Cyber security analyst jobs in Fort Washington, MD - 1,489 jobs

This position will support GSM-O II Task Number 07 (TN07), which provides support to the DoD Cyber Defense Command (DCDC). DCDC provides network operations and defensive cyber operations support to the United States Cyber Command in support of the DoD. The selected candidate shall provide analysis that provides 24 hours per day x 7 days per week x 365 days per year support DCDC Operations Center, providing command, control, and defensive cyber operations (DCO) functions across the Combatant Commands, Service Cyber Components, Agencies, and Field Activities in addition to 24/7 coordination with USCYBERCOM and other partner agencies. Primary Responsibilities Lead the DCDC Fusion Analyst team including employee engagement, training, performance reviews, and all other Leidos employee needs. Includes mentoring, assigning and reviewing work and planning/scheduling to ensure milestones are completed in accordance with the program work statement. Identify problems, determine accuracy and relevance of a broad range of technical information. Use sound judgment to generate, evaluate, and execute alternative courses of action. Produce timely, effective, decision-quality technical recommendations to support senior leadership. Serve as a lead for planning, coordination, implementation, validation, mitigation, and compliance of cyber operations/intel security tasks. Leverage an array of network monitoring and detection capabilities (including netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data) to identify cyber adversary activity. Support the development of Cyber Fusion standard operating procedures (SOPs), and Cyber Fusion Framework and Methodology based on industry best practice and department of defense instruction, guidance, and policy. Identify threats to the enterprise and provide mitigation strategies to improve security and reduce the attack surface. Perform analysis by leveraging serialized threat reporting, intelligence product sharing, OSINT, and open-source vulnerability information to ensure prioritized plans are developed. Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment. Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data. Analyze and track vulnerability disclosure program (VDP) incidents as it relates to intelligence reporting. Identify, investigate and rule out system compromises, with the capacity to provide written analytic summaries and attack life cycle visualizations. Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities. Offer recommendations to adjust enterprise or tactical countermeasures to for threats impacting the DODIN. Collect analysis metrics and trending data, identify key trends, and provide situational awareness on these trends. Provide guidance regarding the use of OSINT techniques in the pursuit of investigatory requirements. Perform quality assurance duties on behalf of JDOC leadership, ensuring that SIGACTs are compliant with JDOC policies, as well as ensuring that all information is captured before closure. Required Qualifications Active DoD TS/SCI Clearance and eligible for polygraph. DoDD 8570 IAT Level II Certification (SEC+, CySA, GICSD, etc.). Bachelor's degree in related discipline and 12+ years of related experience. Additional experience may be accepted in lieu of degree. Strong communications and interpersonal skills. Proficient in Microsoft Office applications (Word, Excel, Outlook, PowerPoint). Proficient in Windows 7/8/10/11. Ability to work in a virtual environment like Microsoft Teams. Experience working with members of the Intelligence Community (IC) and knowledge and understanding of Intelligence processes. In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies. Proficiency with datasets, tools and protocols that support analysis (e.g. Splunk, CMRS, VDP, passive DNS, Virus Total, TCP/IP, OSI, WHOIS, enumeration, threatindicators, malware analysis results, Wireshark, Arcsight, etc.). Experience with IC repositories (Pulse, TESTFLIGHT, etc.) Experience with various open-source and commercial vendor portals, services and platform that provide insight into how to identify and/or combat threats or vulnerabilities to the enterprise. Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs). Preferred Qualifications Experience with the DODIN and other DoD Networks. Familiarity with DoD portals and tools (RAMs, IKE, JCC2, etc.) Experience with proprietary OSINT Sources (Mandiant, Recorded Future, Shodan, etc.) Skilled in building extended cyber security analytics (Trends, Dashboards, etc.). Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership. Experience in intelligence driven defense and/or Cyber Kill Chain methodology. IAT Level III or IAM Level II+III Certifications Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr

Evolver Federal is seeking a Lead Cyber Threat Analyst to fulfil a requirement for a potential government client. The Lead Cyber Threat Analyst is responsible for identifying, analyzing, and mitigating advanced cyber threats targeting federal systems and critical infrastructure. This role focuses on proactive threat hunting, intelligence analysis, and developing strategies to detect and disrupt adversary tactics, techniques, and procedures (TTPs). The Lead Cyber Threat Analyst will lead a team of analysts, collaborate with SOC and incident response teams, and provide actionable intelligence to strengthen the organization's cybersecurity posture. This position requires deep expertise in threat analysis, malware research, and adversary emulation within highly regulated environments. Responsibilities Lead cyber threat analysis and intelligence operations to identify emerging threats and vulnerabilities. Conduct proactive threat hunting across enterprise and cloud environments using advanced analytics. Analyze adversary TTPs and develop detection strategies aligned with MITRE ATT&CK framework. Oversee malware analysis, reverse engineering, and forensic investigations for complex incidents. Integrate threat intelligence feeds into SOC workflows and detection platforms. Leverage AI-driven threat detection techniques to enhance predictive and adaptive security capabilities. Apply Zero Trust principles across detection, response, and access control strategies to strengthen enterprise resilience. Implement cloud-native security solutions to safeguard workloads and data in multi-cloud environments. Prepare and deliver executive-level threat reports, risk assessments, and strategic recommendations. Collaborate with SOC, incident response, and engineering teams to enhance detection and response capabilities. Maintain and update threat intelligence platforms and knowledge bases. Support development of playbooks for threat hunting and incident response automation. Ensure compliance with federal cybersecurity frameworks (NIST 800-series, RMF, TIC 3.0). Mentor and coach junior analysts to develop technical expertise and career growth. Manage cross-functional SOC projects, ensuring alignment between threat analysis, incident response, and engineering teams. Drive process improvements and best practices across SOC operations to enhance efficiency and resilience. Basic Qualifications Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience and 4 years' experience in IT Solutions at senior management Certified Information Systems Security Professional (CISSP) Certified Security Analyst, Certified Ethical Hacker, or similar certifications Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended) Information Technology Infrastructure Library (ITIL) 4 Foundation 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical BPAs/contracts US Citizen with the ability to pass a comprehensive government background check Preferred Qualifications Experience managing or supporting cybersecurity operations, including SOC functions, in a federal or highly regulated environment Experience leading cybersecurity programs within federal civilian agencies Master's degree in a technical or management-related field GIAC (GCTI, GCFA) or AWS/Azure security certifications Knowledge of RMF, NIST 800-series, OMB A-130, and TIC 3.0 policies Experience with performance-based contracts and cross-functional team leadership Strong communication skills, including experience delivering executive briefings and incident communications Expertise in threat intelligence platforms (TIPs) and SIEM tools (Splunk, Elastic). Familiarity with SOAR platforms and automation for threat detection and response. Experience with malware reverse engineering and memory forensics. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and threat modeling methodologies. Hands-on experience with cloud threat analysis (AWS, Azure, GCP) and container security. Ability to lead advanced threat hunting campaigns and mentor junior analysts. Understanding of nation-state threat actors and advanced persistent threats (APTs). Experience integrating threat intelligence into vulnerability management and risk scoring. Knowledge of scripting languages (Python, PowerShell) for automation and custom detection. Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law. Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. #J-18808-Ljbffr

