Cyber security analyst jobs in Hoover, AL

Bellatrix-Latin for "Female Warrior" Owned and operated in a HUBZone, with over 25 years in the HR, Talent Acquisition and Government Contracting. Like the Bellatrix Star in the Orion Constellation, our Team Members are the Brilliance of the company, and are all shareholders, leading the company to success. Bellatrix prides itself on being a Small Woman Owned HUBZone company. We believe big does not equal best. By staying small, we can focus on agility, efficiency, and our people. At Bellatrix we believe in advancement from within through training, mentorship, innovation and truly being a family. Bellatrix believes in excellence in customer service, and catering to the customer's needs. We realize not everyone fits into a box, and we think outside of the box to ensure, affordable and outstanding services. Human Resources, Retention and Recruiting, and Medical Coding/Billing are the HRM of Bellatrix. Come and join our team, where you are a team member and shareholder, working together for growth. Bellatrix has the current position open as a direct W2, Fulltime position for one of our top clients in the Huntsville, AL Market. This position requires a Secret Clearance and is on location with the Missile Defense Agency Title: Cyber Security Analyst Location: Onsite-Huntsville, AL Program: MDA, C3BM and C2BMC Number of Openings: 2 Immediate Direct Hire Clearance: Secret Travel: 25% Salary Range: $150,000-165,000, DOE General Overview: Command, Control, Communications, and Battle Management (C3BM) cyber engineering efforts include engaging in Command, Control, Battle Management, and Communications (C2BMC) technical engineering and integration, future concepts, new functionality, and multi-national exchange designs. Cyber engineering tasking includes participation in reviews and assessments of C2BMC cyber security and documentation. Collaboration with MDS stakeholders is required to prepare C2BMC cyber products as part of the engineering objectives documentation and analysis processes as related to Defense Of Guam (DoG).Other activities include participation in engineering meetings, presenting engineering product development updates, providing analysis and failure review summaries. Responsibilities: Understand cybersecurity aspects of systems engineering development, as well as DoD cybersecurity requirements, and be capable of recommending changes to the Government about the contractor's system engineering development process. Perform cybersecurity risk assessment reviews to include changes, modifications, and/or updates of software and/or hardware to individual information systems and/or enterprise environment. Familiarity with Configuration Management to include oversight and engineering assessments of Cybersecurity fixes, patch development, and pre-release testing in support of DoG. Performing cybersecurity risk assessment describing the posture of an individual information systems through an enterprise architecture in support of DoG. Will directly support the Software Assurance program for C2BMC. Includes ability for assessments of code reviews and approvals/disapprovals of software products for use on Mission, Training and Test/Development C2BMC systems is support of DoG Requirements: Bachelor's degree in STEM program: Computer Science, Information Technology, Network Engineering or other similar program 5+ years of Related Experience Secret Clearance Familiarity with MDS cyber capabilities and policy Familiarity with Missile Defense Agency, Ballistic Missile Defense System, and/or C3BM Program Office work efforts Security +, CE with a preferred certification level of CISSP Ability to work independently within a dynamic environment Apply cyber engineering and solutions to support real-world test, integration, and operations Work within a collaborative environment composed of Government, prime contractor, sub-contractor and supporting contractor personnel in a badge-less contractor environment Bellatrix is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Description or Huntsville, AL - Redstone Arsenal (On-site) Clearance Required: Active Secret Clearance (or higher) Travel Required: Up to 10% LaunchTech is seeking a Mid-Level Cyber Threat Emulation Analyst to support the Missile Defense Agency (MDA). In this role, you will strengthen enterprise cyber defenses by conducting threat emulation, vulnerability analysis, incident response, and cyber operations assessments. You will contribute directly to improving the agency's defensive posture while mentoring analysts and executing cyber threat emulation engagements aligned with real-world adversary tactics. What You'll Do As a Mid-Level Cyber Threat Emulation Analyst, you will: Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM) Perform cybersecurity duties on customer networks to improve enterprise-wide security posture Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to determine operational impacts and strengthen defensive posture Support the development, review, and updates of DCO procedures, processes, manuals, and other documentation Measure defense-in-depth effectiveness against known vulnerabilities Generate vulnerability assessment reports and escalate findings for review Support enterprise Incident Response in accordance with DoD regulations and instructions Lead cyber events and incident investigations from start to conclusion, including data gathering, analysis, and reporting Instruct, evaluate, and mentor analysts at junior, mid, and senior levels; support development of exploitation analyst training plans Receive, review, and implement Higher Headquarters Tasking Orders (HHQ) and Fragmentary Orders weekly Perform Cyber Threat Emulation (CTE) actions using Automated Security Validation toolsets per HHQ direction Execute CTE actions within approved network zones using specific adversary tactics, techniques, and procedures (TTPs) Create dashboards and reports communicating post-engagement analysis, vulnerabilities, recommended remediations, system security posture assessments, and incident response results Draft and submit Cyber Tasking Orders (CTOs) to address findings discovered during CTE engagements Collaborate with the Cyberspace Domain Awareness (CDA) team to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices What You Bring Basic Requirements: Must have 6, or more, years of general (full-time) work experience Must have 4 years of combined experience with: Performing manual or automated penetration tests in an enterprise environment Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments Experience performing the full life cycle of incident response and enterprise-level monitoring Must have 1 year of experience in management or leadership in a team environment Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) (CySA+, GICSP, GSEC, Security+ CE, SSCP) Must have, or obtain within 6 months of start date, a PenTest+ certification Must have an active DoD Secret Security Clearance Desired Requirements: Have a Bachelor's degree, or higher, in Cybersecurity, Computer Science, or related field Have experience with Cyber Threat Emulation tools, policies, and procedures Have experience operating custom software on a Linux platform Have experience with security analysis and solutions in WAN/LAN environments (Routers, Switches, Network Devices, Windows, Linux) Have experience with SOC/DCO tools including Firewalls, Intrusion Detection/Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc. Have experience performing security compliance scans across a WAN (ACAS/Nessus preferred) Have a background in configuration, troubleshooting, and deployment of host-based security (ESS preferred) Be able to mentor and train personnel in a high-paced environment Be familiar with DoD Security Operations Centers (SOC/CSSP) Be familiar with DCO/CSSP-guiding security policies and procedures Have an active DoD Top Secret clearance Why LaunchTech? At LaunchTech, we don't just fill seats, we bring in people who want to make an impact. We deliver Excellence, Period. You will join a mission-driven team where your expertise directly strengthens national defense and advances cybersecurity excellence. We offer competitive benefits, including: Medical, Dental, and Vision coverage 401(k) with company match Paid Time Off (PTO) Opportunities to make a meaningful impact while advancing your career And more Ready to Join the LaunchTech Crew? If you're ready to apply your cyber expertise to mission-critical defense operations, we want to hear from you. LaunchTech is an Equal Opportunity Employer. We prohibit discrimination and harassment of any kind. All qualified applicants will receive consideration for employment without regard to race, protected veteran status, color, sex, religion, sexual orientation, national origin, disability, genetic information, age, pregnancy, or any other status protected under federal, state, or local law. Powered by JazzHR CkYm1Mbb4K

