Cyber security analyst jobs in Sarasota, FL

Job DescriptionWho we are.Platinum Technologies is a Northern Virginia based integrated solutions firm that specializes in Cybersecurity, Cloud and Digital Services to the Public Sector. Our team solves hard problems and helps our Mission Partners achieve their goals. If you are self-motivated, possess demonstrated learning agility, and are passionate about delivering high-quality work products - we want to hear from you. We lead with technical expertise, but that is just the tip of the iceberg - the ‘Why' matters. At Platinum, we don't hire people to do a job. We provide professional and leadership development to complement our self-motivated domain experts. Our teammates are dot-connecting leaders that operate in a mutually accountable environment to deliver thought leadership, expert technical analysis, and quality execution for our clients You.Platinum Technologies currently has an opportunity for an experienced Identity (Cyber) Engineer to help advance the security posture and lead the organization's Identity, Credential and Access Management (ICAM) environment into compliance with Zero Trust operational and compliance requirements. The Identity (Cyber) Engineer is a hands-on technical specialist responsible for the implementation, configuration, and management of the core platforms that secure user and system identities across the enterprise. This role focuses on the "hands-on-keyboard" execution of deploying and maintaining the security policies and controls within the organization's Identity Providers (IdP), Privileged Access Management (PAM), and Identity Governance and Administration (IGA) solutions. The ideal candidate will have deep technical expertise in one or more of these domains and a strong commitment to implementing least-privilege access in a complex hybrid environment. We are offering a competitive sign-on bonus and relocation assistance for qualified candidates. Located at MacDill AFB, Tampa, Florida. Candidate must hold an active TS/SCI clearance. What you get to do. •Design, build, test, and deploy Microsoft Entra ID Conditional Access policies to enforce Zero Trust principles for access to cloud resources in Azure and AWS. Configure and maintain Certificate-Based Authentication (CBA) for CAC/PKI. Manage and troubleshoot the on-premises ADFS environment for legacy application support.•Configure and manage the Ping Federate platform as an enterprise federation gateway. Onboard new applications for Single Sign-On (SSO) using SAML and OIDC. Build and maintain authentication policies to enforce strong, phishing- •Perform the hands-on onboarding of all privileged user, service, and application accounts into the Delinea vault.•Configure and enforce Delinea policies for credential rotation, session recording, and monitoring.•Build and implement Just-in-Time (JIT) and Just-Enough-Administration (JEA) access request and approval workflows to eliminate standing privileges.•Implement and configure the automation of the Joiner-Mover-Leaver (JML) identity lifecycle process, replacing manual, ticket-based systems.•Build and maintain the enterprise access catalog in SailPoint to replace the manual IMT48 form with an automated, workflow-driven request and approval system.•Configure and execute periodic access certification campaigns for critical applications and privileged roles.•Use the Active Roles console to implement secure, delegated administration for Active Directory, creating policies to automate user/group lifecycle tasks.•Centrally manage authorization policies for the Linux estate, defining Host-Based Access Control (HBAC) rules and sudo policies to control access to RHEL servers. Required Skills.•Deep, hands-on experience with at least one of the following core platforms: Microsoft Entra ID, an enterprise PAM solution (e.g., Delinea), or an enterprise IGA solution (e.g., SailPoint).•Strong understanding of core identity security principles, including least privilege, MFA, JIT/JEA, and RBAC/ABAC.•Experience with Active Directory administration and group policy management.•Ability to implement and troubleshoot complex security policies within enterprise tools. Preferred Skills.•Microsoft Certified: Identity and Access Administrator (SC-300).•Delinea Certified Administrator.•SailPoint Certified IdentityNow Engineer.•Ping Certified Professional.•Experience with Red Hat IdM policy management.•DoD 8140 Compliance (IAT Level II) The Company is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age, or genetic information. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Dark Wolf Solutions is seeking a Cyber Security Engineer to be an integral part of a collaborative team supporting USSOCOM Special Operations Forces Mission Program by providing cloud migration solutions, including application assessment, security requirement identification (IaaS vs. PaaS, bring-your-own-ATO, control inheritance), and architecture recommendations, resulting in seamless migrations. Platform Engineers will work in a fast-paced, collaborative environment to complete successful cloud-to-cloud migrations and are currently consulting on hardware-to-cloud migrations. The successful candidate will be comfortable in and have previous experience in Agile development, DevSecOps, Artificial Intelligence (AI) and Machine Learning (ML), data engineering, and cybersecurity environments. The candidate will be located in Tampa, FL and expected