We are seeking a Security Engineer who specializes in designing and implementing new systems and tools to enhance the security of Meta's products and infrastructure. This role is ideal for individuals with deep security domain expertise who are passionate about building solutions and using AI to address evolving security requirements and use cases. Cloud Security Engineer Responsibilities Design, prototype, and implement AI-driven security systems and tools to protect Meta's products and internal infrastructure Develop and maintain security-focused code, libraries, and frameworks for use by Security Engineers, Analysts, and engineering teams Collaborate with cross-functional partners to deliver scalable, security solutions aligned with company objectives Rapidly experiment with and iterate on specialized security technologies, leveraging AI to address emerging threats and requirements Apply deep security expertise to solve complex challenges, mitigate risks, and mentor other engineers in advanced security domains Minimum Qualifications B.S. or M.S. in Computer Science or related field, or equivalent experience 5+ years of experience in designing and implementing security systems, tools, or frameworks Extensive knowledge of attacker tactics, techniques, and procedures Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent Experience collaborating with technical and non-technical stakeholders Ability to rapidly prototype and iterate on security solutions Preferred Qualifications Experience on securing cloud deployments, IAC (Infrastructure as Code) deployments for cloud (terraform) Experience addressing security problems by building scalable engineering solutions Experience influencing software engineers building security products Experience creating metrics to measure service and program effectiveness and consistency Experience making contributions to the security or privacy community (public research, OSS, blogging, presentations, etc.) Public Compensation $147,000/year to $208,000/year + bonus + equity + benefits Industry Internet Equal Opportunity Meta is proud to be an Equal Employment Opportunity and Affia... (full statement) Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com. #J-18808-Ljbffr

Your growth matters to us - explore our career development opportunities. BE EMPOWERED TO SUCCEED Connect with others in our people‑first culture and enhance our collective ingenuity. SUPPORT YOUR WELLBEING Learn how we'll support you as you pursue a balanced, fulfilling life. YOUR CANDIDATE JOURNEY Discover what to expect during your journey as a candidate with us. IDS and IPS Cyber Security Engineer We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS). You will leverage hands‑on engineering and O & M experience with Suricata or other network‑based IDS capabilities such as Snort, VectraAI, or Corelight. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux. Work with us as we secure and protect our nation's most sensitive capabilities. The Opportunity What You'll Work On: Designing, deploying, and maintaining IDS / IPS systems across a large enterprise with multiple networks. Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives. Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging. Tuning IDS / IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC‑specific acceleration features. Collaborating with security teams to integrate IDS / IPS with SIEM and other security monitoring platforms. Troubleshooting installation and operational issues specific to IDS / IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE‑Linux policies, and performance tuning. Identifying and mitigating common pitfalls encountered when deploying IDS / IPS in large‑scale enterprise environments, including package dependencies, system resource constraints, and NIC driver or configuration issues. Providing detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes. Staying current with platform IDS / IPS software releases, NIC driver updates, and community best practices for network interface tuning and IDS / IPS performance enhancement. You Have: Experience working with network IDS / IPS systems such as Snort, Suricata, or Corelight, including hands‑on management of YAML configuration files. Experience administering Red Hat Enterprise Linux (RHEL) systems, including package management, such as yum or dnf, kernel module management, SE‑Linux configuration, and system optimization via Unix CLI and remote shell access vectors, such as PuTTY or SSH. Experience tuning Suricata for high‑performance packet capture with Napatech NICs or advanced network interface cards. Experience with NIC‑specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and off‑load capabilities, and how to configure them for Suricata. Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment. Knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules. Active TS/SCI clearance; willingness to take a polygraph exam. Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. DoD 8570 IAT Level II Certification, including Security+ CE, CCNA‑Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date. Nice If You Have: Experience with scripting languages, such as Bash, Python, YAML, or Ansible to automate Suricata configuration and deployment tasks. Experience integrating Suricata with Splunk or other SIEM solutions. Experience with Detection and Response (NDR) solutions, including with Trellix or FireEye, Corelight, Endace, Vectra AI, Darktrace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, or Trend Vision. Knowledge of network protocols, intrusion detection methodologies, and security event correlation. Knowledge of containerized deployments of Suricata, such as Docker or Kubernetes, in enterprise environments. Ability to be a self‑starter, work without considerable direction, and work with a team. Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts. Clearance Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well‑being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work‑life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full‑time and part‑time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract‑specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people‑first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non‑Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law. #J-18808-Ljbffr