Job Title: Mid-Level Cybersecurity/Watch floor Analyst Clearance: MUST CURRENTLY POSSESS AND ACTIVE TOP SECRET CLEARANCE Noetic is currently seeking a motivated and detail-oriented Mid-Level Cybersecurity/Watch Floor Analyst to join our growing security team. In this junior-level role, you will play a key part in protecting our organization's digital assets by assisting in the detection, analysis, and response to cybersecurity threats and incidents. The ideal candidate will have foundational knowledge of security principles and a strong interest in security operations, with hands-on experience or coursework involving Splunk. BASIC QUALIFICATIONS: Minimum of 5 year of Splunk/SOC experience. Bachelor's in a computer science related field Active Top Secret Clearance Ability and willingness to do shift work MAIN RESPONSIBILITIES: Responsible for monitoring computer networks for security issues. Investigating security breaches and other cybersecurity incidents. Document security breaches and assess the damage they cause. Work with the security team to perform tests and uncover network vulnerabilities, such as penetration testing. Fix detected vulnerabilities to maintain a high-security standard. Recommend best practices for IT security. Installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs. Must be capable of conducting analysis, confirming intrusion information and creating a forensically sound duplicate of the files. Decrypts data and provides technical summaries and input. Examines recovered data for relevant information and performs dynamic analysis to include timeline, statistical, and file signature analysis. Performs real-time cyber defense handling tasks to support deployable Incident Response Teams (IRTs). PREFERRED QUALIFICATIONS Microsoft Sentinel GIAC Continuous Monitoring Certification (GMON) GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) GIAC Certified Intrusion Analyst (GCIA) GIAC Network Forensic Analyst (GNFA) Noetic Strategies Inc. offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Noetic Strategies Inc. is an equal opportunity and affirmative action employer that does not discriminate in employment. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status. Noetic Strategies Inc. endeavors to make ************************ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact noeticstrategies.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Cyber Security Analyst - (2400000X) Description AL-KHOBAR, KINGDOM OF SAUDI ARABIA Cyber Security Analyst Department Information Technology Institution Prince Mohammad bin Fahd University Reports to Manager - Cyber Security introduction The Cyber Security Analyst at Prince Mohammad bin Fahd University protects the university's digital assets, network, and data by identifying vulnerabilities, monitoring threats, and enforcing security measures. This role ensures compliance with security policies, supporting a safe environment for research and academic activities. Job Purpose The Cyber Security Analyst role is to safeguard the university's IT infrastructure by proactively monitoring, identifying, and addressing security threats. This position involves implementing security measures, responding to incidents, and ensuring compliance with security policies to protect data and maintain the integrity of university systems. The analyst plays a key role in supporting a secure environment for all digital and academic activities. Duties and Responsibilities Major Duties/ Responsibilities: · Monitor all networks and computer systems to prevent, detect, and investigate security breaches. · Perform penetration testing to ensure the company's networks are free of bugs that malware authors can take advantage of. · Design and implement multilevel security strategies to protect networks and data resources. · Plan computer and network security upgrades and test hardware and software related to the upgrade. · Stay up to date on new information technologies and apply those innovations in the company's security standards and best practices. · Lead analysis of current architecture, risk exposure and defining mitigation measures in order to develop suitable recommendations. · Highlight Cyber Security threats and prepare the official reports. · Lead assessments of company's security posture including benchmarking/maturity assessments. · Lead design of cyber security solutions and development of detailed technical specifications for the approved designs. · Lead implementation, integration and testing of approved security solutions. · Provide specialist technical support and address technical problems related to applications and production equipment to ensure any complex/escalated issues are handled with no or minimal downtime. · Oversee/perform preventive maintenance as per schedule to ensure relevant security systems/processes remain fit for purpose. · Provide subject matter expertise for cyber security related projects throughout its lifecycle to ensure delivery is as per plan/budget and client/TCC expectations. · Prepare and deliver technical presentations for successful project delivery · Lead cybersecurity evaluation and configuration review services · Anticipate future problem areas by monitoring workflows and network traffic patterns. · Prepare and perform cyber security awareness activities. · Prepare work papers documenting procedures performed and that fully support audit findings. · Assist IT operational audits in accordance with the annual audit plan. · Follows up the action plan progress (such as penetration tests, vulnerability scans) and ensures that recommendations are implemented in a timely manner · Assist staff members when they need help with security products and processes. Job-Specific Skills: · Working experience in a SOC or NOSC environment · Must have strong working knowledge of information technology, including applications, networks and systems. · Knowledge in performing IT Audit reports · Experience in performing Risk Assessments reports. · Experience in developing Business Continuity Plans and Disaster Recovery Plans · Knowledge in the usage of vulnerability assessment and penetration testing tools · Knowledge of security attacks techniques, familiar with MITRE ATT@CK framework · Experience in using MS Office, MS Visio, Project Management tool. · Experience in project management, problem-solving, training/coaching, presentation skills, and conflict resolution skills. · General knowledge of ISO 27001, ITIL or other control frameworks · Experience in writing SOP's - operation manuals · Independent, motivated, and ambitious personality Qualifications & Experience (Required) Bachelor's degree in computer science, technology or computer engineering 5 to 8 years of experience in progressively more complex and responsible operational roles within a dynamic Enterprise function Certified CompTIA Security+, CEH, CCNA, CCNP, CISSP (preferred) Experience in Cisco ASA, WatchGuard, Juniper, CheckPoint Firewall Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture Experience in Patch Management and vulnerably assessment. Knowledge and understanding of relevant legal and regulatory requirements. Knowledge of common information security management frameworks. Experience in Information Security and NCA controls implementation. Having experience in IT, Operational IT, Cybersecurity, incident detection, incident response, and forensics. Maintain quality service delivery by adhering to company standards and best practices. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Familiarity with information technology concepts such as infrastructure, cyber security, and application controls. Great awareness of cybersecurity trends and hacking techniques. On-call network troubleshooting Knowledge, Skills and Abilities (Required) · Strong written and verbal communication skills · Strong focus on first time quality · Desire to grow technical skills and ability to learn new technologies swiftly · High attention to detail, self-starter, result driven · Ability to work in a cross-functional team · Professional, polite, and attentive while also being accurate · Always prepared and responsive, willing to meet each challenge directly · Teamwork · Problem solving, Leadership · Perseverance and motivation · Ability to work under pressure, Confidence · Managing ambiguity, Resilience · Analytical skills, IT skills Disclaimer PMU reserves the right to alter, amend and add responsibilities to this position in line with the institutional needs. Changes and amendments to this job description shall be within the academic framework and the general employment conditions. Primary Location: Al-KHOBARJob: AnalystOrganization: Information Technology DepartmentSchedule: Regular StandardJob Type: Full-time Job Posting: Feb 25, 2025, 9:10:34 AM