to be on-site at a customer location in a hybrid capacity. Key responsibilities include, but are not limited to: Developing, reviewing, and critiquing assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD, ICD, CNSS, and NIST special publications. Researching security standards/tools; reviewing or conducting system security and vulnerability assessments of cloud and on-prem environments in a fast-paced, demanding environment. Supporting development and implementation of innovative methods to achieve compliance with government and commercial cybersecurity frameworks. Researching and identifying best practices to harden and secure containers and Kubernetes clusters at scale. Ensuring platform and networks are compliant with DoD policies. Required Qualifications: Bachelor Degree in Computer Science, Mathematics, or equivalent technical degree; or in lieu of degree, 3 years of equivalent industry experience 5+ years of relevant experience Deep knowledge and experience with FedRAMP or Impact Level assessments Familiar with commercial cloud providers and Kubernetes platforms Knowledgeable on zero trust architecture concepts such as Google BeyondCorp Extensive experience with NIST special publications, RMF and the various control families within Advanced writing skills: able to clearly articulate ideas for executive level consumption Advanced problem-solving skills: able to use prior experience and knowledge to address new situations; especially during interactions with clients Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions US Citizenship and an active Secret security clearance Desired Qualifications: Previous experience with newer ATO strategies such as Fast Track or Continuous ATO Knowledge of Platform One Iron Bank secure registry of hardened containers Previous experience providing training in RMF or explaining cyber security concepts to others in a training like environment The following certifications are desired: CEH, Security +, CISSP, CISM This role is based out of Tampa, FL. The salary range for this position is estimated to be between $150,000.00 - $170,000.00, commensurate on experience and technical skillset. We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Job Title: Cybersecurity Engineer Sarasota, FL Rampant employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At Rampant, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. Rampant is an Equal Opportunity Employer. II. Job Summary ◦ A Rampant Technologies Cybersecurity Engineer (CSE) is a key resource that is a part of the Rampant team reporting to the Principal Engineer overseeing the CSE team to deliver innovative Cyber Security solutions that are in alignment with the company's goals. ◦ The CSE will be tasked to execute against Contract level programs/projects/sub-projects that are within their immediate supervising PE's contract portfolio and/or to matrixed sister contracts managed by other PEs. ◦ The CSE position assists the Principal Engineers (PE) on their assigned Contracts with the planning and support and implementation of existing and new contracts plus helps assess opportunities for expansion of existing business and/or help identify net new opportunities. ◦ Key Measures of successful performance for CSE: ▪ Contract measure - per contract, on-time delivery of assigned tasks that meet the contract scope, standards, and stated deadlines per each contract/project assignment (barring no documented delays or scope constraints imposed outside of the individual contributors span of control). ▪ Functional measure - annually renews key certifications associated with job description and actively engages in at least 1 training program per year that supports the job/mission. ▪ Company measure - consistently demonstrates the company's Core Values - PRIORITIZING QUALITY & PROFESSIONALISM, INNOVATION AND EVOLUTION, DEMONSTRATING INTEGRITY, WE EXIST TO ASSIST- OPS IS TOPS, AND CONTINUOUS IMPROVEMENT III. Essential Duties & Responsibilities Functional Responsibilities: • SME on problem identification, diagnosis, and resolution of problems • Develop best practices for processes and standards that will better the system • Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements. • Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones. • Perform hardening of ops systems, COTS and open-source product • Validate best practices in Penetration testing, Configuration analysis, and Security • Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing. Generating/maintaining security accreditation artifacts associated with RMF process to include, but not limited to Security Requirements Traceability Matrix, Security Plans, Certification Test Plans, Continuous Monitoring Plans) • Perform timely updates in accreditation DB • Provide technical guidance focused on information security architecture. IV. Key Skills, Education & Experience ◦ Education: Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline. Without a degree then total of Twelve (12) years of Cybersecurity Engineer experience may be substituted for a bachelor's degree. ◦ Required Experience and Skills: ◦ Minimum of eight (8) years' relevant experience as a Cybersecurity Engineer in programs and contracts of similar scope, type, and complexity is required; ideally three (3+) years of direct experience in the same level/grade for like role. ◦ Techno functional knowledge of/experience in: ▪ Execution of the Assessment & Authorization (A&A process) in accordance with government requirements (e.g. ICD-503) ▪ Information systems security and continuous monitoring practices and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A. ▪ DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures ▪ Integrity, availability, authentication, and non-repudiation concepts ▪ IT security principles and methods (e.g., firewalls, demilitarized zones, encryption) ▪ Network access, identity, and access management (e.g., public key infrastructure [PKI]) ▪ Security system design tools, methods, and techniques ▪ Relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure. ▪ TCP/IP networking technologies, Linux account administration, Linux folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associated with Windows and Linux platforms. ▪ Continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques. ▪ Virtualization technologies (e.g. VMWare, Docker) ▪ OSI model and how specific devices and protocols interoperate, including knowledge of protocols, and services for common network traffic ▪ DoD/IC system security control requirements ▪ XACTA and SNOW ▪ Security testing and penetration tools that include Assured Compliance Assessment Solution (ACAS), Wireshark, Retina, Tripwire, etc… ▪ Hands on experience and proficiency with the full Microsoft Office Suite and tools such as Microsoft Project, Microsoft Visio ▪ Self-starter/motivator and having a proactive and strategic mindset are a must ▪ Strong Written & Verbal Communication Skills ◦ Desired Experience and/or Skills: ◦ Understanding of Independent Assessor principles and organizational requirements that are relevant to confidentiality. ◦ Ability to articulate business and technology needs/constraints to both technical and non-technical project team members and end users alike. ◦ Experience working in a matrixed environment. ◦ Strong Collaboration & Coalition Building Skills ◦ Interacts with all levels of the company and its customers/partners with patience, courtesy, diplomacy, and professionalism. Additional Responsibilities & Skills (may be applicable to all levels - Journeymen, Mid, and Senior): V. Contract/Project Support Responsibilities: • Assist PE with Customer Relationship & Account Management (relationship building and Issues escalation/remediation) • If Journeyman Level - assist PE and project leads with Project & Task Execution & Monitoring in support of assigned contracts and programs. If Mid or Senior level may also include project lead tasking. ◦ Critically evaluate information gathered from multiple sources; reconciling conflicts in information gathered. ◦ Knowledge exchange with newly assigned team members ◦ Timely delivery against Tasking - technical work as assigned, contract documentation, quality reviews, etc ◦ Tasking Status as defined by contract and/or PE - performs written check-ins/status and participates in all contractually obligated status per contract and/or the Principal Engineer's guidelines (Zoom/Conference Calls and/or onsite as needed if different from normal office location) ◦ Provides timely feedback to Contract level PE if encountering challenges within a project that will impact delivery and ensure both your direct manager PE and matrixed Contract PE is aware of any schedule outages (time off/training) ◦ Contract escalation resolution - within the internal contract team and within customer as necessary • Assist PE and Rampant Leadership with the identification of upsell opportunities w/in existing contracts as well as identifying new lead generation. And as warranted assist with RFI/RFPs necessary to garner new work. • When assigned/matrixed to contracts outside of assigned PE supervisor's portfolio of projects - ensure lines of communication stay open with both the Contract Manager and immediate supervisor/PE. • Adheres to other performance measures as assigned during contract assignments and annual goals alignment. • Performs other duties as assigned. VI. Team Aligned Responsibilities: • Remaining focused on mission/top priorities as assigned • Participation in annual self-evaluations • Adherence to the company's core values, priorities and mission • Continued focus and interest in development of skills that benefit the individual contributor and the company's mission. • If Mid or Senior Level - Peer Mentoring; assist PE's with constructive coaching, and mentorship to more junior team members learning new components of their job. VII. Certifications & Credentials: • Must have certifications (certifications with * indicate willing to hire if certification is within 3-6 months of finalizing): • Active TS/SCI w/ Poly clearance required ◦ Current certification compliant with DoD 8570 IAM or IAT level 3OR obtain certification within 6 months of hire and maintain certification throughout employment. ◦ MUST meet DoD 8570 IAT Level III requirements ◦ IAT Level II Certifications (Security+ or equivalent) VIII. Language Skills ◦ All output, communications, materials will be generated in English. IX. Physical Demands ◦ Predominantly stationary, office centric work ◦ Travel