A high-tech company is seeking a Lead Security Engineer to oversee cybersecurity operations within the DC area. The ideal candidate will lead efforts to ensure compliance with federal security standards while managing vulnerabilities and incidents. Qualifications include a Bachelor's in Cybersecurity, 8-10 years of relevant experience, and necessary security clearances. The position offers a competitive benefits package, including health and retirement plans, within an office setting with occasional travel expectations. #J-18808-Ljbffr

The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm's IT and application infrastructure and the confidentiality, integrity, and availability of the firm's data in support of enterprise IT objectives and client service delivery needs. Qualifications: Responsibilities Security Operations Performing security log and event analysis taking appropriate action as directed or required to address security risk issues or events / incidents using EDR, SIEM and log aggregation systems. Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems. Maintaining and managing security toolsets as assigned, that help to mitigate or respond to security events and incidents including, but not limited to: Application control systems EDR/AV Email Security platform Attack simulation platform Threat intelligence/hunting Security related artificial intelligence tools Supporting security incident response and investigation efforts as directed. Helping validate and track IT operational activities to ensure compliance with policy, standards, and other applicable requirements, or as directed by organizational needs. Researching and identifying security vulnerabilities and relevant industry / cybersecurity trends for follow-up and action. Regularly reporting and tracking IT security events and metrics along with remediation activities. Helping support third-party risk management efforts as assigned. Helping support the firm security awareness training program as assigned. Helping support the firm's IT Compliance efforts as assigned. Participating in IT Security on-call rotation. Security Engineering & Architecture Advising and assisting with planning of security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control in support of enterprise objectives and client service delivery. Reviewing newly requested applications and SaaS and application changes for security impacts and possible remediation to address security risk. Actively participating in the enterprise Change Advisory Board (CAB). Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures. Helping to develop and contribute to security policies, standards and procedures to maintain an appropriate security posture and/or compliance with applicable requirements. Technical Skills & Experience Education/Experience Four year college degree preferred; equivalent experience will be considered. Minimum of three (3) years of experience in Information Security, or equivalent experience in IT-related fields with secondary security responsibilities. Technical Skills Experience and understanding of Windows, Unix/Linux, and Active Directory. Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing protocols. Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security, and cloud security. Proficient in Windows operating systems, Microsoft Office Suite, and related software. Skilled in leveraging artificial intelligence tools for daily work. Strong remote collaboration capabilities. Communication & Writing Communicate complex technical information clearly to non-technical audiences. Excellent oral and written communication, including reports, business correspondence, and procedure manuals. Effective presenter to diverse groups, including managers, clients, and the public. Ability to identify and apply the appropriate method of communication. Professionalism & Judgment Strong personal initiative, judgment, and professionalism. High level of confidentiality and discretion. Exceptional client service for both internal and external stakeholders. Problem-Solving & Strategic Focus Strong problem-solving skills and strategic thinking. Ability to define goals, prioritize tasks, and follow through to achieve results. Detail-oriented with excellent organizational and time management skills. Capable of handling multiple tasks in fast-paced environments. Flexibility & Commitment Reliable, dependable, and motivated. Flexible to work additional hours as needed. Willingness to travel (1-4 weeks per year, or more if required). The anticipated base salary for this position is $122,000 to $160,000. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. For benefits information, please note the firm's benefits details are available upon request. The firm may provide a discretionary bonus annually. Arnold & Porter is an equal opportunity employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex, pregnancy and childbirth (including breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state or federal laws, rules or regulations. Our Firm\'s equal opportunity policy applies to all employment practices and terms and conditions, including, without limitation, recruitment, employment, assignment, training, compensation, benefits, promotions, disciplinary action and terminations. For purposes of the firm\'s Anti-discrimination and Anti-harassment Policies, the term "race" includes, without limitation, traits historically associated with race, including, but not limited to, hair texture and protective hairstyles, such as braids, locks, and twists. Arnold & Porter Kaye Scholer LLP endeavours to make information accessible to any and all users. If you would like to contact us regarding accessibility of our website or need assistance completing the application process, please contact Director of Support Staff at ***************. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. For our EEO Policy Statement, please contact us for details. If you would like more information about your EEO rights as an applicant under the law, please inquire about Know Your Rights. Arnold & Porter Kaye Scholer LLP uses E-Verify, which is a web-based system, to confirm the eligibility of our employees to work in the United States. As an E-Verify employer, we verify the identity and employment eligibility of newly hired employees by electronically matching information provided by employees on the Form I-9, Employment Eligibility Verification, against records available to the Social Security Administration (SSA) and the Department of Homeland Security (DHS). We use E-Verify because we are a federal contractor containing the Federal Acquisition Regulation (FAR) E-Verify clause. Please see the posters for details regarding E-Verify or contact Arnold & Porter Kaye Scholer LLP's Human Resources Department for more information. E-Verify Participation Poster and Right-to-work Poster. #J-18808-Ljbffr