Support the Missile Defense Agency (MDA) with development and analysis of programmatic data for program management support, to include monitoring and reporting against the acquisition program baselines, and assistance with program oversight and execution briefings. Alternative responsibilities may encompass development and execution of acquisition strategies/plans, contract requirements packages (e.g., writing SOWs, CDRLs, special provisions, source selection evaluation plans) and supporting prime contract monitoring/management activities. CompTIA Certification Preferred. Certified Authorization Professional (CAP) certification (or ability to attain within 90 days after employment) Provide interpretation and execution of MDA Acquisition policy, directives, guidance, and instructions Provide program management support in developing, maintaining, and reporting against program baselines, gathering and analyzing programmatic data for internal Agency oversight reviews of programs (e.g., MDAR, DPR, PER, PMRs, internal reviews) Prepare briefings and correspondence in response to internal taskings and external RFIs (e.g., GAO/Congressional/DoDIG/DoD oversight organizations) Analyze acquisition requirements and provide recommendations during pre-solicitation phase through contract execution Support program and contract management processes through the preparation and/or review of acquisition and program management documentation, briefings, white papers, reports, metrics Provide support through all phases of the acquisition cycle with an emphasis on cybersecurity throughout the process Requirements Prior MDA experience preferred. Advanced level - Master's degree required and/or 15 years' experience Intermediate level - Bachelor's degree required and/or 10 years' relevant experience Knowledge and experience in acquisition, procurement, and contracting highly desirable Solid background in MS Office tools suite (e.g., Word, Excel, PowerPoint, Access) essential Must possess exceptionally strong communications and analytical skills, be a self-starter, detail oriented, work well with a team, interacts with multiple levels and functional areas and able to manage customer and contractor relationship SECRET or above Security Clearance required.

