Cyber security analyst jobs in Norfolk, VA

The Cyber Analyst, Mid-Level, applies expertise and work experience executing cyber risk assessments. The ideal candidate will provide a broad range of information assurance activities and has a strong knowledge of systems, operating environments, system security, and networking. *This position requires onsite work Duties Determines system vulnerabilities and residual risk based on analysis of technical artifacts, interviews, and evaluation of current system state Evaluates effectiveness of proposed mitigations Contributes toward recommendations on technical/policy changes, processes and methodologies to assess and mitigate cybersecurity risk on information technology within the SCA's appointed authorization boundary Works with other Cyber Analysts, Subject Matter Experts (SMEs), and SCARs to ensure that all cybersecurity analysis and cybersecurity risk assessments are completed with time and quality standards established by Division leadership and Task Lead Supports program and projects with security and information assurance requirements elicitation based on customer and SME communication and independent research Performs all other duties, as assigned Requirements Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Information Systems required. Equivalent work experience may be substituted for Bachelor's degree. Master's degree preferred. IAM Level II Certification in accordance with the Department of Defense (DoD) approved 8140 baseline certifications required Must have at least 5 years of experience in cyber risk assessment in cyber risk assessment or experience with technologies utilized in AFNET or DoD systems Proficiency with eMASS preferred Must have familiarization with NIST SP 800-53, AFI 17-130, and DODI 8510.01 Strong planning, organization, and analytical skills, with attention to detail required Must be able to take initiative and be self-motivated Quick learner; passionate about technology and able to learn new technology areas as directed Ability to elicit, identify, and research information assurance requirements and perform as a member of an assessment review team Effective team player with good interpersonal skills Must be able to work independently with minimal supervision Excellent written and verbal communication skills required Must be able to display professionalism in all situations Knowledge in emerging technologies including cloud, AI and virtualization, networking, systems engineering, identity management, web technologies, system administration, and system security is preferred This position requires onsite work. Must be flexible to be able to work in the office, as assigned. Must have an active DoD security clearance

Rigid Tactical is actively seeking a Subject Matter Expert (SME) Exploitation Analyst to join our mission-focused team as Key Personnel supporting OPTEVFOR Cyber Operational Test & Evaluation (OT&E). This is an advanced proficiency role centered on offensive cyberspace operations planning and execution. The successful candidate will utilize intelligence and technical knowledge to deconstruct complex Navy IT systems, determine system access points, and develop detailed exploitation strategies and test objectives for the supporting Red Team. Your work will directly inform cyber survivability assessments and enhance the readiness of systems supporting the warfighter. Qualifications and Requirements Education/Experience: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field OR a minimum of five (5) years of experience in DoD offensive cyberspace operations planning or exploitation analysis. Technical Proficiency: Demonstrated ability to decompose complex computer systems and networking configurations to support system exploitation analysis. Software Skills: Proficiency in Microsoft Office Applications (MS Visio, Project, Excel, PowerPoint, etc.). Communication: Excellent written and oral communication skills required for briefing senior leadership (O6 / GS-15 or higher). Clearance: Active TS/SCI clearance. PREFERRED Experience & Certifications (Additional KSATs): Ability to perform detail-oriented work with Quality Assurance / Quality Control (QA/QC) prior to delivery to the government. Preferred Certifications: Offensive Security Certified Professional (OSCP) GIAC Certified Penetration Tester (GPEN) Certified Ethical Hacker (CEH) Practical (or Master) Cisco Certified Network Professional (CCNP Security) GIAC Exploit Developer (GXPN) Certified Red Team Expert (CRTE) Key Responsibilities This Key Personnel role has an advanced focus on planning and executing offensive cyber operations within the DoD Cyber OT&E environment. 1. Exploitation Planning & Strategy Strategy Development: Serve as the SME to develop or oversee detailed exploitation plans for the OPTEVFOR Red Team, including using intelligence to deconstruct complex systems and determine access points. Test Objective Design: Develop cyber survivability test plans and coordinate with warfare divisions and Red Team operators to ensure test objectives are comprehensive, executable, and adequately resourced. Requirements Management: Identify capability gaps, review test requirements, and coordinate with DoD, academia, and industry to acquire necessary cyber capabilities and tools. 2. Test Execution Leadership Test Lead: Lead preparation and execution of Cyber OT&E events, including coordination with all site personnel, program office SMEs, and Red Teams. Deconfliction & Safety: Ensure all deconfliction requirements are met prior to test execution (following JFHQ-DODIN guidance) and verify that tests are conducted safely per OPTEVFOR policies. Briefing: Conduct Pre-Execution Briefs to 01D leadership and provide daily hot washes and summary reports throughout the test phase. 3. Reporting, Policy, and Process Oversight Final Report Generation: Lead the generation of final report products, ensuring technical accuracy and adherence to OPTEVFOR procedures. This involves drafting the Data Analysis Summary and reviewing Blue/Gold Sheets from Red Team operators. Process Oversight: Support cyber survivability policy and process oversight to warfare divisions and maintain 01D Standard Operating Procedures (SOPs) and OPTEVFOR test planning documents. Post-Test Analysis: Participate in post-test processes (e.g., 01D Review Board, SERB) to ensure traceability between test objectives, collected data, and final deliverables. Training: Support the development and maintenance of Cyber Survivability Test Planning templates and instruct associated courses. 4. Required Technical Expertise Networking & OS Knowledge: Utilize deep knowledge of network architectures, protocols (TCP/IP), Linux/Unix concepts, and common networking devices to support system deconstruction and analysis. Targeting & Intelligence: Analyze and synthesize large quantities of data into high-quality, fused targeting/intelligence products, using expert knowledge of attack methods and malicious activity concepts. This position is contingent upon award of the relevant contract or funding. Furthermore, employment is subject to the successful completion of all stages within the company's hiring pipeline. At Rigid Tactical, we offer a role that places you at the tip of the spear in DoD Cyber OT&E. If you are an advanced Exploitation Analyst who thrives on deconstructing complex defense systems and translating technical vulnerabilities into actionable Red Team strategies, this is your opportunity to drive mission assurance. You will be a Key Personnel member, utilizing your deep technical expertise and planning skills to directly enhance the cyber survivability of the U.S. Navy warfighter. If you possess the TS SCI eligibility and the offensive cyber acumen required to be a strategic planner in this mission-critical environment, we urge you to apply and join our tactical force.

