EOD) suitability or equivalent federal clearance requirements. Argo Cyber Systems reserves the right to disqualify or rescind an offer of employment based on the results of any background or screening process that, in the company's judgment, may impact an individual's ability to perform essential job functions or meet contractual obligations. All background investigations and screenings are conducted in accordance with applicable federal, state, and local laws, including the Fair Credit Reporting Act (FCRA). Candidates will be notified of their rights and provided an opportunity to review and dispute any adverse findings before final employment determinations are made. Job Posted by ApplicantPro

C2 Labs, Inc. - ************** C2 Labs partners with clients on their IT transformation journey via data-driven IT strategic planning, application rationalization and redevelopment, and innovative research and development of new industry standards and technologies. C2 Labs provides specialized products and services that allow our clients to innovate with speed and scale seamlessly while maintaining a robust and effective security posture. C2 has a unique approach to client success enablement that is empowered by ART (Application Rationalization and Transformation) and SCIENCE (Strategic Client Interview and Engineering to assess, design, and implement Cloud Ecosystems) to couple creative new approaches/technologies with proven methodologies that deliver rapid results. Must be a US Citizen and capable of passing a Public Trust background investigation. Job Summary: As aInformation Assurance Analyst 2n at C2 Labs you will work with a team of security analysts and engineers to implement regulatory frameworks such as the Federal Information Security Modernization Act (FISMA), the Federal Risk Authorization Management Program (FedRAMP) and the State Risk Authorization Management Program (StateRAMP). You will leverage GRC tools to develop security authorization package documentation such as the System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), and the Plan of Actions & Milestones (POA&M) in human readable and machine-readable formats. You will draft security control implementation statements with enough detail to facilitate the testing of the controls and will develop supporting documentation including the Contingency Plan (CP), Incident Response Plan (IRP), and Configuration Management Plan (CMP). As a GRC Analyst 3 your primary responsibility will be to ensure the timely development of the security authorization package in accordance with C2 Labs quality standards. Must be a US Citizen and capable of passing a Public Trust background investigation. Job Responsibilities: Categorize systems in accordance with Federal Information Processing Standards (FIPS) 199 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60. Select and tailor security controls by applying scoping guidance in accordance with NIST SP 800-53 and FedRAMP specific guidance. Document the implementation characteristics for security controls with enough detail to permit the testing of the security control by an independent assessor/Third Party Assessment Organization (3PAO). ● Develop, review, and update security authorization package documentation to include the System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Governance Risk and Compliance (GRC) Analyst 3 Report (SAR), and Plan of Actions and Milestones (POA&M). ● Develop, review, and update supporting documentation including the Contingency Plan (CP), Incident Response Plan (IRP), and Configuration Management Plan (CMP). ● Conduct Security Impact Assessments (SIAs) on changes to information systems. ● Create the Control Implementation Summary (CIS)/Customer Responsibility Matrix (CRM) workbook outline Cloud Service Provider (CSP) and customer responsibilities. ● Develop, review, and update policies and procedures to support the implementation of the NIST 800-53 control families. ● Leverage the next generation of Governance Risk and Compliance (GRC) tools to automate the creation of the SSP. ● Review current security assessment and authorization processes and provide recommendations for improvement. ● Develop Risk Assessment Reports (RAR). ● Provide guidance on NIST 800-53, FedRAMP, and StateRAMP control requirements. ● Develop and deliver training to educate stakeholders on the various tasks and activities associated with the RMF. Qualifications: ● Minimum 3-5 years' experience in IT consulting specializing in Governance, Risk, and Compliance using the RMF. ● CISSP, CISM, or CAP certification is preferred ● Excellent communication and interpersonal skills, with the ability to build a rapport and trust with clients. ● Knowledge of the cybersecurity industry to include regulatory frameworks such as the National Institute of Standards in Technology (NIST) Risk Management Framework (RMF), Federal Risk Authorization Management Program (FedRAMP), Department of Defense (DoD) Impact Levels (2-6), and the State Risk Authorization Management Program (StateRAMP). Governance Risk and Compliance (GRC) Analyst 3 ● Possesses an in-depth understanding of the FedRAMP authorization process and associated templates and deliverables. ● Must have experience creating security authorization package documentation (i.e., SSP, SAP. SAR, & POA&M) and managing system authorization artifacts for a FedRAMP authorized cloud environment. ● Candidates must be United States citizens and able to successfully complete and maintain a Public Trust security