Job Title: Senior Cybersecurity Analyst Ready to be the digital bodyguard of a fast-moving financial organization? We're on the hunt for a Senior Cybersecurity Analyst who eats threats for breakfast and sleeps soundly knowing our systems are locked down tighter than Fort Knox. If you live for red alerts, thrive in the middle of incident response chaos, and can quote GLBA like it's your favorite movie, keep reading. You'll be our frontline of defense, leading investigations, outsmarting hackers, and keeping customer data safe and secure. Oh, and did we mention you'll be the go-to brain for junior analysts and a security Jedi across the organization? What You'll Be Doing: Watchdog Mode: Monitor and analyze alerts from SIEM, EDR, and intel feeds to identify threats before they make headlines. Incident Commander: Take the lead when things go sidewayscoordinate response, trace the threat, and lock it down. Vulnerability Sleuth: Sniff out weaknesses and help teams patch them before the bad guys can get in. Regulation Rock Star: Stay in the know on compliance standards like GLBA, PCI, SOX, and FFIECand help us stay ahead of the curve. Risk Whisperer: Work with audit, compliance, and risk teams to identify gaps and close them with smart, scalable solutions. Third-Party Sheriff: Help assess vendors and partners to make sure their security posture doesnt put us at risk. Drill Sergeant: Run pen tests, tabletop exercises, and what-if scenarios so were always battle-ready. Documentation Guru: Keep incident playbooks sharp, audits smooth, and risk assessments tight. Mentor-in-Chief: Share your know-how, guide junior team members, and raise the bar across Security Ops. ️ What You Bring: A degree in Cybersecurity, InfoSec, CS, or street-smart equivalent experience. 5+ years in the cybersecurity trenches, ideally within fintech, banking, or financial services. Mastery of regulatory frameworks (GLBA, PCI, SOX, FFIECyou know the drill). Command over SIEMs, EDR, firewalls, and vulnerability management tools. Solid grasp of Windows, Linux, cloud ecosystems, and secure network architecture. Bonus points for automation/scripting chops (Python, PowerShell, etc.) Experience working in a SOC or incident response team? Yes, please. Soft Skills That Set You Apart: A sharp mind and a calm hand in high-pressure situations. Confidence talking tech with engineers and clarity explaining risk non- tech execs. Integrity and confidentiality are second nature. Love for fast-paced environments where the stakes are high and the mission matters. This isn't just a job. It's a mission. If you're ready to lock shields, lead the charge, and make a real impact, let's talk.

+ This position provides support to the Grid Operations and Planning Research area within client Company's Research & Development. + The engineer will support projects and in time lead efforts to deploy and evaluate the performance of emerging technologies in this arena. + The position is focused on cyber-physical security research for Transmission and Distribution. + The engineer will support cyber-physical security projects with power system and cyber modeling, simulation, and analyses to identify and characterize threats, and vulnerabilities and develop mitigation approaches. + Data from various sources and analytics tools will be leveraged to develop models to characterize normal power system and cyber data to facilitate the identification of anomalous events. + Working knowledge of intrusion detection, risk assessment frameworks, databases, data structures, computer networking is required as well as an aptitude to apply engineering analysis to solve problems. **Description:** + This position supports the Schatz Grid Visualization and Analytics Center (SGVAC) within client Company's Research & Development department. + The SGVAC is an innovation center that facilitates the research, pre-operational development and assessment and demonstration of situational awareness technologies for Transmission and Distribution. + Areas of focus include synchrophasor technology, next generation control center functionalities, cyber security testing, new visualization approaches, DERMS platform evaluation, data analytics as well as modeling and simulation including via a Real Time Digital Simulator (RTDS) with hardware-in-the-loop testing capability. **Qualification Requirements** + Experience in cybersecurity, including cyber security modeling and simulation + Experience with intrusion detection and risk assessment frameworks is required + Experience in power system modeling and simulation + Experience with data analytics including machine learning required + Experience with computer programming (Python, C#, SQL) desired **Job Responsibilities:** + Develop research plan to evaluate new technology + Manage multiple tasks at one time + Provide documentation of study assumptions and methods used to arrive at results + Provide informative reports and presentations on projects + Some overnight travel may be required but this is not extensive. **Other Knowledge, Skills & Abilities** + Must demonstrate good communication skills, both internal and external to the company + Must have excellent organizational skills + Must possess analytical skills as well as the ability to manage multiple projects simultaneously + Must work well in a team environment + Must have the ability to manage your own work schedule and work with limited direction + Must have strong initiative - a self-starter + Must be great at problem solving **Education:** + Bachelors in computer science, computer engineering, cyber security, information systems, electrical engineering or related field required + Advanced degree in EE, computer science or other related fields strongly preferred. **About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), F-35 Cyber Security invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a cybersecurity professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other cybersecurity experts, related departments, and military members to support the military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This Information System Security Officer (ISSO) position will support the Information System Security Manager (ISSM) in developing, maintaining and overseeing the cybersecurity of assigned classified and/or unclassified F-35 systems at Dannelly Field ANGB, AL. Typical ISSO responsibilities include but are not limited to: Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems. Supporting the development and maintenance of cybersecurity related plans and procedures. Monitoring for non-compliance, anomalous activity (i.e., threats), and effectively reporting such activity and associated risks. Ensuring POA&Ms or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, corrective actions. Creating, collecting and retaining data to meet reporting requirements. Monitoring and correlating data (i.e., events) from a variety of sources (e.g., Splunk, ELA, ePO, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance. Investigating, analyzing and responding to cyber events, incidents and non-compliance, including trend analysis, creating detailed written reports and briefing the appropriate parties. Identifying, implementing and enforcing requirements for the proper handling and storage of Government data and electronic media. Conducting self-inspections and preparing for customer inspections. Interacting professionally during the enforcement of security policy and procedures. Assigned systems may vary in classification, capabilities and complexity. Mission requirements may require other than first-shift work and additional responsibilities as assigned. Who we are: Lockheed Martin is a Cyber Security pioneer, partner, innovator and builder. In support of our many customers, the amazing members of our team are responsible for providing all aspects of cybersecurity support in a complex environment. In a rapidly growing enterprise, this role offers the opportunity to grow and hone the unique skills and experiences required as a cybersecurity expert to create, design and build solutions to some of the world's hardest engineering problems. Why Join Us: Your Health, Your Wealth, Your Life With our employees as our top priority, we provide diverse career opportunities designed to propel development and boost agility. Our flexible schedules, competitive pay and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. At Lockheed Martin, we place an emphasis on empowering our employees by fostering innovation. We believe that by applying the highest standards of business ethics and visionary thinking, everything is within our reach - and yours as a Lockheed Martin employee. Lockheed Martin values your skills, training and education. Come and experience your future! #OneLMHot jobs #rmshotmiljobs Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program. Ability to obtain and maintain Special Access Program (SAP) access. Possess a valid certification that meets or exceeds DoD 8570.01-M IAT II requirements. Meets: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP Exceeds: CASP+ CE, CCNP Security, CISA, CISSP (or Assc), GCED, GCIH, CCSP Prior experience in a cyber workforce role, as categorized by the NICE or DoD workforce frameworks. Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role on one or more F-35 information systems. Prior experience ensuring compliance with applicable laws, regulations, guidance and policies as they relate to DoD cybersecurity and SAPs (e.g., DoDI 8510.01, JSIG, DoDM 5205.07, NIST SP 800 series). Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs). Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $93,200 - $164,450. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $107,300 - $185,840. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Job DescriptionSalary: Cyber Security Compliance Specialist Company: JS Solutions About Us: JS Solutions, LLC is a Huntsville-based, veteran-owned business dedicated to delivering innovative, mission-focused solutions to our government and commercial partners. Our team specializes in government acquisition support, cybersecurity compliance, and strategic business development. We are committed to helping our clients meet complex requirements with confidence and efficiency. Position Overview: JS Solutions is seeking a motivated and detail-oriented Junior Cyber Compliance Specialist to join our growing team in Huntsville, AL. This role is ideal for early-career professionals who are eager to build expertise in cybersecurity frameworks, with a focus on CMMC, NIST, and DoD compliance requirements. The successful candidate will support compliance initiatives, assist with documentation, and contribute to ensuring our clients achieve and maintain the highest standards of cybersecurity readiness. Responsibilities: Assist with the development, review, and maintenance of cybersecurity compliance documentation (policies, procedures, plans, and artifacts). Support compliance assessments against frameworks such as CMMC, NIST 800-171, DFARS, and FedRAMP. Collect and organize evidence to demonstrate compliance for audits and assessments. Track and update compliance tasks, ensuring deliverables are met on time. Conduct research on evolving federal cybersecurity requirements and provide recommendations to senior staff. Work closely with clients to understand compliance gaps and support remediation efforts. Provide administrative and technical support to senior compliance specialists. Qualifications: Bachelors degree in Cybersecurity, Information Systems, Computer Science, or related field; or equivalent work experience. 02 years of professional experience in cybersecurity, compliance, or IT (internships and academic projects accepted). Familiarity with cybersecurity frameworks such as NIST 800-171, CMMC, or ISO 27001 preferred. Strong organizational skills and attention to detail. Excellent written and verbal communication skills. Ability to work independently as well as part of a team. CompTIA Security+, Certified CMMC Professional (CCP), or similar entry-level certification. Prior experience supporting DoD or government cybersecurity programs. BENEFITS Health, Supplemental Health, Vision, and Dental Insurance 401K Matching Short-term and Long-term Disability Insurance Paid Time Off (PTO) Why Join JS Solutions? Be part of a fast-growing, veteran-owned company with a mission-driven culture. Gain hands-on experience with cutting-edge cybersecurity compliance projects. Competitive compensation and benefits package. Opportunities for professional development and career advancement. JS Solutions is an Equal Opportunity Employer that does not discriminate based on actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The management team is dedicated to this policy regarding recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, access to facilities, and general treatment during employment.