Akira Technologies is seeking a Cyber Analyst team member who is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. This role supports a government client in the following locations five days a week: Norfolk, VA. Active Secret clearance or higher is also required for this role. An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred. Job Responsibilities Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. Asses Security Technical Implementation Guides (STIGs) compliance and completion. Utilize asset mapping tools to verify connected inventory. Handle Information Assurance Vulnerability Management (IVAM) notifications. Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency. Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences. Job Qualifications Active Secret security clearance or higher. At least 3 years, (Journeyman), or applicable 1 to 2 years (Junior) of experience in security operations, demonstrating analytical duties and preforming host or network security analysis. Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures. Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Preferred Skill Sets Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Able to provide expert content development in Splunk Enterprise Security using tstats and data models Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases Familiar with the operations and functions of Nessus or security center management Can assist and provide technical input to research, discover, implement hardware and software Understands importance and fundamentals of logistics and evidence handling Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification Salary Range: $75,000 to $100,000 Akira's pay range for this position considers various factors including skills, years of experience, training, licenses, certifications, alignment with market data, and internal equity in the organization. This pay range estimate is a general guideline only and not a guarantee of compensation or salary, which Akira believes to be done in good faith in compliance with local laws. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. General Description of Benefits Akira offers its employees multiple options for medical plans (some with Health Savings Account), dental plans, and vision coverage, and a 401(k) plan with employer match. To promote work/life balance, Akira offers paid time off, including vacation and sick time, holidays, paid parental leave, military leave, bereavement leave, and jury duty leave. We also offer short and long-term disability benefits to protect employee income in the event of sickness or injury, life insurance, accidental death and dismemberment insurance, and critical illness insurance. Akira also offers tuition, training, and certification reimbursement for professional development and career advancement. Akira regularly reviews our total rewards package to ensure our offerings remain competitive and reflect the values and needs expressed by our employees. About Akira Technologies Akira strives to meet and exceed the mission and objectives of US federal agencies. As a leading small business cloud modernization and data analytics services provider, we deliver trusted and highly differentiated solutions and technologies that serve the needs of our customers and citizens. Akira serves as a valued partner to essential government agencies across the intelligence, cyber, defense, civilian, and health markets. Every day, our employees deliver transformational outcomes, solving the most daunting challenges facing our customers. Akira is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Job DescriptionDescription: Tamayo Federal Solutions, LLC, a Department of Defense contractor, is now hiring a Cyber Security to support the customer and shall provide system administration services to the Government for both physical and virtual hosted applications. You will provide all services necessary to ensure the efficient operation of all physical and virtual servers. Be knowledgeable of Security/IA products such as PKI, VPN, firewalls, and intrusion detection systems. You will support Government requirements to maintain data center computing, storage, and networking capabilities at Government data centers and within associated commercial cloud environments. We are seeking a Cyber Security who will be part of an energetic, results-driven team. In this role, you will be responsible for supporting information systems security engineering services required to properly secure and accredit storage, network, and computer resources. Responsibilities include but are not limited to: Familiar with a variety of the field's concepts, practices, and procedures Relies on extensive experience and judgment to plan and accomplish goals and independently performs a wide variety of complicated tasks May provide consultation on complex projects and is considered to be the top-level contributor/specialist. May lead and direct the work of others Performs a variety of routine project tasks applied to specialized technology problems Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to Information Assurance requirements Conducts security assessments and security consulting services Analyzes information security requirements Knowledgeable about DoD and DoN Information Assurance rules and regulations Under general supervision, designs, develops, engineers and implements solutions to MLS requirements Gathers and organizes technical information about an organization's mission goals and needs, existing security products and ongoing programs in the MLS arena Performs risk analyses, which also includes risk assessment Provides technical support for secure software development and integration tasks, including reviewing work products for correctness and adhering to the design concept and to user standards Analyzes and recommends resolution of security/IA problems on the basis of knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines Requirements: REQUIREMENTS: - U.S. Citizenship required. - Candidate must be Secret Clearance Eligible - 5 years professional experience in cyber security or related field Tamayo Federal Solutions, LLC offers a full package of benefits and competitive salary, excellent group medical, vision, and dental programs; 401(k); tuition reimbursement; employee training, development, and education programs; advancement opportunities; and much more! EEO/AA Employer. Protected Veterans and individuals with disabilities are encouraged to apply. Please NO RECRUITERS - Job Applicants ONLY

Location: Virginia Beach VA Required Clearance: Secret - Top Secret SCI Certifications: DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level I, Level II or Level III depending on position hired to fill Required Education: Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines Required Experience: Two (2) Years for Level I, five (5) Years for Level II and ten (10) years for Level III Position Description: PingWind is seeking the right fit to join a team of Cyber professionals as they support critical functions to provide Cyber Security for the Navy's network. Depending on the position hired to fill, you will be ensuring the highest level of cyber security by implementing STIGS, performing scans using tools such as ACAS, and tracking/patching/mitigating vulnerability findings. Key goal is to ensure the warfighter can achieve their mission without the interference of adversaries and opportunistic hackers. Work is performed in support of Naval Surface Warfare Center (NSWC), DAHLGREN DIVISION in Virgina Beach as it conducts Research, Development, Test & Evaluation (RDT&E), analysis, systems engineering, integration, and certification of complex Department of Defense systems. Primary Responsibilities: Level: I Two (2) years and Level II: Five (5) years of full-time professional experience performing system hardening with demonstrated experience in the following areas: • Performing STIG implementation;• Performing vulnerability assessments with the Assured Compliance Assessment Solution tool;• Experience with Security Management policy guidance and directives; and• Remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating systems.Level III: Ten (10) years of full-time professional experience performing system hardening with demonstrated experience in the following areas:• Computer security, military system specifications, Security Management policy guidance and directives, DoD and cybersecurity policies;• Risk Management Framework (RMF) and the implementation of Cybersecurity and IA boundary defense techniques and various IA-enabled appliances. Examples of these appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS), EMASS and Endpoint Security Solution (ESS);• Performing STIG implementation;• Performing vulnerability assessments with the Assured Compliance Assessment Solution tool; and• Remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating systems. Required Qualifications: • Secret - Top Secret SCI • DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level I, Level II or Level III depending on position hired to fill• Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines• Two (2) Years for Level I, five (5) Years for Level II and ten (10) years for Level III Desired Qualifications/Experience: • Navy experience a plus • DoD 8570.01-M CSSP certification• RMF experience About PingWind PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Washington DC and Northern Virginia. **************** Our benefits include: • Paid Federal Holidays• Robust Health & Dental Insurance Options• 401k with matching• Paid vacation and sick leave• Continuing education assistance• Short Term / Long Term Disability & Life Insurance• Employee Assistance Program through Sun Life Financial EAP Guidance Resources Veterans are encouraged to apply PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.

We're seeking a Cyber Network Defense Analyst (CND) to support the Intelligence, Surveillance, Reconnaissance (ISR) Wing Security Office and the Distributed Common Ground System (DCGS) Processing, Exploitation, Dissemination (PED) Operations Center (DPOC). Job Responsibilities: Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators. Investigates computer fraud or other electronic crimes, crack files and system passwords, detects steganography and recovers deleted, fragmented and corrupted data from digital media of all types. Ensures chain of custody and control procedures, documents procedures and findings in a manner suitable for courtroom presentation and prepares comprehensive written notes and reports. May be required to testify in court as expert witnesses. Required Skills and Experience: BA/BS 3+ years of network operations experience Active TS/SCI CompTIA Security+ CompTIA Cybersecurity Analyst (CYSA) Shift work required Preferred Skills and Experience: Working knowledge of AF DCGS and AF ISR operations is desired Spectrum is proud of our diverse workforce and diligently committed to remaining an Equal Opportunity Employer. Spectrum governs all employment related decisions without regard to an individual's race, color, sex, religion, national origin, age, disability, veteran status or any other protected classification. [EEO/AA/Protected Veterans/Individuals with Disability employer]. Work schedule: 10-hour rotational shift work. Rotations are quarterly between day and mid shifts and monthly between weekday and weekend shifts.