clearance. ● Background check and unannounced drug testing required. ● This position is onsite in Washington, DC, with occasional travel (up to 25%) for client meetings and work assignments. Working knowledge of: ● NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations ● FedRAMP Security Controls Baselines (i.e., Low, Moderate, High, and Li-SaaS) ● StateRAMP Security Control Baselines (i.e., Low Impact Ready, Low Impact Authorized, Moderate Impact Ready, Moderate Impact Authorized) ● NIST SP 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems ● Must have strong technical writing skills. ● Must be able to work independently under only general direction. ● Must be able to interpret and provide consulting expertise on FedRAMP security requirements. ● Must have extensive knowledge in reviewing, analyzing, and documenting the secure implementation of logical controls, physical controls, environmental controls, personnel security, and incident handling. ● Experience preparing monthly continuous monitoring deliverables (e.g., vulnerability scans, POA&Ms, and asset inventory) for submission to the FedRAMP PMO. EOE STATEMENT: We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment drug screen.

Job Title: Cyber Security Specialist - ATO Support Duration: Full-Time. Need IRS MBI Clearance. Navigate the IRS ATO process to include preparing ATO documentation Review legacy BMF documentation and conduct analysis of what could be re-used for BMF Mod (see attached overview of BMF program) Prepare ATO documentation and coordinate with security partners to ensure documentation is correct, reviewed, and signed Update IMS on weekly basis to reflect ATO process Coordinate with ISSO, clients, vendor/teaming partners to ensure Security Change Management Requests are prepared and submitted; track progress

Full-time Description NetCentrics is seeking a highly motivated and technically skilled Mid-Level Cyber Defense Analyst to join our cybersecurity operations team. This role is responsible for supporting enterprise-wide cyber incident response and defense initiatives. The ideal candidate will have a strong background in threat analysis, intrusion detection, and real-time incident handling, and will be capable of correlating data from multiple sources to identify vulnerabilities and recommend effective remediation strategies. About Us: At NetCentrics, we proudly hold a distinguished position as a leader in cybersecurity, cloud, digital transformation, and mission support. With an esteemed clientele that includes the DoD, DHS, Federal Civilian Agencies, and the Intelligence Community, our impact on national security is undeniable. We are a diverse group of intellectually curious people, solving hard problems, and living by our core values while bonded by the shared vision to secure our nation - join us! Key Responsibilities: Coordinate and execute incident response functions across enterprise systems. Provide expert technical support to cyber defense technicians to analyze, resolve, and document incidents. Perform log analysis from a wide range of sources including host, firewall, IDS, and network traffic logs to detect potential threats. Conduct cyber incident triage, determine scope and urgency, identify vulnerabilities, and recommend immediate remediation. Execute real-time incident handling activities such as forensic collection, intrusion correlation and tracking, and threat analysis. Support deployable Incident Response Teams (IRTs) with technical tasks during active investigations. Perform initial forensic image collection and inspection to support mitigation and remediation efforts. Conduct cyber defense trend analysis and reporting to identify recurring patterns and emerging threats. Receive, review, and analyze network alerts from internal monitoring tools and threat intelligence sources. Track and document incidents from initial detection through final resolution, ensuring completeness and accuracy of case records. Apply defense-in-depth principles and best practices, including layered security and redundancy. Collect and analyze intrusion artifacts (e.g., malware, trojans, source code) to enhance incident mitigation strategies. Collaborate with intelligence analysts to correlate cyber threat data and improve situational awareness. Monitor external threat intelligence feeds (e.g., vendor advisories, CERT alerts, vulnerability databases) to stay informed of current threats and assess enterprise impact. Desired Qualifications: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent work experience). 3-5 years of experience in cybersecurity operations, with a focus on incident detection, response, or analysis. Experience with log analysis tools (e.g., Splunk, ELK, QRadar), SIEM platforms, and forensic tools. Familiarity with IDS/IPS, firewall technologies, and network protocols. Solid understanding of cybersecurity frameworks (e.g., NIST 800-61, MITRE ATT&CK). Strong analytical and troubleshooting skills. Excellent verbal and written communication skills. Preferred Qualifications: Experience supporting federal government cybersecurity programs. Familiarity with threat hunting, endpoint detection and response (EDR) tools, and malware analysis. Experience documenting and reporting to internal leadership or external regulatory bodies. Relevant industry certifications such as: GIAC Certified Incident Handler (GCIH) Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) CompTIA Cybersecurity Analyst (CySA+) Where You Belong At the heart of our organization lies a set of five