Job DescriptionSalary: Contingent on award, Ampersand Solutions Group ( AMPERSAND ) has a requirement for one or more Cyber Security Engineers who will support a critical DoD mission providing cybersecurity authorization support for systems, networks, and applications in a hybrid multicloud environment. Scope: Oversees the implementation of DoDD 8530.01, DoDD 8500.2, DoDI 8510.1, DoDI 8510.01, Risk Management Framework (RMF), and other applicable NIST and CNSS Information Assurance (IA) directives, instructions, and guidelines. Interfaces with DoD Information Assurance Management (ISSM) and case management. Capability to design, develop, and implement solutions that meet network and system security requirements. Will perform vulnerability/risk analysis on computer systems, networks, and applications. Leads and manages the implementation of required network security to properly safeguard all computer systems, networks, and software applications. Documents all in accordance with formal security and risk assessments and supporting artifacts associated with the DoD Designated Accrediting Authority and Certification Authority process. Drives cyber strategy and provides insight into all policy and technical decisions. Experience in providing Communications Security (COMSEC) Custodial Experience in testing to validate established security requirements, recommending security requirements and safeguards, supporting the formal testing required by government accrediting authorities, and preparing System Security Plans. Required Qualifications Minimum 0-10 years of relevant, related experience plus: Bachelors degree from an accredited institution in engineering, science, or other relevant field or: Associates Degree in a relevant field from an accredited institution plus 2 years relevant, related experience High School Diploma / GED from an accredited institution plus 4 years relevant, related experience Ability to obtain and maintain a DoD Security Clearance at the appropriate level DoD Instruction 8570.01M IA certification Willing to periodically travel in support of test events Desired Qualifications ACTIVE DoD SECRET or TOP SECRET Clearance Experience supporting the US Ballistic Missile Defense System Certified in relevant cybersecurity tools and processes Experience in obtaining ATOs in hybrid multicloud classified systems AWS, Azure, VMWare experience Necessary Qualifications Honesty, superior ethics Interpersonal savvy, excellent communication skills Ability to work as a team Initiative Positive attitude Professionalism