GENERAL SUMMARY: Seeking full-time Network Engineer to join the Cyber Readiness Team supporting the Atlantic Surface Fleet in Norfolk, Virginia. An applicant that can demonstrate expert knowledge in the design, configuration, deployment and management of Aruba EdgeConnect SD-WAN solutions will fill this position. The candidate may be required to travel between 5-10% to assist forward-deployed units. LOCATION: Norfolk, VA. SPECIFIC DUTIES & RESPONSIBILITIES: Provide SD-WAN orchestration and management using Aruba Orchestrator for provisioning, deployment, configuration, monitoring, and troubleshooting EdgeConnect SD-WAN solutions. Manage user authentication, authorization, role-based access control, RADIUS/TACACS+, policy management, and captive portal using Aruba ClearPass Policy Manager (CPPM) and ClearPass Guest. Deploy, provision, manage, and monitor Aruba Instant APs using Aruba Instant UI, Aruba Central and/or Aruba Mobility Controller capabilities. DESIRED SKILLS AND ABILITIES: HPE Aruba SD-WAN Certifications Cisco Certified Network Associate (CCNA) Experience with Aruba and/or Cisco wireless controllers, access points, switches and routers Understanding of DoD Cybersecurity policies and programs Experience implementing DISA Security Technical Implementation Guides (STIGs) REQUIREMENTS: In-depth knowledge of current SD-WAN concepts, industry standards, security, and best practices. At least five years' hands-on experience with any SD-WAN technologies to include at least two years' experience with Aruba EdgeConnect SD-WAN solutions. Hands-on experience using Aruba ClearPass Policy Manager (CPPM), ClearPass Guest, and Aruba Orchestrator in the management of EdgeConnect SD-WAN solutions. Active Secret Security Clearance Current US Passport 8570 Information Assurance Technician (IAT) level II or IAM/ISSM level I Certification Bachelor's Degree or 5 years' experience in related field

Falconwood is a woman-owned, veteran-owned company providing consultation and programmatic support to Department of Defense Information Technology (IT) initiatives and programs. We provide expert advice and consultation on a diverse range of IT subjects, focusing on acquisition, policy, cybersecurity, engineering, and process development. The Information Assurance Analyst will be responsible for performing duties associated with development and review of RMF packages in support of the Commander, Naval Information Forces (NAVIFOR) N6 Directorate. Responsibilities The candidate will support Assessment and Authorization efforts for NAVIFOR N6 directorate and subordinate commands through: Support program's authorization efforts throughout the Navy RMF process. Track to ensure quality and timeliness of RMF package artifacts and deliverables. Analyze general information assurance-related technical problems and provides recommendations and technical support in solving these problems. Assess and supports implementation of solutions that meet network security requirements. Review vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Perform duties associated with development and review of RMF packages. Support continuous improvement of strategies, processes, and procedures aligned with existing DoN Navy processes. Ensure the necessary planning, outreach, execution, and dissemination of lessons learned/after action reports. Qualifications Clearance: TS/SCI clearance required (a current SSBI within the five-year scope). Education: Bachelor of Science degree in Information Systems, Computer Science, Cybersecurity, Information Systems, Computer Engineering or related discipline. Certifications: Information Assurance Certification (GIAC) - Security Leadership Certification (GSLC), Certified Information system Security Professional (CISSP), or Certified Information Security Manager (CISM). Experience: At least one-year relevant experience performing Navy IA or cybersecurity functions. Preferred: Experience in an IT operational capacity (e.g., operations/project support, helpdesk). Strong analytical, problem-solving, and project management skills. Familiarity with U.S. Navy culture, processes, command organizations, and IT infrastructures. Ability to analyze general information assurance-related technical problems and provides recommendations and technical support in solving these problems. Be able to assess and support implementation of solutions that meet network security requirements. Experience with vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Advanced technical writing skills for developing documentation, reports, and training materials. The candidate must be: Familiar with the Navy RMF process. Capable of performing effectively individually and as part of a team. Technically savvy and possess excellent communication skills. Have effective critical thinking and problem-solving skills. Self-motivated and able to successfully deliver with minimal supervision. Proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook. This position is fast paced and high demand that is a hybrid position (onsite and remote) in Suffolk, VA. Limited to no travel is anticipated. Pay Range Base pay is $85,000-$95,00, subject to skill level, qualifications, and location. Benefits Highlights: 401k, Tuition Reimbursement, Health/Dental/Vision Insurance, PTO, Federal Holidays, Performance Increases, Reserve Duty Compensation and more!

Seeking a full-time, experienced Navy Qualified Validator (NQV) to provide advanced Cybersecurity and Risk Management Framework (RMF) support for Navy systems and networks. The ideal candidate will bring deep expertise in Cybersecurity Assessment & Authorization (CS/A&A) processes, vulnerability assessments, and Navy-specific compliance standards. This role requires a strong mix of technical, analytical, and documentation skills to ensure Navy systems achieve and maintain Authorization to Operate (ATO) in compliance with DoD and DON policies. Duties & Responsibilities Perform Cybersecurity Assessment & Authorization (CS/A&A) analysis, ensuring compliance with DoDI 8510.01 (RMF) and Navy requirements. Conduct risk assessments, risk mitigation analysis, and vulnerability analysis across systems, applications, and networks. Provide NQV validation support for Navy systems, ensuring compliance with DoN A&A and RMF standards. Execute Security Test and Evaluation (ST&E) activities, including analysis, reporting, and risk recommendations. Manage and process Security Technical Implementation Guides (STIGs) using automated tools (e.g., SCAP, STIGMAN, eMASSter). Maintain and update system records in Enterprise Mission Assurance Support Services (eMASS) and other RMF repositories. Develop and execute Standard Operating Procedures (SOPs), CONOPs, Business Rules, and Contingency Plans for Navy systems. Provide expert firewall policy and ports/protocols configuration support. Develop and maintain hardware/software inventories, network boundary diagrams, and technical documentation. Upload vulnerability scan data into VRAM and maintain baseline system configuration compliance. Provide executive-level reporting, including Plans of Action and Milestones (POA&M) and risk mitigation recommendations. Advise leadership on compliance with Federal, DoD, and DON cybersecurity laws, directives, and policies. Navy Qualified Validator (NQV) credential with registration. Cybersecurity / RMF requirements (DoDI 8510.01). System/network vulnerability analysis and mitigation strategies. Security Test & Evaluation (ST&E) processes and reporting. STIG processing and automated compliance tools (SCAP, Evaluate STIG, STIGMAN, EMASSter). RMF documentation and repositories, especially eMASS. Contingency planning, training, and execution. Firewall policy configuration and ports/protocols management. VRAM vulnerability baseline uploads and configuration tracking. Expert-level knowledge of DoD/DON cybersecurity directives (FISMA, DoDI 8500.01, SECNAV 5239, NIST SP 800 series, etc.). Knowledge of OPNAVINST N9210.3 for safeguarding Naval Nuclear Propulsion Information. This job description in no way states or implies that these are the only duties to be performed by this employee. He or she will be required to follow any other instructions and to perform any other duties requested by his or her supervisor Education & Experience Requirements Must have a minimum of 4 years' related experience Bachelor's degree in an IT-related discipline (e.g., Computer Science, Information Technology, Software Engineering) or Level II Certification (Security+ or better) AND four (4) years of relevant experience as described above. Certifications such as Microsoft Certified: SharePoint Server Hybrid Administrator Associate, Microsoft Certified: Windows Server Administrator, and CompTIA Security+ are desired. Active Navy Qualified Validator (NQV) registration SECURITY CLEARANCE REQUIREMENTS: Secret Skill & Certification Requirements Active Navy Qualified Validator (NQV) registration. Fully qualified per DoD 8570.01M requirements (IAT Level II or IAM Level II). Demonstrated experience with eMASS, STIG processing tools, and vulnerability assessment tools. Strong communication skills with ability to produce executive-level reports, POA&Ms, and project documentation. Direct experience certifying and accrediting DON information systems, networks, and Platform IT. Proven ability to advise Navy leadership on cybersecurity strategies and risk management. Strong technical writing and presentation skills for producing high-quality deliverables. Institutional knowledge of Navy cybersecurity mission-critical procedures, systems, and processes. Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel, PowerPoint and Access), and other standard (Customer specified) applications. Position requires sitting, for long periods of time. (Sedentary Work) Most duties require extended use of a keyboard and computer monitor May require lifting of 20-50 lbs LCI is an Equal Opportunity Employer Veteran/Disabled Leader Communications is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you'd like to view a copy of the company's affirmative action plan or policy statement, please email **************