core values that guide every facet of our work. "Mission First" epitomizes our unwavering commitment to our goals. "People Always" underscores the significance we place on our team's well-being and development. We continually strive to "Be Eminent" by consistently pushing the boundaries of excellence. "Embrace the Team" reflects our unwavering belief in the power of collaboration, recognizing that together, we attain greatness. With every action, we "Act with a Purpose," ensuring that our efforts contribute meaningfully to a larger mission. These values serve as the bedrock of our company culture, propelling us forward as a united and purpose-driven team. Why Join NetCentrics Join us not just to be a part of safeguarding our nation, but to be at the forefront of innovation, where your ideas and expertise play a pivotal role in shaping the future of cybersecurity and IT. Together, we're not just protecting systems; we're pioneering them. Come be a part of our team and redefine the possibilities in our industry! Commitment to Diversity This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability. Equal Opportunity Employer/Veterans/Disabled

Artech Information Systems is the #12 Largest IT Staffing Company in the U.S. and an employer of choice for over 7,000 consultants. We recruit world-class talent for IT, engineering, and other professional jobs at 70+ Fortune and Global 500 companies coast-to-coast across the U.S., India, and China. We are one of the fastest-growing companies in the US and we welcome you to search the thousands of jobs in our cutting-edge GEM system for employment opportunities that fit your qualifications. At the forefront of the staffing industry, Artech is a minority and women-owned business enterprise (MWBE) committed to maximizing global workforce solutions on behalf of its clients. Artech's deep heritage, proven expertise and insightful market intelligence has secured long-term partnerships with Fortune 500 and government clients seeking world-class professional resources. Job Title: Information Security Operations Center - Incident Handler III Location: Washington, DC Duration: 12+ Months Job Description: Essential Job Functions: • Monitor Security Events from IDS, SIEM, etc. • Log tickets to the Ticketing System • Handle calls from the MSSP(Managed security service provider & users regarding incidents/events, perform triage, resolve problems, or escalate to team members • Perform triage on alerts from all sources including Monitored Email Distribution Lists • Participate in rotating weekly shift supporting off hours and weekend activity (24x7) • Produce ad hoc reports and other ad hoc tasks Qualifications Required Skills/Abilities: • Monitoring skills related to IDS and SIEM • Understanding of TCP/IP, Ethernet, OSI model, layer 2 and layer 3 concepts • Understanding of Windows Registry, File system, etc. • Hands-on knowledge of Network Packet Analysis using tools • Ability to work with team members with varying levels of technical skills and diverse international backgrounds • Strong understanding of Networking and Operating systems concepts • Ability to adapt to and function in a project environment with multiple timetables and changing priorities • Ability to learn new concepts and approaches in Analyzing Security Incidents. • Good communication skills (Verbal and Written) Educational Qualifications and Experience: • Education: Bachelor's degree in Computer Science or Information Systems • Role Specific Experience: 2+ years of relevant experience in Information Security Incident Handling • Experience with Firewalls and information security technologies • Experience with CERT/CSIRT/CIRT/SOC Certification Requirements: Any two certifications would be a plus. CEH, Security +, CCNA Response activities, including containment, remediation, and root cause analysis Bachelor's degree and 5+ years of information security experience Experience in malware remediation and containments Hands on experience of Incident Response /Malware analysis Essential Job Functions: § Perform advanced Malware Analysis, along with Incident Response § Generate detailed Malware Analysis reports on PE and other common file structure samples § Provide actionable intelligence and suggestions for control updates based on the reverse engineering and malware analysis § Assist OIS in Identifying zero-day/vulnerable applications and impact Experience Matrix for Levels: • Level I - 2+ years of experience • Level II - 5+ years of experience • Level III - 7+ years of experience Note: The specific shift he wants to get covered is the 12pm-8pm EST window Strong experience in SOC environment and great soft skills/customer service Required people who can come for an in-person interview Additional Information For more information, Please contact Siva Kumar ************