in Huntsville, Alabama. The qualified applicant will support systems development, deployment and sustainment life cycle performing Risk Management Framework (RMF) security activities as it pertains to the program SW and Customized OS and Network Infrastructure to include a large AGILE SW development and lab environment. They will perform security related tasks including, but not limited to; cyber interface with our ISSOs and ISSM, identification of applicable software security requirements, providing guidance to products to meet those requirements and mitigate potential vulnerabilities that will garner an Authority To Operate (ATO), and participate in all activities necessary to achieve the ATO. Candidate will assist with development of necessary documentation to support the baseline, STIG Checklists, and POA&Ms, and participate in technical interchange meetings. This position includes disciplines involving infrastructure, scripting and tools development, Cyber planning and implementation, automation, information assurance (IA)/security, operating system customization, and virtualization. Duties and Responsibilities * Security maintenance of systems running different Linux Distributions (RHEL 7-8.2, Ubuntu, Cent OS 7-8) and implementing technical Risk Management Framework requirements via STIG automated tools, manual STIG checks, NESSUS vulnerability scanner, and other various DoD approved tools. * Integration of GOTS/COTS products with systems, assisting with integrating tactical products within a test lab and development environment, helping to maintain the information assurance posture of the system, and formulating innovative solutions to problems as they arise. ?Required?Qualifications? * Bachelors Degree in STEM (Science, Technology, Engineering, or Math) discipline and 2 years experience or 5 years experience in lieu of degree * Current Security certification (e.g. Net+, Security+ or CISSP) * Ability to obtain DoD Clearance, therefore, U.S. Citizenship is required? * Up to 25% travel ? Preferred?Qualifications? * System Administration experience with the following: Red Hat Enterprise Linux / Programming and / or Scripting experience * Experience operating within a DevSecOps and Continuous Deliver/Continuous Integration culture * Experience operating within an AGILE development environment and culture * Linux (RHEL 8) administration experience * Experience with VMWare ESXi * Experience with Cisco networks. Specifically, Layer 2 and Layer 3 devices utilizing static and dynamic routing as well as virtual Interfaces * Experience integrating COTS, GOTS and custom software in a security constrained environment Employee Incentives:? 401K; Educational Assistance;?Casual?work environment; Generous PTO; Work-life balance; Upward Mobility; Relocation?

Job Description Parsons is looking for an amazingly talented Cyber Security Test Engineer to join our team! In this role you will get to maintain operations within the Missile Defense Agency (MDA) supporting the Ground Based Mid-Course Defense Program Office (GMD). What You'll Be Doing: Assist in Security Plans (SSPs) development, Interim Authority to Test (IATT), Authority to Connect (ATC) and, Authority to Operate (ATO) packages. Perform technical work utilizing the Risk Management Framework (RMF) process including analyzing and solving Information Assurance (IA)-related technical problems. Ensures that system security artifacts are developed, reviewed, and updated as needed. Confirm that all RMF requirements are properly addressed and required artifacts are loaded and managed within Enterprise Mission Assurance Support Service (eMASS). Demonstrated abilities to analyze complex problems, identify root causes, and develop actionable recommendations with effective solutions. Interface with other cyber teams to review RMF Contract Data Requirements Lists (CDRLs) and ensure timely delivery of CDRL artifacts, while providing feedback to ensure the sufficiency and quality of cyber artifacts. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. Perform vulnerability/risk analysis of systems using expertise in relevant information systems security. Track and monitor Plan of Action and Milestones (POA&Ms). Conduct reviews of cybersecurity artifacts and technical briefings and work with customer to resolve any findings. Ensure that identified security controls are implemented and operating as intended through all phases of the lifecycle. What Required Skills You'll Bring: Bachelor's degree and 3+ years of related professional experience. Active Secret Clearance. Experience with DoD's RMF and SSP processes. What Desired Skills You'll Bring: Experience Managing Cyber Task Orders (CTOs) reporting, mitigation, and compliance. Experience in the Missile Defense Agency. DoD 8570 compliant IAM Level II certification (Sec +). Job Posted by ApplicantPro

DLS Engineering is seeking a Network Security II (Boundary) professional for a full-time position in support of the Air Force Intranet Control (AFINC) program at Gunter Annex in Montgomery, Alabama. This is an on-site position. As part of AFINC, the mission of the 26th Network Operations Squadron (26 NOS) is to provide mission assurance to the warfighter through the operation, management, and defense of the Department of Defense Information Network (DODIN). In the execution of its mission, the 26 NOS maintains network infrastructure, to include routers, switches, proxies, firewalls, servers, workstations, printers, Storage Area Networks (SAN) and test labs, to provide maneuverability and defense of both classified and unclassified networks. A day in the life: Install, monitor, configure, troubleshoot, upgrade, patch, harden, maintain, and operate intrusion detection/prevention systems, firewalls, load balancers, and web proxies to protect AFNet resources from both internal and external threats according to Department of Defense security standards Perform complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements. Perform Defense Cyberspace Operations (DCO) and DODIN operations. When I read the below it sounds like me: 5+ years of experience with Enterprise DOD boundary protection and CSSP operations. IAT-II Certification (required) Palo Alto: Network Security Professional OR Cisco Certified Network Administrator (CCNA) OR Palo Alto Networks Certified Network Security Administrator (PCNSA) Active Secret Clearance Other information: We offer a competitive salary and a 401k program with company match. We offer a comprehensive benefits package including health, vision, dental, life, and disability insurance. We offer a generous paid time off package If accommodation is needed with the application and / or the interview process for applicants with disabilities, please contact Human Resources at ************. DLS is an E-Verify company. DLS is an equal employment opportunity employer. Qualified applicants will receive consideration without regard to age, race, religion, sex (pregnancy, sexual orientation, gender identity), national origin, or disability. We encourage all qualified applicants to apply. If you believe you have been discriminated against, please contact Barbara Ellison. You also have the right to file a charge of discrimination with the equal employment opportunity commission. Must be able pass a government background check, which will be completed before employment.