Provide cybersecurity expertise supporting enterprise environments, including risk management, incident response, threat/vulnerability mitigation, and security architecture considerations. Key Responsibilities Assess/mitigate cybersecurity threats and vulnerabilities; apply risk management processes. Support encryption, access controls, intrusion detection, traffic analysis, and incident response/handling. Apply secure system/software lifecycle concepts and security architecture/enterprise reference models. Support continuity planning (backup/recovery, disaster recovery, COOP). Apply program/project management principles in support of information security program needs. Qualifications (Citizenship, Education, Experience, Skills) Experience: 4+ years in Cybersecurity. Skills (examples explicitly called out): Encryption algorithms: IPSEC, AES, GRE, IKE, MD5, SHA, 3DES. Incident response/handling; intrusion detection; penetration testing; emerging threats. Network protocols and models (TCP/IP, OSI), traffic analysis, access control mechanisms (e.g., ACLs). System/application threat knowledge (e.g., buffer overflow, XSS, SQL injection). Cloud service/deployment models (SaaS/IaaS/PaaS) and cloud security strategy/architecture. Data security standards including PII/PCI/PHI. Required DoD Systems, Tools, and Framework Experience Office tools: Ability to document, track, and report cyber work products (Attachment emphasizes deliverables like plans/processes such as incident response and continuity planning). Scheduling/Tracking systems: Experience supporting enterprise incident response programs/roles and performing analysis/reporting (ticketing tools not explicitly required for this LCAT in Attachment J.02). Security/Information handling: Knowledge of cybersecurity laws/regulations/policies/ethics; risk management; secure acquisition/supply chain risk concepts.

Input is currently seeking a Public Key Infrastructure (PKI) Auditor & Trainer/Information Systems Security Officer (ISSO) for a potential contract to assist the Department of the Navy (DON) Public Key Infrastructure (KPI) and Key Management Infrastructure (KMI) Services. Location(s): Andrews AFB, MD; Norfolk, VA; San Diego, CA; and Pearl Harbor, HI Key Responsibilities: Maintain Naval Communications Security Material System (NCMS) PKI Registration Authority (RA) and Local RA (LRA) systems, perform operating system updates and validate machines are operating in accordance with Authority to Operate (ATO). Coordinated with Navy Marine Corps Intranet (NMCI) for machine and network troubleshooting. Maintain standard system security and disaster recovery plans and ensure implementation across the detachment. Maintain enterprise architecture Standard Operating Procedures (SOPs) and documentation to include illustrations network topology, system access requirements and processes for obtaining material and replacement hardware and software. Function as the NCMS PKI liaison to external LRA sites providing assistance and information pertaining to System access, network access, peripheral devices. Liaison support also includes working with the government Information System Security Managers (ISSM), and Information System Security Officers (ISSO) to achieve and maintain ATO requirements. Perform Cybersecurity tasks to include validation of Assured Compliance Assessment System (ACAS) scans and patching, apply Security Technical Implementation Guides (STIGs). Properly secure and maintain PKI archives until moved to long term storage facility. Perform backups, validate scans, perform software updates as needed, and review workstation system logs. Complete compliance audits in accordance with Joint Force Head Quarters Department of Defense Information Network (JFHQ-DODIN) PKI Audit requirements, audits drafts, reports, track audit Plan of Action and Milestones (POA&M), schedule audits and perform Training and Assist Visits (TAV). Schedule, conduct and update PKI LRA, Trusted Agent (TA), System Administrator (SA), ISSO classroom training for newly appointed personnel through the Navy. Qualifications: Understanding of Department of Defense (DoD) Common Access Card (CAC) characteristics and CAC/Smart card operation and procedures to include CAC middleware and hardware, with a least one-year experience. Knowledge of the principles, concepts, and methodology of Information Technology (IT) processing and a working knowledge of computer system architecture, performance characteristics and DoD and Service IT security policies with a least one-year experience. Familiar with DoD 8520.02, Public Key Infrastructure and Public Key Enabling. Skilled verbal and written communication techniques required to conduct meetings, and prepare reports and other correspondence Must be able to work independently. Possess analytical processing skills. Possess DoD 8140 qualification of 461 Basic or 451 Intermediate upon first day of employment and continue to maintain extended training requirements as identified in SECNAV M-5239.2. Navy COOL - Navy Cyber Workforce (CWF) Program - CWF Model JFHQ-DODIN PKI Auditor Qualified or served as Navy RA, LRA or PKI ISSO for 3 years.