Job Title: CENTCOM CITS - Cyber Security Specialist (RMF) Required Clearance: TS-SCI Certifications: Current DoD 8140.01 approved IAT or IAM Level II or Level III Baseline Certification Required Education: Bachelor's degree in Information Systems, Computer Science, Computer Engineering, or another related field. Experience can be used in lieu of education requirement Required Experience: Eight+ (8+) years' experience and a bachelor's degree for Senior positions and five+ (5+) years' experience plus bachelor's degree for Journeyman positions. All experience must be IT related, but preference is to those skills in the field you are applying for. Experience can be substituted for some/all of the education requirement Position Description: PingWind/Exeter is looking for qualified candidates to be a Cyber Security Specialist with relevant RMF experience to provide Cyber Security and Risk Management Framework support to USCENTCOM in Tampa FL. Primary Responsibilities:Typical Responsibilities/Tasks:•Develop, update, organize, maintain, and track RMF documentation using information obtained from the customer•Work in eMASS to catalogue risks and risk mitigations•Communicate clearly and succinctly both written and orally, and present products and ideas in a business-like manner •Communicate complex technical requirements to non-technical personnel; and prepare briefings to senior officials on complex issues•Work in dynamic fast paced environments that require team interaction and coordination of efforts•Provide management support to the RMF for NIPR/SIPR & Coalition networks under the purview of the Command•Formulate plans and schedules to conduct either portions or all the RMF process on selected products•Provide assessment and authorization (A&A) support in the development of security and contingency plans and conduct complex risk and vulnerability assessments•Analyze policies and procedures against DoD security policies and regulations and provide recommendations for closing gaps•Recommend system enhancements to improve security deficiencies•Interface with both client managers and system users Required Qualifications•TS-SCI •Eight+ (8+) years' experience and a bachelor's degree for Senior positions and five+ (5+) years' experience plus bachelor's degree for Journeyman positions. All experience must be IT related, but preferred in the field you are applying for. Experience can be substituted for some/all of the education requirement•Bachelor's degree in Information Systems, Computer Science, Computer Engineering, or another related field. Experience can be used in lieu of education requirement •Current DoD 8140.01 approved IAT or IAM Level II or Level III Baseline Certification•Experience personally drafting RMF products•RMF Certification or equivalent and detailed knowledge of NIST SP 800-53 (Highly desired)•High level experience with DoD IT security requirements•Experience in Certification and Accreditation (C&A) process and development of Risk Management Framework (RMF) certification packages Desired Qualifications•Prior CENTCOM/SOCOM experience a plus About PingWind PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cyber security, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB)\ Certified with offices in Washington DC and Northern Virginia. **************** Our benefits include: · Paid Federal Holidays· Robust Health & Dental Insurance Options· 401k with matching· Paid vacation and sick leave· Continuing education assistance· Short Term / Long Term Disability & Life Insurance· Employee Assistance Program through Sun Life Financial EAP Guidance Resources Veterans are encouraged to apply PingWind, Inc. does not discriminate in employment opportunities, terms and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Responsible for the performance of highly complex cyber security functions related to the design, installation, maintenance, auditing, investigation, and assessment of software applications, networks, and the County's enterprise level information systems. Responsible for proactively identifying and implementing security measures to prevent emerging vulnerabilities, utilizing a diverse array of tools and methodologies. Incumbent will use sound judgement to assess risk, conduct audits, collect and review data, collaborate with other technology divisions, and write reports to advise leadership. Salary $82,804 - $145,080 Ideal Candidate This advanced level SCADA physical and cyber security position will be responsible for the protected access and overall integrity of the SCADA network, to include controlled data Integration, user and device security configurations, access control lists, encryption pass coding and data port security. Develops and maintains documentation of existing SCADA infrastructure including hardware, applications, protocols, communication links and system disaster recovery strategies. Evaluates and applies security updates, patches to all SCADA servers and workstations in accordance with ISA standards. Works with Network and Applications Engineering groups to troubleshoot and resolve issues associated with failures to maintain maximum system security and facilitates continuous improvement of SCADA system integrity and the SCADA environment. Assist with the secure integration of SCADA data to other areas of the business. Build and maintain automated data imports/exports and reports processes. Administers for the Department any operational or security policies associated with the network using firewalls, policy and rule initiation as well as authentication software. Develops and administers Departmental security policies to users related to the use of the SCADA network. This position will provide Departmental wide highly technical and specialized computer and network security oversight associated