Abacus Technology is seeking an Information Systems Security Officer (ISSO) to provide security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position. Responsibilities Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. Implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. Audit systems to ensure security posture integrity. Conduct assessments and test/analysis data to document state of compliance with security requirements. Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. Conduct periodic hardware/software inventory assessments. Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. Manage assigned team to facilitate effective execution of the RMF. Coordinate and participate in security assessments and audits. Prepare, review, and present technical reports and briefings. Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Qualifications 5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF. HS diploma or GED. Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS). Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred. Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS. Outstanding communication skills across all levels of the organization. Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI). Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information. EOE/M/F/Vet/Disabled

Securities Analyst, Senior is a permanent, full-time position with the Alabama Securities Commission. Positions are located in Montgomery. This is highly specialized work relating to the registration/licensing and examination of securities, broker/dealers, and investment advisers.

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at ****************** Senior Security Analyst Position Summary As a Senior Security Analyst, you will be a key member of Neptune's 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You'll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements. Responsibilities: Threat Detection & Monitoring * Monitor and analyze security alerts from SIEM and EDR platforms * Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments * Maintain high-fidelity alerting and reduce false positives through tuning Incident Response & Management * Execute playbooks for triage, containment, and remediation of security incidents * Assist in forensic investigations and contribute to post-mortem reports * Participate in tabletop exercises and readiness drills SIEM & Security Logging * Maintain SIEM health and ensure reliable telemetry across all assets * Develop and refine detection rules and correlation logic * Support automation and orchestration workflows for incident handling Identity & Access Management * Monitor identity-related events for anomalies and privilege escalation attempts * Support IAM lifecycle processes and enforce least privilege principles Threat Intelligence & Modeling * Integrate threat intelligence feeds into detection workflows * Assist in threat modeling to identify potential attack paths Reporting & Metrics * Document incidents and provide timely updates to SOC Manager for reporting to parent company * Track and report operational metrics (MTTD, MTTR, alert volumes, etc.) Security Standards & Architecture * Apply secure-by-design principles in collaboration with engineering teams * Support zero trust initiatives and network segmentation projects Relevant Platforms (experience with several is expected): * SIEM/SecOps: e.g. Google SecOps (Chronicle) * EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra * Network Security: e.g. FortiGate NGFW, FortiSASE * Secure Browsing: e.g. Prisma * Patching & Config: e.g. Automox * Secrets Management: e.g. Keeper * Asset Management: e.g. Axonius, Cyclops * Email & Data Security: e.g. Mimecast, Microsoft Purview Minimum Qualifications: * Bachelor's degree (or equivalent experience) * 3+ years in Security Operations or Incident Response * Hands-on experience with SIEM, EDR, and threat detection * Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles * Strong analytical and communication skills Preferred Qualifications: * Security certifications (e.g., GCIH, GCIA, CISSP) * Experience with cloud security (AWS, Azure, GCP) * Exposure to SOAR automation and scripting * Travel Requirements: Typically requires overnight travel less than 10% of the time. Travel Requirements: Typically requires overnight travel less than 10% of the time. Location: Duluth, GA, Tallassee, AL

Job Description Seneca Global Services, LLC is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is Seneca Holdings' federal government contracting business that meets mission-critical needs of federal civilian, defense, and intelligence community customers. Our portfolio comprises multiple subsidiaries that participate in the Small Business Administration 8(a) program. To learn more about SNG, visit the website and follow us on LinkedIn. At Seneca, our team of talented individuals is what makes us successful. To support our team, we provide a balanced mix of benefits and programs. Your total rewards package includes competitive pay, benefits, and perks, flexible work-life balance, professional development opportunities, and performance and recognition programs. We offer a comprehensive benefits package that includes medical, dental, vision, life, and disability, voluntary benefit programs (critical illness, hospital, and accident), health savings and flexible spending accounts, and retirement 401K plan. One of our fundamental principles at Seneca Holdings is to offer competitive health and welfare benefits to our team members, providing coverage and care for you and your family. Full-time employees working at least 30 hours a week on a regular basis are eligible to participate in our benefits and paid leave programs. We pride ourselves on our collaborative work environment and culture, which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation. Seneca Global Services, LLC seeks a highly motivated Information Systems Security Officer (ISSO) to join our technical team supporting the National Cyber Range Complex (NCRC). The NCRC plays a critical role in enhancing the resilience of DoD systems and the effectiveness of U.S. cyber operations by delivering full-spectrum test and evaluation, workforce training, and mission rehearsal events. As the NCRC continues to evolve as a best-of-breed cyber range, the ISSO will contribute directly to ensuring secure facilities, tools, and expertise for some of the most demanding test, training, and mission rehearsal requirements in the Department of Defense. As a key member of the cybersecurity team, the ISSO will act as a security liaison across multiple domains-including physical, personnel, information, cyber, operations, Anti-Terrorism/Force Protection, law enforcement, communications, and technical security-while working closely with the Information Systems Security Manager (ISSM) to ensure compliance, readiness, and secure mission execution. Responsibilities include, but are not limited to: Provide direct support to the ISSM on activities such as Assessment & Authorization (A&A), execution of Continuous Monitoring Plans, and facilitation of Security Controls Assessments. Administer and monitor Risk Management Framework (RMF) steps and activities throughout the system lifecycle to maintain an appropriate security posture. Implement cybersecurity programs, policies, and procedures for assigned systems. Maintain working knowledge of current and upcoming events, system functions, policies, safeguards, and security measures. Serve as a subject matter expert in RMF core concepts and processes. Coordinate with applicable stakeholders across the enterprise to ensure security compliance and readiness. Maintain Authorization to Operate (ATO) packages for assigned systems within the designated A&A System of Record (e.g., eMASS, XACTA 360, Keystone). Review and analyze audit logs (e.g., Splunk, Windows EVTX, Linux syslogs) to detect potential anomalies or threats. Perform validation checks to ensure CM-approved software and antivirus definitions are installed on assigned systems. Conduct compliance/vulnerability scans and manual checks to identify and mitigate risks. Execute ISSO-specific tasks as outlined in program security plans. Deliver cybersecurity education, training, and awareness to system users as required by the ISSM. Basic Qualifications: Active Top Secret clearance with SCI eligibility. Bachelor's degree in Cybersecurity, Information Systems, or related discipline, and/or 8+ years of relevant experience (additional experience may substitute for degree). Minimum of 5 years of extensive experience in cybersecurity, information assurance, and RMF processes. DoDD 8140.01 IAT Level II certification or higher. At least 2 years of experience conducting IT application, system, or network reviews and providing DoD cybersecurity policy and technical guidance. Desired Skills: Certifications aligned to DoDM 8140.03 / DoD Cyberspace Workforce Framework. Familiarity or background with some of the following technologies: CISCO equipment (routing and switching technologies) Zero-trust requirements VMWare (vSphere, vCenter, NSX, ESXi) RHEL (Ansible, Kubernetes, StackRox, OpenShift) AWS / Azure cloud technologies and containerization F5 BIG-IP, Cisco networking, and distributed technologies STIG and IAVA implementation NetApp storage technologies Dell Blade Servers Equal Opportunity Statement: Seneca Holdings provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.