The Information Security Specialist is responsible for Information Security within the Americas region. Duties include designing, implementing, and improving security controls, incident response strategies, and risk mitigation measures to safeguard IT systems and sensitive data. *This position is office-based in Newport News, VA.* Responsibilities Designs and implements security solutions to protect IT infrastructure Develops and enforces security policies, standards, and risk mitigation strategies Conducts penetration testing, vulnerability scanning, and security audits Investigates and responds to security incidents, performing forensic analysis Ensures compliance with regulatory frameworks (GDPR, NIS2, ISO 27001) Evaluates and integrates new security tools and technologies Automates security processes and threat mitigation where possible Works with IT, DevOps, and risk management teams Engages with regulatory bodies and compliance auditors Coordinates with external cybersecurity partner Competencies Education and Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Technology or related discipline and 4 years of IT experience focused on Information Security relevant technologies; or combination of equivalent education, training, certification, and 8 years relevant experience. Information Security certifications (such as CISSP: Certified Information Systems Security Professional; CEH: Certified Ethical Hacker; CISM: Certified Information Security Manager; GIAC: Global Information Assurance Certification) can be accepted in lieu of bachelor's degree. Security+ preferred. Knowledge of Information Security engineering principles (least privilege, zero trust) Knowledge of IAM solutions (Active Directory, Okta, SSO, MFA) Knowledge of threat modeling and risk analysis techniques Knowledge of Information Security automation tools (Ansible, PowerShell, Python) Knowledge of Compliance frameworks (NIST CSF, CIS Controls, ISO 27001) Skilled in designing and implementing security architectures Skilled in automating security processes and threat mitigation Skilled in managing security operations and improving response efficiency Ability to work independently and take ownership of security initiatives Strong problem-solving skills in high-pressure situations Excellent teamwork and collaboration in cross-functional security projects Clear and concise communication to bridge technical and non-technical audiences Travel domestically and internationally occasionally. Ability to obtain and maintain a valid driver license and passport. Our Offer An interesting and ambitious role in a successful international company. We offer a secure work environment with a comprehensive benefits package that includes major medical, dental and vision insurance, 401K plan with company match, paid vacation and personal days and competitive salary. Referral Bonus: Tier III Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Thomas Steele. Liebherr-America, Inc. and its US affiliates are Equal Opportunity Employers. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. If you are a California resident, please visit Liebherr USA, Co. Privacy Statement for more information regarding how Liebherr-America, Inc. and its US affiliates collect and process your personal information. One Passion. Many Opportunities. The company In line with its international growth, Liebherr's venture into the United States began in 1970. Within a couple of years, the company expanded and completed its production facilities in Newport News, Virginia, for its product line of hydraulic excavators. It was later converted into Liebherr's manufacturing facility for mining trucks and remains home to Liebherr Mining Equipment Newport News, Co. In addition to its production facility, Liebherr markets a wide variety of products and technologies through its companies located across the United States. The companies are Liebherr-Aerospace Saline, Inc., Liebherr Gear Technology, Inc., Liebherr Automation Systems, Co., and Liebherr USA, Co., the umbrella company for 12 product segments that are positioned across the United States. Location Liebherr USA Co. 4800 Chestnut Avenue 23607 Newport News, VA United States (US) Contact Thomas Steele ************************ [Not translated in selected language]

Posting Details Posting Details Job Title OERI - Critical Infrastructure and Data Transformation (CID) to Advance National Security (Research Faculty, Non Tenure Track ) Department RESILIENCE CLUSTER HIRE Number TBA Job Description The Office of Enterprise Research and Innovation (OERI) at Old Dominion University invites applicants for an annual 10-month position at Non-Tenure Track Assistant/Associate/Full Research Professor rank as part of a multi-position hiring cluster aiming for the Critical Infrastructure and Data Transformation to Advance National Security to begin in Fall 2026. This is an annual 12-month appointment that will begin July 25, 2026. The cluster, with faculty hires in School of Data Science, Batten College of Engineering and Technology and Office of Enterprise Research and Innovation, integrates interdisciplinary research in resilient infrastructure, infrastructure data transformation, and secure smart systems to address national security challenges in coastal regions. It explicitly addresses the Old Dominion University's Strategic Plan in research areas including Coastal Resilience and National Security. The research in this cluster will be supported by five interrelated, cross-cutting research domains, including Artificial Intelligence & Machine Learning, Computational & Data Science, Cybersecurity & Network Security, and Modeling & Simulation. The primary responsibilities for this position are as follows: Develop an interdisciplinary and externally funded research program in Critical Infrastructure and Data Transformation (CID) to Advance National Security. Collaborate with faculty hired in this cluster and other faculty at Old Dominion University. Opportunities for teaching graduate courses in the candidate's area of expertise will also be available with other departments in the BCET college or School of Data Science. Position Type FullTime Type of Recruitment General Public Type of Recruitment General Public Minimum required education and/or special licenses, registrations, trainings, or certifications A Ph.D. or equivalent terminal degree in engineering, computer science, or closely related field, complementary to the cluster's core areas of research, by May 2026. Candidates for research assistant professor should have a record of conducting research in modeling and simulation as evidenced by peer reviewed publications. Candidate for associate or full professor must have a demonstrated sustained track record of external federal funding and peer reviewed research publications. Minimum required level and type of experience, knowledge, skills, and abilities Candidate for associate research research professor must have a demonstrated sustained track record of external federal funding and peer reviewed research publications. A plan for developing an externally funded research program at ODU with expressed interest in leveraging complementary research expertise at ODU. Preferred Qualifications Non-Tenure Track (Research Assistant/Associate Professor) Office of Enterprise Research and Innovation (OERI): is seeking for faculty with the expertise aligned with the Center for Secure and Intelligent Critical Systems Digital Twin for distributed energy resources, Modeling and Simulation for efficient data center infrastructure. Cyber Resilient data center. Skill in working both independently and as part of an interdisciplinary team. Ability to transfer existing projects and plans for acquiring and sustaining sponsored research. Previous development and/or leadership experience with interdisciplinary, administrative, and/or academic initiatives. Successful record of grant funding. Conditions of Employment Location Suffolk, VA Job Open Date 09/15/2025 Application Review Date 11/15/2025 Open Until Filled Yes Application Instructions Interested candidates must complete the online application at************************************ including the following: A cover letter describing your relevant qualifications and indicating the rank you would like to be considered for. A curriculum vitae. A statement of research interests. Unofficial graduate transcripts. Contact information for 3 professional references. At the appropriate time in the Search process, these individuals will be contacted by the Search Committee. Applications should be submitted by November 15, 2025 for full consideration. The positions will remain open until filled. Questions about these positions should be directed to Dr. Murat Kuzlu (**************), Chair of the Critical Infrastructure and Data Transformation (CID) to Advance National Security Cluster Hire. Telework Friendly No Reasonable Accommodation Request If you are an individual with a disability and require reasonable accommodation, please contact the Division of Talent Management and Culture at *************. Pay Transparency Nondiscrimination Provision The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or consistent with contractor's legal duty to furnish information. About the College The Office of Enterprise Research and Innovation (OERI), within the Division of Research and Economic Development at Old Dominion University, unifies and focuses the advanced research of six distinct and diverse multidisciplinary applied research centers. From cybersecurity to maritime to modeling and simulation, OERI supports ODU's research infrastructure through innovation, workforce development, and industry engagement. OERI has evolved from the Virginia Modeling, Analysis, and Simulation Center (VMASC), which was established in 1997, and has been a secure and applied research and enterprise research facility of ODU. The continued success and growing recognition of VMASC as a global leader in the modeling and simulation sector has underscored the value of unifying research and commercial products. *************************************************************** About the Department