Information Assurance Engineer / Security ManagerC2 Labs, Inc. - ************** C2 Labs partners with clients on their IT transformation journey via our industry-leading capabilities in full stack development, hyper-automation/DevOps, and cybersecurity compliance. We provide specialized products and services that enable clients to innovate with speed and scale while maintaining a robust and effective security posture. As digital transformation partners, we address the most urgent needs holding back our clients, including proactively addressing cultural change, quantifying risk, automating compliance, and closing critical skill gaps We are seeking a highly skilled and experienced Information Security Engineering Manager to spearhead the development, implementation, and management of our organization's security infrastructure. This pivotal role will be responsible for safeguarding our critical assets and ensuring compliance with industry-leading security standards. You will lead a team of security professionals, providing technical guidance and fostering a culture of security awareness. Responsibilities Design, develop, and implement robust security networking architectures, incorporating Intrusion Detection/Prevention Systems (IDS/IPS) and other advanced security technologies. Develop and enforce comprehensive security policies and procedures aligned with industry best practices and regulatory requirements. Lead the monitoring and analysis of security systems, proactively identifying and responding to potential threats and vulnerabilities. Manage and optimize existing security solutions, ensuring their effectiveness and efficiency. Drive compliance initiatives, with a focus on the Risk Management Framework (RMF) and NIST 800-53 Rev 5 controls. Effectively manage security projects, ensuring timely completion and adherence to budget. Lead incident response efforts, coordinating investigations and implementing remediation strategies. Mentor and develop a high-performing team of security professionals. Qualifications Bachelor's degree in an IT-related field required. Minimum 15 years of experience in information security, or Certified Information Systems Security Professional (CISSP) certification with a minimum of 10 years of experience. Demonstrated deep understanding of information security principles, including access control, network security, cryptography, and vulnerability management. Proven experience in managing security projects and leading incident response activities. Extensive experience with the Risk Management Framework (RMF) and NIST 800-53 Rev 5 controls. Excellent communication, leadership, and problem-solving skills. EOE STATEMENT We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment drug screen. #J-18808-Ljbffr

The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm's IT and application infrastructure and the confidentiality, integrity, and availability of the firm's data in support of enterprise IT objectives and client service delivery needs. Responsibilities Security Operations Performing security log and event analysis using EDR, SIEM and log aggregation systems. Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems. Maintaining and managing security toolsets such as Application control systems, EDR/AV, Email Security platform, Attack simulation platform, Threat intelligence/hunting, and Security related artificial intelligence tools. Supporting security incident response and investigation efforts as directed. Helping validate and track IT operational activities to ensure compliance with policy, standards, and other applicable requirements. Researching and identifying security vulnerabilities and relevant industry/cybersecurity trends for follow-up and action. Regularly reporting and tracking IT security events and metrics along with remediation activities. Helping support third‑party risk management efforts as assigned. Helping support the firm security awareness training program as assigned. Helping support the firm's IT Compliance efforts as assigned. Participating in IT Security on‑call rotation. Security Engineering & Architecture Advising and assisting with planning of security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control. Reviewing newly requested applications and SaaS and application changes for security impacts and possible remediation to address security risk. Actively participating in the enterprise Change Advisory Board (CAB). Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures. Helping to develop and contribute to security policies, standards and procedures. Qualifications Education/Experience Four‑year college degree preferred; equivalent experience will be considered. Minimum of three (3) years of experience in Information Security, or equivalent experience in IT-related fields with secondary security responsibilities. Technical Skills Experience and understanding of Windows, Unix/Linux, and Active Directory. Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, and routing protocols. Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security, and cloud security. Proficient in Windows operating systems, Microsoft Office Suite, and related software. Skilled in leveraging artificial intelligence tools for daily work. Strong remote collaboration capabilities. Communication & Writing Communicate complex technical information clearly to non-technical audiences. Excellent oral and written communication, including reports, business correspondence, and procedure manuals. Effective presenter to diverse groups, including managers, clients, and the public. Ability to identify and apply the appropriate method of communication. Professionalism & Judgment Strong personal initiative, judgment, and professionalism. High level of confidentiality and discretion. Exceptional client service for both internal and external stakeholders. Problem‑Solving & Strategic Focus Strong problem‑solving skills and strategic thinking. Ability to define goals, prioritize tasks, and follow through to achieve results. Detail‑oriented with excellent organizational and time‑management skills. Capable of handling multiple tasks in fast‑paced environments. Flexibility & Commitment Reliable, dependable, and motivated. Flexible to work additional hours as needed. Willingness to travel (1-4 weeks per year, or more if required). The anticipated base salary for this position is $122,000 to $160,000. The actual base salary offered will depend on a variety of factors, including, without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. The firm may provide a discretionary bonus annually. Arnold & Porter is an equal opportunity employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex, pregnancy and childbirth (including breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state or federal laws, rules or regulations. Our Firm's equal opportunity policy applies to all employment practices and terms and conditions, including, without limitation, recruitment, employment, assignment, training, compensation, benefits, promotions, disciplinary action and terminations. For purposes of the firm's Anti-discrimination and Anti-harassment Policies, the term "race" includes, without limitation, traits historically associated with race, including, but not limited to, hair texture and protective hairstyles, such as braids, locks, and twists. #J-18808-Ljbffr