Who We're Looking For (Position Overview):This role is critical in ensuring the security posture of mission-critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.What Your Day-To-Day Looks Like (Position Responsibilities): Serve as the principal cybersecurity advisor to system owners and stakeholders. Design, analyze, and test of information security systems, products, cloud architectures and cloud solutions. Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re-architecting and/or re-design activities. Develop, implement, and evaluate security controls, measures, and frameworks in cloud-based systems to ensure data integrity, confidentiality, and availability. Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments. Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO). Responsible for ensuring operational security is maintained for assigned information systems. Ensure systems are operated, maintained, disposed of in accordance with security policies and practices. Perform Security Incident Reporting and Response. Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process. Ensure audits and reviews are responded to with accurate information. Perform system access control responsibilities. Participate in the change management process for assigned applications. Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle. Perform continuous system security monitoring. Implement and manage cloud-native and third-party security tools for monitoring, threat detection and vulnerability management. Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented. Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures. Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan. Responsible for ensuring the implementation and maintenance of annual security controls assessments. Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations. Working directly with development, platform, and infrastructure teams on security problems. What You Need to Succeed (Minimum Requirements): Top Secret (TS) Clearance with SCI eligibility. 3 - 5 years of experience required. Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA. Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure. Analyze logs using Splunk and AWS tools. Hands-on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk. Work with GRC tools such as Xacta/JCAM Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP Experience using Atlassian suite tools such as JIRA/CONFLUENCE Experience with Agile Methodologies/SAFe Expertise on Information Security Principles, processes and guidelines Able to obtain and maintain an Authority to Operate (ATO) for Information Systems. Experience with scanning tools such as Tenable Nessus Ability to work on multiple projects with various timelines, at times very short deadlines. Ideally, You Also Have (Preferred Qualifications): Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security - Specialty, or other relevant certifications. Experience in a high-side or multi-enclave (U/S/TS) environment. Experience working with Agile development teams and CI/CD pipelines. Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible). Familiarity with NIST 800-53 Rev. 5 #CJ

DESE Research, Inc. is excited for the opportunity to add an Information Systems Security Officer to our existing team. If you feel like you have the skills and qualifications for this position, please apply now! Job Details: The successful candidate will oversee day-to-day information system security operations including auditing hardware, software implementations, and risk assessments. The candidate will upkeep, monitor, analyze, and respond to network and security events. The candidate will ensure configuration management for security relevant IS software, hardware, and firmware are maintained and documented. The candidate will implement Risk Management Framework (RMF) security controls utilizing DISA Security Technical Implementation Guides (STIGs). Required Qualifications: * An active DOD Secret clearance * 5-10 years of experience in cyber security engineering/analysis, supply chain risk management, logistics, product management, program protection planning, or system security engineering * Experience with IS auditing and investigations * Knowledgeable of operating system security requirements * Hands-on experience with industry-standard Information Assurance tools * Security+ Certification * CompTIA CySA+ certification Required Education Qualifications: Bachelor's Degree in Cyber Security, an Engineering Discipline, Logistics, or Supply Chain Desired Qualifications: * Overall knowledge of Information Systems Security and ISSO duties * Working knowledge of system administration and network administration * Working knowledge of classified defense contracts * DoD 8570 IAM Level II Certification Why employee's love working for DESE: At DESE, we are committed to creating a company that is known for its respect and care for employee's. We understand that happy employees are what keeps our business going and we strive to provide the best opportunities for each individual working on our team! Here are a few reasons you will love working here: * Competitive salaries * Annual performance bonuses * Robust 401k profit sharing plan * Competitive health, dental & vision insurance with affordable premiums * Flexible work schedules * Two different flexible spending account options * Company paid life insurance & Accidental Death & Dismemberment * Education reimbursement program * Personal leave for approved philanthropic activities * Vacation, Sick & Holiday leave * Opportunities for internal promotions * Employee referral incentive program * Rewards and gifts for service anniversaries Disability Accommodation for Applicants - DESE Research, Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following alternative email address or phone number to contact us about your interest in employment with us: ********************** or ************x123.