is Subject to Contract Award JANUS Research Group is currently seeking a Cyber Systems SSO for a contract to support the Deputy Chief of Staff (DCS, G8. The DCS G-8 is the principal military advisor to the Chief of Staff, Army (CSA) and the Assistant Secretary of the Army, Financial Management and Comptroller (ASA(FMC)) for the Programming phase of the Planning, Programming, Budgeting, and Execution (PPBE) process. The DCS, G-8 coordinates with the Assistant Secretary of the Army, Acquisition, Logistics, and Technology (ASA(ALT)) on all proposed programming and process recommendations related to ongoing and future acquisition programs and science and technology initiatives. The DCS, G-8 coordinates with Army Futures Command (AFC) for program funding for all elements of the future force materiel modernization enterprise. Position Description: Manages Army cyber capability development within the Intelligence Division. Provides analytical and technical expertise on cyber defense, network operations, and offensive cyber modernization. Develops information papers, briefings, and SPAR/POM inputs addressing capability gaps, performance, and operational integration. Coordinates with ASA(ALT), T2COM, ARCYBER, INSCOM, and ARSTAF to align cyber initiatives with Army and Joint modernization strategies. Relevant Competencies / Skill Levels: A Bachelor's Degree in Engineering and/or Business A minimum of four (4) years of experience and expertise in Force Development duties Demonstrates expert analytical and technical skills in cyber systems architecture, network defense, and offensive cyber capabilities. Proficient in evaluating system performance, security posture, and modernization impacts to ensure resilient and adaptive cyber operations. Possesses advanced analytical and communication abilities to deliver clear, data-driven assessments that enhance Army cyber capability development and operational readiness Benefits: 401(k), Paid Time Off (PTO), Paid Holidays, Medical and Dental Plans, Life and Disability insurance, Education Assistance (and more). JANUS strives to provide opportunities for career growth through training and development. We also offer an attractive comprehensive benefit package to include health and welfare plans and financial products. As part of a total rewards program, employees can benefit from our referral bonus program, and other various employee awards. JANUS Research Group takes pride in our benefit package and rewards program which has earned us the certification of a Great Place to Work JANUS Research Group provides reasonable accommodation so that qualified applicants with a disability may participate in the selection process. Please advise us of any accommodations you request to express interest in a position by e-mailing: Judy Pagac, Chief Human Resources Officer at **************************** or calling **************. Please state your request for assistance in your message. Only reasonable accommodation requests related to applying for a specific position within JANUS Research Group will be reviewed at the e-mail address and phone number supplied. Thank you for considering a career with JANUS Research Group. JANUS Research Group participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information. E-Verify JANUS Research Group is an equal opportunity/ affirmative action employer. It is company policy to provide equal opportunity in all areas of employment practice without regard to race, color, religion, sex, sexual orientation, national origin, age, marital status, veteran status, citizenship, or disability. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment qualified individuals without regard to race, color, religion, sex, national origin, protected veteran status or disability.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Qmulos is recruiting cybersecurity specialists who want to challenge themselves by working with brilliant people to solve some of today's most important cybersecurity problems. As an emerging cybersecurity software and consulting company in the heart of Washington D.C., we need highly motivated individuals who think of big ideas, work well with others, and can help solve game-changing problems. We need creative people whose intelligence is matched only by their grit. Among only a small group of Silicon Valley-style startups in D.C., Qmulos you'll work with industry trailblazers and global private-sector and public-sector clients to help solve national security problems. Job Description Research, verify and document information security controls using the Federal Certification and Accreditation (C&A) processes. Propose, communicate, and enforce security policies, procedures and methodologies. Collect, compile, and report IA and CND metrics relating to Connection Approval Process, Certification and Accreditation Compliance, Information Assurance Vulnerability Management Compliance, Inspection Compliance Status, and FISMA Compliance. Analyze reports from vulnerability assessment scanners, patch management tools, and emerging threat information to advise on the risk and remediation of security issues. Develop Plan of Action and Milestones (POA&Ms) for identified vulnerabilities to initiate, coordinate and track the patching and remediation of security weaknesses. Conduct reviews: security authorization documents, event logs, security incidents. Report on security status and security incidents. Coordinate Authorization packages. Qualifications Bachelor's Degree (Preferable: Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines) 5+ years experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government. Knowledge of Federal government C&A practices and policies (Preferable: ICS 503, FISMA, NISP SP 800-53, and DHS 4300) 5+ years experience with information assurance tools preferred 5+ years experience working directly with a federal client Ability to work independently and also collaborating closely with project managers, engineers, and others Working knowledge of Ongoing Authorization with in the NIST Framework Excellent written and oral communication skills Clearance Requirements: Active Top Secret Additional Information All your information will be kept confidential according to EEO guidelines.