Novacoast Staffing is currently assisting a financial government institution in its search for an experienced Firewall Security Engineer that is experienced in Palo Alto Firewalls for a contract role that is expected to go a minimum of 2 years with option to extend. This is a hybrid role with a few days onsite in Alexandria VA and a pay range of 60-68/ hour. To qualify for this role, you must be able to pass an extensive federal background check. Qualifications To qualify for this position, you must have at least 5 years of experience with Palo Alto Next Generation firewalls, Zero Trust, and strong knowledge of advanced firewall features such as Wildfire, App-ID, User-ID, Global Protect, Security, and NAT policies, within Cloud environments. Responsibilities In this role, you will be responsible for the design, administrations, and management of Palo Alto Firewalls using Centralized Panorama Management. You will also be responsible for configuration and troubleshooting IPSEC site-to-site VPNs and SSL decryption on Palo Alto Firewalls. Requirements 5+ years experience with Palo Alto next-generation Firewalls and working in cloud and Zero Trust environments Strong knowledge of advanced firewall features such as Wildfire, App-ID, User-ID, Global Protect, Security and NAT policies Expert level knowledge in the design, administration of Palo Alto Firewalls using Centralized Panorama Management Expert level knowledge in configuration and troubleshooting IPSEC Site-to-Site VPNs US Citizenship is required due to the position being with a Federal Client If this role is aligned with your next career move, submit your resume today for immediate consideration! Job Type: Contract Pay: $60.00 - $68.00 per hour #J-18808-Ljbffr

A leading cybersecurity firm is seeking an Information Systems Security Engineer (ISSE) to support secure, mission-focused information systems in a high-impact government environment. The ISSE will work on cybersecurity controls design, implementation, and maintenance, ensuring systems meet federal requirements. The ideal candidate will have 3-5 years in cybersecurity, TS Clearance, and practical experience with NIST RMF as well as familiarity with various security tools. This role offers the opportunity to contribute significantly to the security of government missions. #J-18808-Ljbffr

A technology firm is seeking a Software Engineer to design, develop, and integrate secure computing environments supporting critical mission objectives. The role requires experience in full-stack development, AWS services, and Infrastructure-as-Code tools. Ideal candidates will collaborate with cross-functional teams and possess strong scripting skills. Preferred certifications include AWS Certified Solutions Architect. This position is based in Washington, D.C. #J-18808-Ljbffr

Staffing Pros, a division of VETS Inc., is recruiting for a full-time Qualys Security Engineer onsite in Washington, DC or Beltsville, MD. This position requires an Active Secret Clearance. The Senior Qualys Security Engineer will support our customer's enterprise vulnerability management initiatives. This role involves maintaining and optimizing Qualys toolsets, performing vulnerability assessments, and working collaboratively across technical teams to strengthen organizational cybersecurity posture. This position is based on-site at either the Washington, DC or Beltsville, MD office, with occasional travel between the two locations. What you'll do: Oversee day-to-day management of the Qualys platform including agents, scanners, and connectors. Optimize scan configurations, authentication methods, and template deployments. Review and interpret scan results to generate actionable intelligence for technical and non-technical audiences. Partner with infrastructure, development, and SOC teams to validate findings and drive remediation efforts. Automate tasks using Qualys APIs and custom scripts to support reporting and data integration. Maintain an up-to-date asset inventory through discovery and classification workflows. Minimize false positives through tuning and validation. Conduct policy compliance assessments in support of regulatory frameworks. Provide guidance and mentorship to junior analysts in vulnerability management best practices. Required Qualifications 5+ years of hands-on expertise with Qualys. Must be able to commute to Beltsville, MD or Washington, DC for full-time onsite work. Secret clearance with the ability to obtain a Top Secret clearance is required. Proficiency in scripting (Python, PowerShell, or Bash). Familiarity with network protocols, OS security (Windows/Linux), and web application vulnerabilities. Understanding of compliance standards and frameworks (e.g., NIST 800-53, CIS Controls, ISO 27001.) Qualys Vulnerability Management & Policy Compliance. Qualys Web Application Scanning. Automation using Qualys APIs. Network architecture and protocol knowledge. Database and OS-level security. Vulnerability lifecycle and remediation strategies. Excellent written and verbal communication. Strong problem-solving and analytical mindset. Ability to operate independently or as part of a multi-disciplinary team. Solid documentation and reporting practices. Experience engaging with cross-functional stakeholders. US Citizenship is required. Preferred Qualifications Professional certifications: CISSP, CEH, GIAC, or equivalent. Exposure to other scanning tools (e.g., Tenable, Rapid7). Familiarity with public cloud security models (AWS, Azure, GCP). Experience with configuration management tools and CI/CD pipelines. Background in system administration, network engineering, or DevSecOps. EEO Statement Staffing Pros a division of VETS-inc is an Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