with the Public Utilities Departments Supervisory Control and Data Acquisition System (SCADA). SCADA serves as the backbone to the Departments Water, Wastewater, Reclaimed Water and Pump Station computerized control systems. Due to continuous technological advancements, systems integration standardization hardware/software compatibility assessments, programming, multi-disciplinary diagnostics, troubleshooting, debugging, coding and process control program development are all vital to ensuring the preservation and protection of SCADA communication for 24-hour operations regulatory compliance and the protection of public health and the environment. The sophistication and continued expansion of multiple local area networks, a large cellular telemetry network and an independent wide area network makes it more vulnerable to cyber-attacks, incidental software or hardware corruption and occasional user misuses from both outside and inside influences. This position will provide the needed focus towards making the network more secure following guidelines for automation and information systems; provided by ICS and ISA standards for automation and systems information. Minimum Qualifications Bachelor's degree from an accredited college or university with a major in information security or another similar technology field; AND Three years of experience in information security system administration and risk assessment within an enterprise environment, encompassing third-party risk, risk analysis, risk mitigation, and residual risk management. Three years of experience leveraging industry-leading cybersecurity tools (SIEM, EDR, vulnerability scanning, and web application security) for comprehensive threat detection and mitigation. OR An equivalent combination of education (not less than a high school diploma/GED), training and experience that would reasonably be expected to provide the job-related competencies noted above. Core Competencies Customer Commitment - Proactively seeks to understand the needs of the customers and provide the highest standards of service. Dedication to Professionalism and Integrity - Demonstrates and promotes fair, honest, professional and ethical behaviors that establishes trust throughout the organization and with the public we serve. Organizational Excellence - Takes ownership for excellence through one's personal effectiveness and dedication to the continuous improvement of our operations. Success through Teamwork - Collaborates and builds partnerships through trust and the open exchange of diverse ideas and perspectives to achieve organizational goals. Duties and Responsibilities Note: The following duties are illustrative and not exhaustive. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. Depending on assigned area of responsibility, incumbents in the position may perform one or more of the activities described below: Conduct thorough assessments of software applications, networks, and systems to identify security vulnerabilities and weaknesses. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Collaborate with cross-functional teams to prioritize and mitigate vulnerabilities based on their potential impact and risk. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Assist in incident response activities, analyzing security incidents to determine the root cause and providing recommendations for prevention. Use frameworks such as MITRE ATT&CK to map adversary tactics and techniques and design hunting scenarios based on threat actor behavior. Collaborate with incident response teams to validate incidents, identify root causes, and assist with post-mortem analysis. Other related duties as assigned. Job Specifications Critical Thinking: Exceptional critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Decision Making: Demonstrates high personal integrity and the ability to handle confidential matters with sound judgment and professionalism. Communication: Proficient communication skills to effectively collaborate with both technical and non-technical stakeholders. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Strategic Planning: Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Managerial/ Operational Skills: Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Leadership: Capable of serving as a Cyber Security Subject Matter Expert (SME) for externally managed technology projects from various departments. Analytical Ability: Excellent critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Managing Complexity: Extensive knowledge of cybersecurity best practices, including familiarity with CIS Critical Controls, NIST Cybersecurity Framework (CSF), MITRE ATT&CK Framework. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Other: Hands-on experience in incident response and recovery, utilizing MITRE and security best-practice assessment methodologies. Physical Requirements Speaking, vision, hearing, sitting, and standing. Use of office machinery such as PCs, Smart Phones, Tablets, and multi-function devices. Work Category Sedentary Work - Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. Emergency Management Responsibilities In the event of an emergency or disaster, an employee may be required to respond promptly to duties and responsibilities as assigned by the employee's department, the County's Office of Emergency Management, or County Administration. Such assignments may be for before, during or after the emergency/disaster.