About Us: AdNet/AccountNet, Inc. is an 8(a), WOSB, LGBTE, and WBE owned management consulting firm founded in 1990. We blend the best in people with the ongoing demands of the workplace by providing high-quality staffing and executive search services. All applicants for this position must be DC-based - no exceptions. IT Department Overview Our mission is to collaborate and deliver secure, stable, and reliable IT solutions that meet organizational needs, with a focus on high-end user satisfaction and cost-effectiveness. The IT Department is a dedicated team of collaborative professionals committed to providing world-class support and driving innovation for a primarily U.S.-based staff. We leverage modern and, in some cases, cutting-edge tools and technologies to support our mission. Position Summary: Senior Cloud Security Analyst The Senior Cloud Security Analyst plays a key role in advancing the organization's cybersecurity initiatives. This individual will lead and contribute to multiple security-focused projects, working closely with the broader IT team to assess and strengthen the organization's cloud security posture. Responsibilities include identifying and remediating configuration vulnerabilities across cloud platforms, infrastructure, and services. The role also involves enhancing the organization's advanced threat detection and incident response capabilities through real-time intelligence, threat research, automation, and innovative solutions. In addition, the analyst will support projects related to the organizations compliance with the NIST Cybersecurity Framework (CSF), including risk mitigation efforts. This position may also include special project management responsibilities as assigned. Reports To: Director of Cybersecurity Qualifications/Skills: The candidate must possess the following skills and educational achievements: Must be a strategic thinker, able to understand and act upon the organization's objectives. Excellent verbal and written communication skills. Strong problem solving and research skills. Event analysis expertise leveraging Security Information and Event Managment (SIEM) and cloud native tools. Incident investigation and response expertise, including the ability to interpret cloud platform alerts and events and parse through logs and analyze log data. Knowledge of current threat landscape, including knowledge of malware operation and indicators. Deep understanding of identity management and access security for cloud environments. Security and architecture experience with AWS, Azure, M365, and SaaS platforms with expertise in one or more platforms. Familiarity with cybersecurity standards and frameworks, and knowledge of audit requirements (e.g., NIST, PCI, HIPPA, etc.) Undergraduate or Master's Degree in Cybersecurity or related field or commensurate experience. Certification of one or more of the following, preferred: ISC2 CCSP, AWS Certified Security Specialty, MS Certified Azure Engineer Associate. 5+ years' experience in cybersecurity. Able to identify, select, track, and report on security metrics. Detailed Duties: Proactively hunt for abnormal configuration, permissions, workloads, user behaviors or other indicators of compromise. Identify and respond to cyber threats occurring within the company's cloud environments. Enhance security monitoring, alerting and automated response capabilities and improve existing threat hunting capabilities that align with the global direction. Monitor, investigate and analyze logs and security-related events utilizing existing tools in the environment. Improve the meaningfulness of alerts and reduce the instances of false positives by calibrating the alert thresholds. Creating and maintaining playbooks and automated response capabilities. Stay up to date with current threat actors and the TTPs used by actively researching emerging Indicators of Compromise/Attack, exploits and vulnerabilities with the intent of operationalizing findings to better protect our networks. Fulfill responsibilities as it relates to POAMs generated from risk assessments. Lead time-sensitive projects tied to risk remediations, including ensuring completion of such projects per agreed upon schedule.