Job ID 2025-13054 # of Openings 1 Category Cyber Benefit Type Salaried High Fringe/Full-Time LMI is seeking an Information System Security Officer (ISSO) to support our Department of Homeland Security (DHS) market. LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed. Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors-helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value. Responsibilities Acquire and manage all necessary documentation/artifacts, including cybersecurity support and resources, to support IT cybersecurity goals and objectives from a risk management perspective. Advise senior management on system risk levels and cybersecurity posture for cloud-based environments Assist in the deployment, architecture and configuration of security controls of deployed systems with Cloud Architects Ensure that developed systems and architectures are consistent with all applicable DHS cybersecurity policies and guidelines. Perform Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute. Provide input on cybersecurity requirements and collect and maintain data needed to meet system cybersecurity compliance reporting. Provide subject matter expertise for Risk Management Framework (RMF) activities and related documentation to support system accreditation / Authority to Operate (ATO) requirements. Interpret noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). Coordinate with geographically-distributed, multi-discipline teams to ensure compliance with all applicable requirements for cybersecurity are addressed. Ensure that plans of action and milestones (POAM) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. and support necessary remediation/compliance activities. Participate in recurring cybersecurity working group meetings. Oversee and manage A&A activities to support their respective systems and security activities. Work with program ISSOs and ISSMs to effectively aggregate technical details for government leadership including the cybersecurity lead, project managers, program managers to facilitate succinct and effective risk discussions and provide understanding of respective program risks. Provide security support and evaluation to development teams to integrate information assurance/cyber security and remediate vulnerabilities throughout the System Life Cycle Development. Lead the development, review and management of system Assess and Authorize documentation to ensure it is compliant with RMF standards. Develop guidance and assists associates through the RMF phases. Participate in ATT and ATO activities Support the organization's program that implements information systems security technology and procedures. Review DHS policy and develop local policy and procedures that implement the DHS Cybersecurity subprograms and initiatives. Create and submit Plan of Actions & Milestones (POA&M) for review and approval by the Authorizing Official (AO) Qualifications Required Qualifications Bachelor's degree in a related field or equivalent experience. 8+ years demonstrated SP 800-37 RMF, NIST 800.53 experience Familiarity with cybersecurity tools such as Aquasec and Sonar Qube Must possess a Security + certification Experience developing or ensuring development adheres to cybersecurity requirements and best practices (e.g., NIST controls) Familiarity with commercial off-the-shelf solutions for specific security capabilities DHS/CBP background investigation highly preferred Desired Qualifications Exposure to AWS, Azure and Google Cloud Host Base Security System (HBSS), Tenable Nessus Vulnerability Assessment, EMASS Disclaimer: The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances. Target Salary Range- $119,813.31 - $189,000 LMI is an Equal Opportunity Employer. LMI is committed to the fair treatment of all and to our policy of providing applicants and employees with equal employment opportunities. LMI recruits, hires, trains, and promotes people without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable federal, state, or local law. If you are a person with a disability needing assistance with the application process, please contact Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Need help finding the right job? We can recommend jobs specifically for you! Click here to get started.

Clearance: Active Secret Employment Type: Full-Time We are seeking a Principal Cloud Security Engineer to lead the design, automation, and enforcement of security across large-scale federal cloud environments. This role focuses on cloud security architecture, DevSecOps automation, and secure platform enablement in a multi-cloud ecosystem. The ideal candidate is highly technical, self-directed, and comfortable operating as the senior security authority for cloud platforms. You will define secure patterns, implement guardrails at scale, and embed security directly into infrastructure and CI/CD pipelines. Key Responsibilities: Cloud Security Architecture: Design and guide secure architectures across AWS, Azure, and GCP, including GovCloud and restricted environments Define and enforce security baselines aligned with NIST 800-53, FedRAMP, and CIS Benchmarks Lead threat modeling, architecture reviews, and secure design guidance for cloud workloads DevSecOps & Automation: Build and maintain Infrastructure as Code using Terraform (preferred) and cloud-native tooling Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning, container scanning) Implement policy-as-code guardrails using tools such as AWS SCPs, Azure Policy, and cloud-native governance services Develop automated remediation and enforcement workflows to reduce manual security effort Governance, Compliance & Visibility: Embed compliance controls directly into cloud infrastructure and pipelines to support ATO efforts Partner with compliance teams and auditors on evidence collection and continuous monitoring Implement centralized logging, monitoring, and incident response across cloud environments Technical Leadership: Serve as the senior cloud security SME for engineers, architects, and stakeholders Mentor engineers on secure cloud development and DevSecOps practices Translate complex security concepts to both technical and non-technical audiences Required Qualifications: Active Secret clearance 8+ years in cybersecurity or cloud engineering, including 5+ years focused on cloud security Deep hands-on experience securing AWS, Azure, or GCP (experience in at least two preferred) Strong Infrastructure as Code experience (Terraform strongly preferred) Experience integrating security into CI/CD pipelines (GitHub Actions, GitLab, or similar) Proficiency in Python, Go, PowerShell, or Bash Strong understanding of IAM, networking, encryption, key management, and cloud-native security services Ability to operate independently and define security priorities without daily direction Preferred Qualifications: Experience securing GovCloud, DoD IL5/IL6, or other regulated cloud environments Kubernetes and container security experience Zero Trust architecture implementation experience ServiceNow integrations for security workflows Cloud security certifications (AWS Security Specialty, Azure Security Engineer, etc.) What Makes This a True Principal Role: Highly hands-on and deeply technical Owns security outcomes rather than executing predefined tasks Heavy DevSecOps and IaC focus Large-scale, multi-cloud environment Architecture and influence matter as much as implementation

Conviso Inc is looking for ISSO Officer for onsite Job. This role comes with benefits, 401K & some accrued PTO. The Ideal must have hands-on technical and analytical experience supporting the RMF lifecycle, cybersecurity monitoring, continuous authorization, and security control assessments. Are you open to new opportunities & could this be of interest? On Site Job at 3 locations - Albuquerque NM, Las Vegas NV, Germantown MD Active Top-Secret Clearance Required Title: Information System Security Officer (ISSO) Minimum 3 years as an ISSO Required Skills: ISSO personnel must understand and interpret data from security tools and apply NIST frameworks with precision. Capabilities include: Proficiency in NIST SP 800-37, 800-53, 800-60, FIPS 199, CNSSI 1253. Ability to perform risk assessments, system categorization, and control selection. Experience with eGRC tools (e.g., Archer) for documentation, continuous monitoring, and POA&M management. Responsibilities: Prepare: Support enterprise, mission, and system-level RMF readiness, establish tailored baselines, identify assets, assess risks, and determine system placement in the enterprise architecture. Categorize Information Systems: Perform FIPS 199 categorization, develop SSP subsections, register systems, and ensure early engagement with developers to integrate cybersecurity impact analysis. Select Security Controls: Document, implement, and validate selected controls, incorporating security architecture, privacy requirements, and common control inheritance. Assessment: Develop assessment plans, test controls, produce SARs, document findings, and support POA&M development. Data Calls: Provide timely and accurate evidence and responses using approved tools. Internal & External Assessments: Support audits, collaborate with internal and external partners, and perform self-assessments. Program-Level Documentation Support: Maintain program policies, adjudicate comments, and assess the impact of federal directives and legislation.