As an Information Security Analyst, you will have shared responsibility for implementing and maintaining company's security strategies and services while providing security guidance based on industry standards and best practices. The ideal candidate will ho have an educational background and/or experience to maintain and support assigned information security technologies with general leadership oversight. *This position is located out of our Tampa, FL corporate office. 2 days a week in office are required* Some of the regular responsibilities may include: Provision, manage, monitor, test, and decommission security tools and applications. Attend and lead small project meetings and enforce best practices. Apply specialized security technical knowledge. Evaluate, plan and implement security projects. Remain current on assigned security tools and applications and apply skilled understanding of troubleshooting. Document and resolve moderately complex problems. Report progress to leaders. Monitor and analyze Identity security incidents, and provide recommendations for remediation Other duties as assigned or required. Experience to be successful: IT security risks and mitigation strategies. Security Incident Response Security frameworks, including ISO and NIST. Company IT and HR policies. Various IT security-related regulatory requirements. IT security logging and monitoring strategies. Deployment and use of sophisticated IT security monitoring tools. Educational background: Bachelor's degree in computer science, Information Systems, or other related field; or has 2-5 years of relevant experience. Technical Skills to understand the role: Analytical ability Analyzing Security System Logs, Security Tools, and Data Communicating Up, Down, and Across All Levels of the Organization Creating, Modifying, and Updating Security Information Event Management (SIEM) Deep Understanding of Risk Management Frameworks Discovering Vulnerabilities in Information Systems Evaluating and Deconstructing Malware Software Familiarity with Security Regulations and Standards Implement and Maintain Security Frameworks for Existing and New Systems Maintaining Security Records of Monitoring and Incident Response Activities Monitoring Compliance with Information Security Policies and Procedures Network and System Administration Experience Responding to Requests for Specialized Cyber Threat Reports Performing Cyber and Technical Threat Analyses Performing Security Monitoring Producing Situational and Incident-Related Reports Providing Host-Based Forensics Providing Timely and Relevant Security Reports Responding to Security Events Supporting and Managing Security Services #LI-MB1 Benefits may include: Comprehensive medical, prescriptions, dental and vision plans 401(k) plan with a discretionary company match Shareholder Purchase and Reinvestment Plan Basic life and accidental death and dismemberment insurance premium paid by the company Voluntary supplemental life insurance for employees, spouses and dependent children Fertility and Family Building Benefits Paid Disability benefits Paid time off programs 11 Company paid holidays per year Flexible spending account Health savings account (available to High Deductible Health Plan participants only) Employee Assistance Program Educational Assistance Program Voluntary benefits, such as Critical Illness, Hospital Indemnity, Pet Insurance and Accident Insurance Title insurance policies and certain escrow services for the employee's primary personal residence at no charge Transportation benefit plan for mass transit, parking and vanpool, in several markets Note: If you currently are employed by Old Republic Title (or one of its wholly owned affiliated companies) please get in touch with your human resources representative regarding the application process. For California applicants, please click the following link to view our CCPA Applicant Notice Old Republic Title is an Equal Opportunity Employer

Responsible for the performance of highly complex cyber security functions related to the design, installation, maintenance, auditing, investigation, and assessment of software applications, networks, and the County's enterprise level information systems. Responsible for proactively identifying and implementing security measures to prevent emerging vulnerabilities, utilizing a diverse array of tools and methodologies. Incumbent will use sound judgement to assess risk, conduct audits, collect and review data, collaborate with other technology divisions, and write reports to advise leadership. The ideal candidate is a highly analytical and detail-oriented professional with a strong foundation in network security, threat detection, and incident response. They possess a deep understanding of security protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM platforms, endpoint protection technologies, and vulnerability and exposure management processes. The candidate should have hands-on experience with compliance and security standards such as HIPAA, PCI-DSS, NIST, and threat modeling frameworks like the MITRE ATT&CK framework. A successful Cyber Security Engineer is not only technically skilled but also an effective communicator, capable of translating complex security concepts into actionable insights for both technical and non-technical stakeholders. Certifications such as CISSP, CEH, or OSCP are highly desirable, along with a proactive mindset and a commitment to continuous learning in the ever-evolving threat landscape. Starting Salary $75,129 - $97,676 [max: $137,696] Benefits Click HERE to view our Benefits at a glance Minimum Qualifications Bachelor's degree from an accredited college or university with a major in information security or another similar technology field; AND Three years of experience in information security system administration and risk assessment within an enterprise environment, encompassing third-party risk, risk analysis, risk mitigation, and residual risk management. Three years of experience leveraging industry-leading cybersecurity tools (SIEM, EDR, vulnerability scanning, and web application security) for comprehensive threat detection and mitigation; OR An equivalent combination of education (not less than a high school diploma/GED), training and experience that would reasonably be expected to provide the job-related competencies noted above. Core Competencies Customer Commitment - Proactively seeks to understand the needs of the customers and provide the highest standards of service. Dedication to Professionalism and Integrity - Demonstrates and promotes fair, honest, professional and ethical behaviors that establishes trust throughout the organization and with the public we serve. Organizational Excellence - Takes ownership for excellence through one's personal effectiveness and dedication to the continuous improvement of our operations. Success through Teamwork - Collaborates and builds partnerships through trust and the open exchange of diverse ideas and perspectives to achieve organizational goals. Duties and Responsibilities Note: The following duties are illustrative and not exhaustive. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. Depending on assigned area of responsibility, incumbents in the position may perform one or more of the activities described below: Conduct thorough assessments of software applications, networks, and systems to identify security vulnerabilities and weaknesses. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Collaborate with cross-functional teams to prioritize and mitigate vulnerabilities based on their potential impact and risk. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Assist in incident response activities, analyzing security incidents to determine the root cause and providing recommendations for prevention. Use frameworks such as MITRE ATT&CK to map adversary tactics and techniques and design hunting scenarios based on threat actor behavior. Collaborate with incident response teams to validate incidents, identify root causes, and assist with post-mortem analysis. Other related duties as assigned. Job Specifications Critical Thinking: Exceptional critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Decision Making: Demonstrates high personal integrity and the ability to handle confidential matters with sound judgment and professionalism. Communication: Proficient communication skills to effectively collaborate with both technical and non-technical stakeholders. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Strategic Planning: Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Managerial/ Operational Skills: Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Leadership: Capable of serving as a Cyber Security Subject Matter Expert (SME) for externally managed technology projects from various departments. Analytical Ability: Excellent critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Managing Complexity: Extensive knowledge of cybersecurity best practices, including familiarity with CIS Critical Controls, NIST Cybersecurity Framework (CSF), MITRE ATT&CK Framework. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Other: Hands-on experience in incident response and recovery, utilizing MITRE and security best-practice assessment methodologies. Physical Requirements Speaking, vision, hearing, sitting, and standing. Use of office machinery such as PCs, Smart Phones, Tablets, and multi-function devices. Work Category Sedentary Work - Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. Emergency Management Responsibilities In the event of an emergency or disaster, an employee may be required to respond promptly to duties and responsibilities as assigned by the employee's department, the County's Office of Emergency Management, or County Administration. Such assignments may be for before, during or after the emergency/disaster.

Seeking a Mid Cyber Security Engineer to provide operational and integration support for an international, multi-vendor infrastructure, including networks, systems, and cybersecurity solutions. This is an on-site role in Tampa, FL, with remote opportunities based on project needs. Responsibilities Correlate threat data from various sources to establish the identity and modus operandi of potential adversaries. Provide assessments and reports that enhance situational awareness and understanding of cyber threats. Develop cyber threat profiles based on geographic region, country, group, or individual actors. Produce cyber threat assessments from entity threat analysis. Support investigations with computer forensic analysis, evidence seizure, data recovery, and network assessments. Maintain proficiency in tools, techniques, countermeasures, and trends in vulnerabilities, data hiding, network security, and encryption. Provide engineering and implementation support for integration, modernization, and installations for partner nations and allies in Eastern Europe and South America. Design, test, and integrate cybersecurity devices into networks, deploying sensors, nodes, and agents for maximum effect. Support multi-vendor infrastructure, including network, systems, and cybersecurity platforms. Work with core cybersecurity technologies such as Gigamon (or similar) for packet forwarding/deduplication, and Trellix/FireEye/McAfee (or similar) for security stack applications and heuristic analysis. Implement and tune SIEM solutions and data sources (NIDS, Firewalls/Proxies, Domain Controllers, etc.) to ensure effective monitoring. Document network, system, and cybersecurity changes, including installation plans, checklists, and configuration baselines. Qualifications Required High school diploma with 69 years of relevant experience (or equivalent). Active Secret clearance. Valid U.S. passport with ability to travel internationally up to 40% (Eastern Europe and South America). Proficiency with network diagramming and productivity tools (Visio, Lucid, AutoCAD, etc.). Current DoD 8570 IAT Level II Certification (Security+CE, CCNA Security, CySA+, CASP, etc.). Entry-level experience in Cyber Network Defense (CND), Cybersecurity Operations, or current CCNA-level certification. Preferred Bachelors degree in a relevant field with 4+ years of experience (or equivalent combination of training and expertise). Military background in Signal, Communications, Cyber, or Information Technology (highly desired). Certifications such as CCNA Security, CCNA CyberOps, JNCIS-SEC, PCNSA, GIAC, or GCP. Additional certifications or experience in Microsoft Systems MCSA, VMware, Cloud Security, Linux, or related areas. Working Place: Tampa, Florida, United States Company : 2025 Sept 11 Virtual Career Fair - GovCIO