Minimum Clearance Required No Clearance Responsibilities I2X Technologies is a reputable technology services company to the Federal Government. Whether the focus is on space exploration, national security, cyber security, or cutting-edge engineering applications, I2X is ready to offer you the chance to make a real-world impact in your field and for your country. We provide long-term growth and development. Headquartered in Colorado, I2X is engaged in programs across the country and in more than 20 states. Our programs support multiple Federal agencies, including the Department of Defense. We are seeking a Senior Information Security Specialist to support our customer's operations in Washington, DC. This effort provides our Government customer with IT Staffing and Consulting services. This position will be on-site. Responsibilities: * Administer and maintain intrusion detection/prevention systems (IDS/IPS), SIEM platforms, and firewalls for both on-premises and cloud environments, including authoring custom detection content. * Monitor real-time network activity, analyze logs and metadata, and investigate anomalies to confirm and respond to intrusion attempts across hybrid infrastructures. * Perform full-scope digital forensics and incident response (DFIR), covering all phases from scoping and containment to recovery and lessons learned. * Design and maintain secure network architectures and data loss prevention (DLP) solutions to safeguard sensitive data in cloud and on-premises systems. * Execute comprehensive security assessments, including penetration testing, ethical hacking, and static/dynamic code analysis, to uncover and address vulnerabilities. * Demonstrate deep technical understanding of network protocols, system hardening, encryption, identity and access management (IAM), and application security. * Conduct risk assessments, security gap analyses, and develop actionable mitigation strategies in alignment with NIST, OMB M-22-09, and other federal cybersecurity standards. * Deploy and support identity, credential, and access management (ICAM) solutions, including multifactor authentication and identity governance frameworks for federal environments. * Lead compliance efforts, including control assessments under NIST 800-53, POA&M management, and executive reporting on security posture and residual risk. * Collaborate with stakeholders to build consensus on vulnerability management, prioritize remediation, and ensure alignment with agile development and zero trust initiatives. Qualifications Essential Requirements: * US Citizenship Required Experience: 5-10 years of experience in the following: * Administering and maintaining intrusion detection, prevention, and analysis platforms, including SIEMs, host-based systems, and firewalls, while authoring and implementing custom detection logic. * Monitoring real-time network activity and analyzing raw data, metadata, and logs to identify, investigating, and responding to anomalies and cybersecurity incidents across on-premises and cloud environments. * Implementing and maintaining data loss prevention (DLP) capabilities for safeguarding sensitive information in both local and cloud-based systems. * Designing, supporting, and managing security infrastructure, including upgrading toolsets, applying patches, and configuring settings to align with organizational security goals and zero trust architecture. * Conducting comprehensive security testing-including ethical hacking, static/dynamic code reviews, and system architecture assessments-for evaluating controls and identifying vulnerabilities. * Analyzing security data to identify risks, assessing system vulnerabilities, and developing mitigation strategies aligned with federal standards and best practices. * Leading and supporting vulnerability management efforts, including executing scans, evaluating risk, tracking compliance with BOD 22-01, and generating reports to guide remediation efforts. * Collaborating with stakeholders for conducting gap analyses, prioritizing vulnerabilities, and developing actionable remediation plans for enterprise systems and networks. * Deploying and managing enterprise-wide Identity, Credential, and Access Management (ICAM) solutions, supporting MFA, privileged access management, and identity lifecycle governance in compliance with OMB and NIST guidance. * Developing technical and executive-level documentation, reports, and presentations for communicating findings, readiness status, and recommendations for improving cybersecurity posture. Education and Certifications: * A Bachelor's degree from an accredited college or university One or more of the following, as appropriate: * Certified Incident Handler (GCIH) * GIAC Network Forensic Analyst (GNFA) * GIAC Certified Forensic Analyst (GCFA) * Information Systems Security Engineering (ISSE) * Certified Cloud Security Engineer (CCSE) * Offensive Security Certified Professional (OSCP) * GIAC Penetration Tester (GPEN) * Certified Information Systems Security Professional (CISSP) * GIAC Enterprise Vulnerability Assessor (GEVA) * Certified Analytics Professional (CAP) I2X Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected Veteran status, or disability status. Salary bands have not yet been determined for this opportunity. I2X Technologies considers factors such as scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, and market and business considerations when extending an offer.