Tyto Athene is searching for an experienced System Engineer, Physical Security to support one of our DoD programs. This individual will be required to operate in a diverse security environment. Responsibilities: Design, install, test and support of DoD physical security systems including, but not limited to, access control, closed-circuit television and intrusion detection. Three (3) years' experience working with and validating engineering drawings in accordance with DoD engineering drawings practices. Ability to troubleshoot LENEL manufactured security system and access control system equipment and software. Provide security engineering support including review and response to technical specifications, scope of work, product selection, surveys with customer interview, design, technical writing and implementation of Electronic Security Systems. Evaluate new COTS products, identifies form fit function (FFF) replacements for end of life (EOL) equipment, reviews maintenance trouble tickets and research solutions. Maintains As-Builts to include inside and outside plant, fiber optic infrastructure, CCTV, IDS, ACS, head end and other related Electronic Security Systems. Develop Installation Design Packages (IDP) that are SIPH compliant for Electronic Security Systems such as PACS, IDS/PIDS, VMS, and other related low voltage systems for highly sensitive areas such as SCIF. Qualifications Required: Ability to obtain a CI polygraph Bachelor's degree in electrical or mechanical engineering and a minimum seven (7) years' experience; OR a minimum of ten (10) years' experience if candidate does not have a degree CompTIA Security+ certified LENEL Certified Expert (LCE) Clearance: Active TS/SCI clearance is required. Candidates must have this clearance in order to be considered. About Tyto Athene Compensation: Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically between $130,000-$140,000. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. Benefits: Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave. Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide. At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto? Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.

Solvere Technical has an immediate need for an ONSITE Information Systems Security Engineer (ISSE) at Navy Information Warfighting Development Center (NIWDC) based in Norfolk, Virginia. MUST be a US CITIZEN, live close to NORFOLK, VA, have an ACTIVE TOP SECRET CLEARANCE, with active IAT II CERTIFICATION. Job Description Supports our customer providing system Risk Management Framework (RMF) ATO security engineering services and documentation. Support the Government to ensure core security engineering principles are implemented into assigned programs information systems architecture. Determine client security control requirements and support security categorization of the system. Implement security controls utilizing eMASS and Xacta 360 support tools. Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and providing recommendations of risk mitigation to customer. Perform Risk Assessments and develop Concepts of Operations (CONOPS), Security Policies, Cybersecurity Strategy, Test Plans, System Security Plans and CYBERSAFE related documentation. Maintain the Plan of Action and Milestones (POA&M) to ensure documentation and traceability which outlines a plan to address identified security weaknesses or vulnerabilities within an organization's systems. Perform cybersecurity hardening and security monitoring on network infrastructures (STIGs, patching, ACAS scanning, etc.). Ability to develop and interpret security architectures, data flow diagrams, and publications that depict the system(s) architecture. Ability to be able to identify risk areas of non-compliance and propose solutions to design to full-fill operational requirements and meet cybersecurity requirements simultaneously. Incorporate cybersecurity vulnerability solutions into system designs (e.g., Cybersecurity Vulnerability Alerts). Provide support to security/certification test and evaluation activities. Job Qualifications: MUST be a US Citizen MUST have an active Security Clearance Top Secret MUST reside in Norfolk, Virginia or surrounding areas and able to commute onsite daily. MUST have at least five (5) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity within the Federal Government. MUST have an active CompTIA Security+ CEU or equivalent certification (CISSP, SSCP, CSA+, or equivalent). MUST have an Active DoD 8570 IAT II certification. MUST have a Bachelor's degree in Cybersecurity, Information Assurance, Computer Science, or equivalent 5+ years experience. Must be Proficient in Microsoft Office tools. (Power Point, Word, Visio, etc.). Must have excellent technical writing, reporting and communication skills. Desired Qualifications: Experience conducting security assessments and working with Security Control Assessors (SCAs) and applying standard auditing techniques during systems security control assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient and recommending remedial action to Government customer to ensure compliance. Knowledge of Department of Defense Architecture Framework (DoDAF) views facilitating integration and promoting interoperability across capabilities and among integrated architectures. Experience with modern networks, operating systems, databases, and virtual computing. Expert knowledge of security engineering, design concepts and principles. Exceptional verbal and written communication skills, with the ability to collaborate across teams and organizations, including senior level management. Proven ability to multi-task and deliver on-time with the highest quality. Experience with the NAVY RMF ATO process. Experience working with Navy EMASS and Xacta 360. Experience with Cloud Systems Masters degree in Cybersecurity, Information Assurance, Computer Science, or equivalent 9+ years experience. Security Requirements: Must already have an Active DoD Top Secret security clearance. Travel Requirements: Occasional travel might be required Physical Requirements: Repeating motions that may include the wrists, hands and/or fingers. Light work that includes moving objects up to 20 pounds BENEFITS Solvere offers a comprehensive and generous benefits package. The Solvere benefits package includes medical, dental, and vision insurance for the employee and/or families. Solvere also includes basic life insurance plus short- and long-term disability for the employee. Employees may elect to enroll in our company s 401k plan. Employees will also accrue paid time off and holidays. Additional voluntary options include supplemental insurance plans. About the Company Visit: ************************ Solvere Technical Group is committed to non-discrimination and equal employment opportunity. All qualified applicants will receive consideration for employment without discrimination based on disability, protected veteran status or any other characteristics protected by law.