** DO NOT APPLY IF YOU DO NOT HAVE AN ACTIVE SECRET CLEARANCE AND A CISSP** Location: Suitland, MD - Full-Time, On-Site Salary Range: $130,000 - $140,000 annually . Who We Are RCG is a fast-growing federal contracting firm proudly Certified as a Great Place to Work. We are committed to fostering a culture of innovation, inclusion, and excellence. At RCG, we deliver technology and mission support services that help government agencies succeed. We are currently seeking a Deputy Information Assurance Engineer / Deputy Information Systems Security Officer (Deputy ISSO) to support our federal government customer in Suitland, MD. This position is fully on-site and supports mission-critical systems within the JPSS/LCCS program. Please note: Due to the secure nature of this government agency, all candidates must be U.S. Citizens and able to successfully pass the required background investigation. The Opportunity This role is ideal for a senior Information Assurance professional who will serve as a Deputy ISSO and team lead, supporting authorization, compliance, and continuous monitoring activities for NOAA JPSS/LCCS systems. The Deputy ISSO will provide leadership to junior ISSOs, maintain system ATOs, and collaborate closely with multiple technical and operational teams to ensure a strong and compliant security posture. The successful candidate will play a key leadership role across A&A, POA&M management, Continuous Monitoring, change control, and incident response activities. What You'll Do Deputy ISSO / Team Lead Responsibilities Serve as Deputy ISSO Team Lead, advising, mentoring, and training junior ISSOs on security and compliance activities. Provide guidance on RMF, FISMA, and program-level security processes. JPSS/LCCS A-ISSO Responsibilities Maintain and support ATO packages for NOAA 5042 and NOAA 5065-1 systems. Lead Assessment & Authorization (A&A) documentation reviews, updates, and Security Control Assessment (SCA) activities. Work closely with OMS, LGSS, FVTS, MSC, and GP Security teams to maintain and improve overall program security posture. Lead weekly cross-contract POA&M and security operations management meetings. Participate in and vote during Mission Change Control Boards (CCBs) for system modifications. Lead JPSS/LCCS Continuous Monitoring working group meetings. Serve as Chair of the program SSID documentation review board. Assist in incident response activities, working directly with operational and cybersecurity teams. Maintain strong working relationships with Federal clients, including System Owners, ISSOs, Flight, and Operations personnel. Required Qualifications Active Secret clearance (REQUIRED). Bachelor's degree in a relevant technical field. Minimum 8 years of experience in Information Assurance, Information Security, or ISSO-related roles. Demonstrated experience supporting RMF, FISMA, ATO, and Continuous Monitoring activities. Proven leadership experience mentoring or leading junior security staff. Strong ability to collaborate across multiple technical, operational, and security teams. Excellent written and verbal communication skills. Certifications (Required) CISSP Physical Demands The physical demands described here are representative of those required to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. EEO Statement RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on race, color, religion, sex, sexual orientation/gender identity, or national origin.

This position will support GSM-O II Task Number 07 (TN07), which provides support to the DoD Cyber Defense Command (DCDC). DCDC provides network operations and defensive cyber operations support to the United States Cyber Command in support of the DoD. The selected candidate shall provide analysis that provides 24 hours per day x 7 days per week x 365 days per year support DCDC Operations Center, providing command, control, and defensive cyber operations (DCO) functions across the Combatant Commands, Service Cyber Components, Agencies, and Field Activities in addition to 24/7 coordination with USCYBERCOM and other partner agencies. Primary Responsibilities Lead the DCDC Fusion Analyst team including employee engagement, training, performance reviews, and all other Leidos employee needs. Includes mentoring, assigning and reviewing work and planning/scheduling to ensure milestones are completed in accordance with the program work statement. Identify problems, determine accuracy and relevance of a broad range of technical information. Use sound judgment to generate, evaluate, and execute alternative courses of action. Produce timely, effective, decision-quality technical recommendations to support senior leadership. Serve as a lead for planning, coordination, implementation, validation, mitigation, and compliance of cyber operations/intel security tasks. Leverage an array of network monitoring and detection capabilities (including netflow, custom application protocol logging, signature-based IDS, and full packet capture (PCAP) data) to identify cyber adversary activity. Support the development of Cyber Fusion standard operating procedures (SOPs), and Cyber Fusion Framework and Methodology based on industry best practice and department of defense instruction, guidance, and policy. Identify threats to the enterprise and provide mitigation strategies to improve security and reduce the attack surface. Perform analysis by leveraging serialized threat reporting, intelligence product sharing, OSINT, and open-source vulnerability information to ensure prioritized plans are developed. Analyze and document malicious cyber actors TTPs, providing recommendations and alignment to vulnerabilities and applicability to the enterprise operational environment. Discover adversary campaigns, anomalies and inconsistencies in sensor and system logs, SIEMs, and other data. Analyze and track vulnerability disclosure program (VDP) incidents as it relates to intelligence reporting. Identify, investigate and rule out system compromises, with the capacity to provide written analytic summaries and attack life cycle visualizations. Provide risk assessments and recommendations based on analysis of technologies, threats, intelligence, and vulnerabilities. Offer recommendations to adjust enterprise or tactical countermeasures to for threats impacting the DODIN. Collect analysis metrics and trending data, identify key trends, and provide situational awareness on these trends. Provide guidance regarding the use of OSINT techniques in the pursuit of investigatory requirements. Perform quality assurance duties on behalf of JDOC leadership, ensuring that SIGACTs are compliant with JDOC policies, as well as ensuring that all information is captured before closure. Required Qualifications Active DoD TS/SCI Clearance and eligible for polygraph. DoDD 8570 IAT Level II Certification (SEC+, CySA, GICSD, etc.). Bachelor's degree in related discipline and 12+ years of related experience. Additional experience may be accepted in lieu of degree. Strong communications and interpersonal skills. Proficient in Microsoft Office applications (Word, Excel, Outlook, PowerPoint). Proficient in Windows 7/8/10/11. Ability to work in a virtual environment like Microsoft Teams. Experience working with members of the Intelligence Community (IC) and knowledge and understanding of Intelligence processes. In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies. Proficiency with datasets, tools and protocols that support analysis (e.g. Splunk, CMRS, VDP, passive DNS, Virus Total, TCP/IP, OSI, WHOIS, enumeration, threatindicators, malware analysis results, Wireshark, Arcsight, etc.). Experience with IC repositories (Pulse, TESTFLIGHT, etc.) Experience with various open-source and commercial vendor portals, services and platform that provide insight into how to identify and/or combat threats or vulnerabilities to the enterprise. Proficiency working with various types of network data (e.g. netflow, PCAP, custom application logs). Preferred Qualifications Experience with the DODIN and other DoD Networks. Familiarity with DoD portals and tools (RAMs, IKE, JCC2, etc.) Experience with proprietary OSINT Sources (Mandiant, Recorded Future, Shodan, etc.) Skilled in building extended cyber security analytics (Trends, Dashboards, etc.). Demonstrated experience briefing Senior Executive Service (SES) and General Officer/Flag Officer (GO/FO) leadership. Experience in intelligence driven defense and/or Cyber Kill Chain methodology. IAT Level III or IAM Level II+III Certifications Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr

Evolver Federal is seeking a Senior Security Engineer to fulfill a requirement for a potential government client. The Senior Security Engineer is responsible for designing, implementing, and maintaining advanced security solutions to protect federal systems and data. This role prioritizes continuous monitoring, FISMA compliance, and OIG audit readiness while engineering secure architectures, integrating cybersecurity technologies, and ensuring adherence to federal standards such as NIST 800-series, RMF, and TIC 3.0. The Senior Security Engineer will work closely with SOC teams, architects, and program managers to deliver robust security capabilities across cloud (AWS GovCloud, Azure Government), on-premises, and hybrid environments. This position requires deep technical expertise, hands-on experience with security tools, and the ability to lead engineering efforts for mission‑critical systems in highly regulated environments. Responsibilities Design and implement security solutions for enterprise and federal environments, ensuring compliance with RMF and NIST guidelines. Engineer secure configurations for SIEM, SOAR, EDR, and vulnerability management platforms. Support Tier 2/3 SOC analysts by developing advanced correlation rules for Splunk and optimizing detection workflows. Support SOC operations by integrating advanced detection and response capabilities. Conduct security assessments, penetration testing, and risk analysis for critical systems. Implement continuous monitoring and automated compliance reporting to meet Department of Labor and federal requirements. Develop and maintain security engineering documentation, including system security plans and architecture diagrams. Collaborate with architects and program managers to align security engineering with strategic objectives. Lead efforts to integrate security into DevSecOps pipelines and CI/CD workflows. Provide technical expertise during incident response and forensic investigations. Evaluate emerging technologies and recommend enhancements to improve security posture. Define and track measurable outcomes such as MTTR reduction, SLA adherence, compliance score improvements, and false positive reduction to meet performance‑based contract KPIs. Coordinate with federal stakeholders (CISO, ISSOs, AO) and provide audit support for ATO processes. Ensure adherence to performance‑based contract requirements and federal cybersecurity mandates. Basic Qualifications Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience, or 4 years' experience in IT Solutions at senior management Certified Information Systems Security Professional (CISSP) mandatory with Information Systems Security Engineering Professional (ISSEP) concentration Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended) Information Technology Infrastructure Library (ITIL) 4 Foundation 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical contract/BPAs US Citizen with the ability to pass a comprehensive government background check Preferred Qualifications Master's degree in cybersecurity, IT, or a related technical field Experience supporting SOC operations in federal or regulated environments Familiarity with RMF, NIST 800-series, OMB A-130, and TIC 3.0 Proven leadership in cross‑functional teams and performance‑based contracts Strong communication skills, including executive briefings and incident reporting Hands‑on experience with SIEM (Splunk, Elastic), SOAR (Cortex XSOAR), and EDR (CrowdStrike, Microsoft Defender). Expertise in cloud security engineering (AWS, Azure, GCP) and container security (Kubernetes, Docker). Familiarity with Zero Trust Architecture principles and implementation strategies. Familiarity Continuous Diagnostics and Mitigation (CDM). Experience with PKI, encryption standards, and secure network design. Knowledge of automation tools for security orchestration and compliance reporting. Ability to lead technical teams and mentor junior engineers in cybersecurity best practices. Experience integrating security controls into large-scale federal systems and mission‑critical applications. Understanding of advanced threat detection techniques and AI‑driven security solutions. Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law. Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. #J-18808-Ljbffr

A tech solutions provider based in Washington is seeking an experienced Information Assurance Engineer / Security Manager to lead the development and management of security infrastructure. The ideal candidate will have 15+ years in information security, overseeing security projects, and enhancing compliance. Strong leadership and communication skills are essential for mentoring a high-performing team. This role offers an opportunity to impact the security strategy and operations significantly. #J-18808-Ljbffr