About the Role: We are seeking a highly skilled IAM and Security Systems Analyst to support the design, implementation, and operation of critical security controls across our infrastructure, cloud, and application environments. While the title reflects an analyst level, the role requires a hands-on engineering mindset with deep technical experience in identity management, security tooling, and threat detection. This individual will play a key role in securing our systems, applications, and data by evaluating, implementing, and managing tools and processes across the security stack, from access governance to application security, SIEM operations, and incident response. Key Responsibilities Identity & Access Management (IAM) Manage and support identity platforms including Active Directory, Azure AD, and Okta. Implement RBAC, least privilege principles, and automated provisioning/deprovisioning. Conduct periodic access reviews and support access certification processes. Integrate IAM controls into application and cloud environments. Security Engineering & Tooling Administer and optimize Mimecast, OKTA, Microsoft Defender, Intune, and other endpoint/cloud security tools. Manage SIEM tools including rule tuning, log ingestion, and correlation. Implement and automate application code reviews using security scanning tools (e.g., SAST, DAST). Perform application security testing and contribute to threat modeling and risk evaluations. Lead cloud control monitoring, data protection measures, and compliance reporting. Threat Detection & Incident Response Conduct analysis of security alerts and lead incident response efforts. Leverage threat intelligence to update detection mechanisms and enhance response playbooks. Perform root cause analysis and evidence handling following incidents. Support red team/blue team exercises and penetration testing activities. Architecture, Process & SDLC Integration Review and evaluate system and application security architectures. Support integration of security controls across the SDLC and DevSecOps pipelines. Design and continuously improve security processes and documentation. Participate in security metrics and reporting efforts to track control effectiveness. Support SOC design discussions and contribute to its operational maturity. Collaboration & Compliance Partner with IT Operations teams, Infrastructure, HR, and Compliance to support security initiatives. Assist with internal and external audits, control documentation, and evidence collection. Maintain awareness of frameworks such as SOC 2, NIST, and ISO 27001. Help run awareness training, phishing simulations, and risk assessments. This is a hybrid role that will require regular in-person work in office for work tasks and/or activities for coaching and support of our students. You must live within a commutable distance to either Boston, MA, New York City, NY, or Washington DC. Salary Range: $90,000-$110,000/annually Required Qualifications 3-5 years of experience in a security engineering or analyst role Strong experience with IAM platforms (Active Directory, Azure AD, Okta) Proficient in SIEM platforms, incident response, and Microsoft security tools Experience with automated security testing tools (SAST, DAST) Familiarity with cloud security (Microsoft 365, Azure) and application security principles Hands-on experience in scripting/automation (PowerShell, Python, or Terraform a plus) Strong understanding of network protocols, system hardening, and endpoint defense Excellent problem-solving and communication skills Preferred Qualifications Familiarity with red teaming, penetration testing, and threat modeling Exposure to compliance frameworks such as SOC 2, HIPAA, or ISO 27001 Participation in SOC design or operations Experience with security metrics/reporting and risk assessments Why Join Us: You'll be part of a mission-driven team focused on protecting a modern IT and cloud-first organization. This is an opportunity to shape and grow a scalable security program, drive impact across critical systems, and mature key security domains. #LI-HybridCOMPENSATION & BENEFITS: Year Up United has established salary ranges for each of our sites, which allows us to pay employees competitively, equitably and consistently in different geographic markets. For roles in which the location is listed as flexible, the range displayed reflects the minimum and maximum target for new hire salaries for the position across all US locations. Salary offers take into account a candidate's skills, experience, and location. Your recruiter can share more about the specific salary range for your location during the hiring process. Benefits: Comprehensive healthcare options and dental coverage; 401(k) match for eligible participants. Vacation: Earn three weeks paid vacation in first year of employment; four weeks after initial year. Professional Development: Funds available to support staff in achieving career objectives ($2,500 per year) ** This is an exempt role (paid on a salaried