Working Title Information Security Analyst (Filling more than one position) Role Title Information Technology Specialist II Position Number 00719 FLSA Exempt Appointment Type Full Time Type of Posting General Public Is Sensitive Position? No If Sensitive Position, please paste statement Designated Personnel Yes Responsible Employee This position is designated as a "responsible employee" who has the authority to redress sexual violence, who has the duty to report incidents of sexual violence or other student misconduct, or who a student could reasonably believe has this authority or duty. If Designated Personnel, please paste statement Statement of Economic Interest No If Statement of Economic Interest, please paste statement Is this a restricted position subject to availability of funding? If Restricted Position, please paste statement Departmental Objective To inspire and foster partnerships that focus on innovative solutions for ubiquitous access and use of information services to support educational and cultural opportunities that benefit the CNU community. Purpose of the Position The Information Security Analyst is responsible for implementing the campus' information security program to include reviewing security plans, and role-based training requirements, operating security tools, scanners, tools and responding to security alerts. Knowledge, Skills, and Abilities Related to Position * Knowledge of general concepts of information security best practices; IT Governance, Risk Management, and Compliance (GRC) for example NIST CSF, NIST SP 800-39 and NIST SP 800-30 * Knowledge of NIST SP 800-53 rev 5 security controls and the Risk Management Framework (e.g. NIST SP 800-37) * Knowledge of vulnerability scanning and threat mitigation tools such as Microsoft Defender, Tenable Security Center / Nessus, Burp Suite and Trivy * Knowledge of centralized log management tools such as Splunk, Graylog, Microsoft Sentinel, AWS CloudTrail * Knowledge of common vulnerability management frameworks such as CIS or STIGs * Knowledge of security concepts such as Least Privilege; and Separation of Duties * Ability to think critically, analyze risk, consider possible solutions, and make recommendations * Ability to communicate effectively both verbally and in writing with diverse groups of organizations and people * Ability to develop relationships with and provide guidance to all levels of management regarding employee system access * Willingness to be very flexible, ability to maintain the highest professional standards, and competence to be accurate, thorough, and productive with all work * Foundational knowledge of computer networking (IPv4 and IPv6), ports and protocols, traffic flow * Understanding of system administration for both on-premises and cloud systems * Understanding of defense-in-depth, and common security elements * Familiarity with Infrastructure as Code (e.g., Terraform, Ansible, Puppet, Chef) and automated pipelines (e.g., GitLab) * Understanding of the IT Incident Response processes * Knowledge of regulations such as FERPA, GLBA, PCI * Knowledge of Palo Alto firewalls and IDS/IPS concepts * Demonstrated understanding of technical, engineering, and programmatic capabilities related to information systems and/or subsystems * Familiarity with programming and query languages, such as Python, SQL, KQL Education, Experience, Licensure, Certification Required Education: * High school graduate or equivalent education/experience that equates to a high school diploma. Experience: * Experience creating notional and technical diagrams * Experience in an information security environment * Experience developing and customizing security-related scripts Additional Consideration(s) Education: * BA or BS in Information Security, Information Assurance, Computer Science, or related equivalent professional experience * Possession of a current information security certificate / credential, such as a CISSP, CISM, or similar. Experience: * Professional experience with information security to include managing systems security architecture, design, installation, operational planning, and risk remediation activities on an enterprise level * Experience in information security performing IT/technical audits, security vulnerability assessments, system configuration verifications, and security-related assignments * Experience working with centralized logging solutions and vulnerability scanning tools * Experience with vulnerability scanning solutions, including Tenable Security Center * Experience working in a higher education environment * Experience in installing security software and documenting security issues Salary Information Starting at $68,534, Commensurate with Education and Experience CNU Information This position includes Commonwealth of Virginia and Christopher Newport University employee benefits. CNU offers a comprehensive benefits package to include retirement plans, medical, dental, vision, and a variety of other options. Available leave includes vacation, sick time, personal time, and volunteer/service leave. State employees are eligible for discounted travel, banking, legal and retail services, among others. To view more information about our benefits, please visit ***************************** Role Code 39112 Conditions of Employment * This is a classified position. New and returning classified employees are required to complete a 12-month probationary period * Selected candidate must attend a 2-day New Employee Orientation Program Is this position telework eligible? Yes Telework Eligibility Disclaimer This position is eligible for periodic telework as determined by the department. Eligibility is not guaranteed, and is subject to supervisor approval. Eligibility will depend on the likelihood of the employee's success in a telework arrangement and the supervisor's ability to manage telework. Departments and/or Human Resources may modify or revoke eligibility at any time. Employees will be required to sign a Telework Agreement. Physical/Cognitive Requirements Light Lifting (less than 20 lbs.) Essential Moderate Lifting (20-50 lbs.) Essential Heavy Lifting (more than 50 lbs.) Marginal Pushing/Pulling Essential Standing Essential Sitting Essential Bending Non-Applicable Walking Marginal Climbing Non-Applicable Reaching Non-Applicable Repetitive Motion Non-Applicable List other physical requirements Emotional Demands Fast Pace Essential Average Pace Essential Multiple Priorities Essential Intense Customer Interaction Essential Multiple Stimuli Essential Frequency Changes Essential Mental/Sensory Demands Memory Essential Reasoning Essential Hearing Essential Reading Essential Analyzing Essential Logic Essential Verbal Communication Essential Written Communication Essential List other mental/sensory requirements Posting Detail Information Posting Number PS1180P Number of Vacancies 2 Posting Date 12/11/2025 Closing Date 12/26/2025 Open Until Filled No Special Instructions to Applicants CNU will only accept online applications through the jobs.cnu.edu website. Online applications must be received by midnight on the closing date indicated in a job announcement. Faxed, emailed, hand-delivered or mailed applications and attachments will NOT be accepted. Applicants are welcome to complete an online application by using computers located in the Office of Human Resources. Address: CNU North - 321 Hiden Boulevard, Suite 101, Newport News, VA 23606. Public computers are also available in nearby libraries and at the Virginia Employment Commission. Address: 600 Butler Farm Road, Hampton, VA 23666 (M-F 9am-4:30pm). In order to be considered for this position, your application must provide evidence of experience and/or education supporting the requirements outlined in the posting. We encourage you to be clear and specific when describing your experience. *Responses to supplemental questions alone are not considered evidence of experience and/or education. Quick Link for Direct Access to Posting *********************************** Advertising Text EEO/Diversity Statement(s) Christopher Newport University, an EO Employer, is fully Committed to Access and Opportunity. Notice of Non-Discrimination & Title IX Policy Statement Reasonable Accommodation Request Christopher Newport University (CNU) will make a reasonable effort to accommodate persons with disabilities in the application and/or interview process. Persons with disabilities who require accommodation should contact the CNU Human Resources Office by calling **************. Alternative Hiring Process In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their Certificate of Disability (COD) provided by a Certified Rehabilitation Counselor within the Department for Aging & Rehabilitative Services (DARS). Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS to get their Certificate of Disability. If you need to get a Certificate of Disability, use this link: ********************************************** or call DARS at ************. Background Check Applicant finalists are required to complete a CNU sponsored background check. After accepting employment, individuals are required to complete a USCIS Form I-9 (employment eligibility verification) and present documentation from the USCIS List of Acceptable Documents that establishes both their identity and employment authorization to work in the United States. The provided documents will be verified through the Department of Homeland Security E-Verify website.