basis). ** ORGANIZATION DESCRIPTION: Year Up United is a national 501(c)3 workforce development organization committed to ensuring equitable access to economic opportunity, education, and justice for all young adults-no matter their background, income, or zip code. Employers face a growing need for talent while millions of talented young adults lack access to meaningful careers. These inequities only further perpetuate the opportunity gap that exists in our country-a gap that Year Up United is determined and positioned to close through three interconnected strategies: providing targeted skills training and connections to livable-wage employment for students and alumni; empowering others to serve and support young adults, and changing systems that perpetuate the opportunity gap. Year Up United's intensive training program utilizes a high expectations, high support model where students learn in-demand technical and professional skills and apply them during a corporate internship. Year Up United has directly served more than 40,000 young adults since its founding in 2000. Year Up United's nationwide presence includes Arizona, Austin, Bay Area, Charlotte, Chicago, Dallas/Fort Worth, Greater Atlanta, Greater Boston, Greater Philadelphia, Jacksonville, Los Angeles, the National Capital Region, New York City/Jersey City, Pittsburgh, Puget Sound, Rhode Island, South Florida, Tampa Bay, and Wilmington. Voted one of the Best Nonprofits to Work For in the country by The NonProfit Times, Year Up United is a rewarding and impactful place to work. Our staff is passionate, supportive, mission-driven, and committed to positive change and continuous learning. We set high standards for both ourselves and our students and live by a set of core values that reflect an unshakable belief in the talent and potential of our young people. The work we do is life-changing, and we know that our team is the greatest asset in achieving our mission. COMMITMENT TO DIVERSITY: Year Up United embraces diversity and equal opportunity in a serious way. All aspects of employment, including the decision to hire, promote, discharge, or discipline, are based on meritocracy. We do not permit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristics protected by federal, state, or local laws. Learn more about our commitment to diversity: *************************************************************** Year Up United is also committed to working with and providing reasonable accommodations to individuals with disabilities. Your recruiter can provide details regarding the expected work environment and any physical requirements. Please let our hiring team know if you need an accommodation at any point during the interview process. Information received relating to accommodation will be addressed confidentially. TO APPLY: Please submit a thoughtful cover letter and resume through our website. Note that applications without a cover letter will not be considered. We respectfully request no phone calls.

Job DescriptionJoin the Nalley Consulting team as a full-time Cyber Analyst at DIA HQ. Cyber Analyst LCAT: Mid Shift work: No Clearance requirement: TS/SCI clearance; CI poly or willingness to take a polygraph Position Description Conducts analysis using intelligence and information from multiple sources to assess, interpret, forecast, and explain a range of national security issues and developments specific to the cyber domain. Provides analytic support to collections, operations, investigations, and other defense intelligence analytic requirements. Basic Qualifications 3+ years of experience in IT, in cybersecurity, or in cyber-focused intelligence analysis Knowledge of computer and IT infrastructure Understanding of computer network vulnerabilities and access vectors Knowledge of the IC and Combatant Command environment Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Education and certifications Bachelor's degree and 3+ years of experience in intelligence or cybersecurity OR 7+ years of experience in intelligence or cybersecurity in lieu of degree CompTIA+ certificate preferred but not required Additional Qualifications Knowledge of the intelligence cycle Experience with authoring DoD product lines and utilizing ICD 203 tradecraft standards Experience with data analytics, analysis, and visualization ABOUT NALLEY CONSULTING Nalley Consulting is a Service Disabled Veteran Owned Small Business working with prime partners to staff Department of Defense and Intelligence Community positions. Created by a U.S. Navy intelligence veteran, Nalley Consulting has grown to include multiple IDIQ vehicles in several states. Nalley Consulting fringe benefits include: Excellent medical, dental, and vision benefits PTO 11 paid federal holidays Tuition assistance Paid military-reserve leave Paid parental leave for birth or adoption 401k matching up to 5 percent of the base salary Flex time Company-paid short-term disability, long-term disability, and life insurance. Powered by JazzHR DL0AnvBuGc