Akira Technologies is seeking a SOC Cyber Defense Analyst (SME / Journeyman) to support a government client in Norfolk, VA. This role provides hands-on cybersecurity monitoring, incident response, and forensic analysis across Operational Technology (OT), Industrial Control Systems (ICS), and enterprise network environments, including on-premises and cloud systems. The ideal candidate has 5-7 years of cybersecurity operations experience, operates independently on complex incidents, and serves as a technical subject matter expert within the SOC while supporting and mentoring junior analysts. This is an onsite position supporting NAVFAC in Norfolk, VA. This role requires Top Secret or higher clearance. Key Responsibilities Perform cyber defense monitoring and forensic analysis across host and network systems, including malware triage, log correlation, and timeline reconstruction. Investigate security incidents using MITRE ATT&CK and Cyber Kill Chain methodologies. Support containment, eradication, and recovery actions in accordance with established incident response procedures. Serve as a journeyman-level SME, providing technical guidance and mentoring to junior SOC analysts. Monitor, tune, and enhance SIEM platforms (e.g., Splunk Enterprise Security, Elastic SIEM, Cribl) to improve detection and threat visibility. Develop and maintain SIEM correlation rules, dashboards, and continuous monitoring content using data models and tstats. Evaluate system and network configurations for vulnerabilities and recommend remediation aligned with DoD cybersecurity standards. Support STIG compliance activities and assist with Information Assurance Vulnerability Management (IVAM) actions. Utilize asset mapping and inventory tools to validate authorized devices and identify unauthorized or anomalous systems. Handle digital evidence in accordance with government forensic and chain-of-custody best practices. Produce concise technical and executive-level reports detailing findings, impacts, and mitigation recommendations. Collaborate with SOC leadership and government stakeholders to improve SOC workflows, threat hunting, and operational effectiveness. Required Qualifications Active Top Secret clearance (or higher). 5-7 years of experience in cybersecurity operations, SOC analysis, or incident response. Strong knowledge of Windows and Linux operating systems, network traffic analysis, and security monitoring. Experience working within DoD cybersecurity frameworks and compliance-driven environments. Hands-on experience with tools such as Splunk (Enterprise Security preferred), Palo Alto, Elastic SIEM, Cribl, Nessus, CrowdStrike, VMware, or similar technologies. Demonstrated ability to independently lead investigations and communicate findings to technical and non-technical audiences. Preferred Qualifications Experience supporting OT / ICS / SCADA environments. Advanced Splunk Enterprise Security content development experience. Familiarity with GrayNoise, Shodan, MODBus, PCAP analysis, or industrial protocols. Relevant certifications such as GCIH, CEH, GCED, OSCP, CISSP, or equivalent. Leveling Summary Performs independently on complex incidents. Acts as a technical SME within the SOC. Mentors junior analysts without formal program or SOC ownership. Escalates advanced or strategic issues to senior or lead analysts. Salary Range: $125,000 - $140,000 Akira's pay range for this position considers various factors including skills, years of experience, training, licenses, certifications, alignment with market data, and internal equity in the organization. This pay range estimate is a general guideline only and not a guarantee of compensation or salary, which Akira believes to be done in good faith in compliance with local laws. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. General Description of Benefits Akira offers its employees multiple options for medical plans (some with Health Savings Account), dental plans, and vision coverage, and a 401(k) plan with employer match. To promote work/life balance, Akira offers paid time off, including vacation and sick time, holidays, paid parental leave, military leave, bereavement leave, and jury duty leave. We also offer short and long-term disability benefits to protect employee income in the event of sickness or injury, life insurance, accidental death and dismemberment insurance, and critical illness insurance. Akira also offers tuition, training, and certification reimbursement for professional development and career advancement. Akira regularly reviews our total rewards package to ensure our offerings remain competitive and reflect the values and needs expressed by our employees. About Akira Technologies Akira strives to meet and exceed the mission and objectives of US federal agencies. As a leading small business cloud modernization and data analytics services provider, we deliver trusted and highly differentiated solutions and technologies that serve the needs of our customers and citizens. Akira serves as a valued partner to essential government agencies across the intelligence, cyber, defense, civilian, and health markets. Every day, our employees deliver transformational outcomes, solving the most daunting challenges facing our customers. Akira is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Job DescriptionLocation: Virginia Beach VA Required Clearance: Secret - Top Secret SCI Certifications: DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level I, Level II or Level III depending on position hired to fill Required Education: Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines Required Experience: Two (2) Years for Level I, five (5) Years for Level II and ten (10) years for Level III Position Description: PingWind is seeking the right fit to join a team of Cyber professionals as they support critical functions to provide Cyber Security for the Navy's network. Depending on the position hired to fill, you will be ensuring the highest level of cyber security by implementing STIGS, performing scans using tools such as ACAS, and tracking/patching/mitigating vulnerability findings. Key goal is to ensure the warfighter can achieve their mission without the interference of adversaries and opportunistic hackers. Work is performed in support of Naval Surface Warfare Center (NSWC), DAHLGREN DIVISION in Virgina Beach as it conducts Research, Development, Test & Evaluation (RDT&E), analysis, systems engineering, integration, and certification of complex Department of Defense systems. Primary Responsibilities: Level: I Two (2) years and Level II: Five (5) years of full-time professional experience performing system hardening with demonstrated experience in the following areas: • Performing STIG implementation;• Performing vulnerability assessments with the Assured Compliance Assessment Solution tool;• Experience with Security Management policy guidance and directives; and• Remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating systems.Level III: Ten (10) years of full-time professional experience performing system hardening with demonstrated experience in the following areas:• Computer security, military system specifications, Security Management policy guidance and directives, DoD and cybersecurity policies;• Risk Management Framework (RMF) and the implementation of Cybersecurity and IA boundary defense techniques and various IA-enabled appliances. Examples of these appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS), EMASS and Endpoint Security Solution (ESS);• Performing STIG implementation;• Performing vulnerability assessments with the Assured Compliance Assessment Solution tool; and• Remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating systems. Required Qualifications: • Secret - Top Secret SCI • DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level I, Level II or Level III depending on position hired to fill• Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines• Two (2) Years for Level I, five (5) Years for Level II and ten (10) years for Level III Desired Qualifications/Experience: • Navy experience a plus • DoD 8570.01-M CSSP certification• RMF experience About PingWind PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Washington DC and Northern Virginia. **************** Our benefits include: • Paid Federal Holidays• Robust Health & Dental Insurance Options• 401k with matching• Paid vacation and sick leave• Continuing education assistance• Short Term / Long Term Disability & Life Insurance• Employee Assistance Program through Sun Life Financial EAP Guidance Resources Veterans are encouraged to apply PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Provide cybersecurity expertise supporting enterprise environments, including risk management, incident response, threat/vulnerability mitigation, and security architecture considerations. Key Responsibilities Assess/mitigate cybersecurity threats and vulnerabilities; apply risk management processes. Support encryption, access controls, intrusion detection, traffic analysis, and incident response/handling. Apply secure system/software lifecycle concepts and security architecture/enterprise reference models. Support continuity planning (backup/recovery, disaster recovery, COOP). Apply program/project management principles in support of information security program needs. Qualifications (Citizenship, Education, Experience, Skills) Experience: 4+ years in Cybersecurity. Skills (examples explicitly called out): Encryption algorithms: IPSEC, AES, GRE, IKE, MD5, SHA, 3DES. Incident response/handling; intrusion detection; penetration testing; emerging threats. Network protocols and models (TCP/IP, OSI), traffic analysis, access control mechanisms (e.g., ACLs). System/application threat knowledge (e.g., buffer overflow, XSS, SQL injection). Cloud service/deployment models (SaaS/IaaS/PaaS) and cloud security strategy/architecture. Data security standards including PII/PCI/PHI. Required DoD Systems, Tools, and Framework Experience Office tools: Ability to document, track, and report cyber work products Scheduling/Tracking systems: Experience supporting enterprise incident response programs/roles and performing analysis/reporting Security/Information handling: Knowledge of cybersecurity laws/regulations/policies/ethics; risk management; secure acquisition/supply chain risk concepts. We are an Equal Opportunity Employer and strive to provide equal employment opportunity to all applicants and staff in accordance with sound employee relations practices and federal and state laws. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, marital status, ancestry, genetic information, pregnancy status, or any other characteristic protected by law.