Job Description CoAdvantage is a leading human resource solutions provider for small to mid-sized companies. We are HR experts who partner with small businesses nationwide to administer payroll, benefits, workers' compensation and core HR management. Headquartered in Bradenton, Florida, CoAdvantage has offices throughout Florida, Georgia, Alabama, Texas, Oklahoma, Colorado, California, North Carolina, New Jersey and New York, and serves more than 100,000 worksite employees in all 50 states. We're looking for the best professionals in our markets who are interested in building a successful and rewarding career and be part of a focused, energetic team dedicated to delivering excellence to America's small business owners. Position Summary: The IT Security Analyst participates in the execution and monitoring of IT Security related activities that safeguard the company's information and technology assets. Primary responsibilities include participating in the development of new, and the operation of existing IT Security programs, procedure development and standards documentation. Ensures the appropriate information security access controls are in place and applied consistently. Review daily and periodic data to identify, report, and remedy vulnerabilities. Document, prioritize, and analyze security threats, incidents and key metrics. Knowledge of information security principles, including risk assessment and management, Cyber security defenses, threat and vulnerability management, incident response, application security, and identity and access management. Identifies, researches, and resolves technical problems that arise within enterprise security applications and tools. Manage vendor relationship for enterprise security applications and tools. Respond to SSAE18 requests and other questionnaires. Audit vendor and remote sites for physical and logical security. Participate in breach investigations and provide subject matter expertise for an effective investigation. Essential Job Functions: Identify, plan, develop and implement automation of routine tasks Remediate issues occurring with any IT security systems including but not limited to unexplained system outages, cyber security incidents, issues with data collection feeds or interfaces the day-to-day administration of information security tools and devices, alert response and analysis for security incident response actions. Perform forensic research and images as needed Update information security metrics Assist in documenting and updating information security standards and procedures Assess information systems and company processes are safe and secure for information handling Recommends, tests, schedules and implements upgrades and patches that may affect enterprise as well as the enterprise security applications and the servers they reside on Given the confidentiality needs of this role, the highest levels of personal integrity, professionalism, judgment, and maturity are expected Participates in special projects and performs other duties as assigned Required Skills and Experience: 4 year Degree in Technology or Business or equivalent combination of relevant experience, education and training 2-4 years in the IT security field preferred Strong background in maintaining operational computer security and application security, scripting languages (primarily PowerShell), and Active Directory Working knowledge of but not limited to: API, application security, IPS, network monitoring tools, antivirus, identity management and user provisioning, risk assessments, audits, security testing and auditing, security intrusion detection, security maintenance, and security policy Strong working knowledge of relevant laws, regulation, and standards relating to information security, including HIPAA, HITRUST, ISO 27001, NIST, PCI-DSS, etc Preferred Information Security certifications such as Security+, CISSP, GPEN, etc. or other industry -specific certifications such as Microsoft or Cisco Passion for customer service and problem solving Ability to prioritize and balance multiple tasks Continuous Improvement: Seeks efficiencies in daily work and projects; Brings new and creative suggestions to the table; Anticipates roadblocks, problems or obstacles in advance and creates or proposes solutions to overcome; Uses innovative strategies to continually improve the quality or output of work and/or generate executable business solutions; seeks to continually improve and develop skills Communication: Seeks clarity; Asks questions to gain full understanding and is willing to ask for help; keeps management aware of project progress and shifting priorities; Willing to give feedback to others; communicates both cross functionally and upwards within the organization; uses professionalism in communication Accountability and Ownership: Exercises self-discipline; Accepts accountability for achievement of goals and objectives; Removes blame; Shows a personal commitment to the team and the function/role; Can demonstrate “upward accountability”; Takes ownership of issues and sees them through to completion Results Driven Execution: Acts with a sense of urgency; Takes initiative on projects and in daily work; pushes to keep tasks on schedule and plans work; accordingly, addresses challenges appropriately to continue focusing on the end result Collaboration and Team Oriented: Assumes the good intentions of others; Inclusive; Puts the needs and interest of the team first; Recognizes peers; Maintains positivity and encouragement; Has a deep commitment to the team and the objectives of all members; Is willing to step outside of his/her scope for the betterment of the broader organization. EOE CoAdvantage is committed to providing equal employment opportunities to all employees and applicants without regard to race, color, religion, national origin, ancestry, citizenship status, age, sex (including pregnancy, childbirth, breast feeding and pregnancy-related medical conditions), gender, gender identity or expression, sexual orientation, marital status, uniform service member and veteran status, disability, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. #LI-HYBRID Powered by ExactHire:187834

Applied Research Solutions has an exciting new opportunity for a Program Security Analyst in support of Special Operations Forces Acquisition, Technology and Logistics' (SOF AT&L) Program Executive Office for SOF Warrior (PEO-SW). PEO-SW accepts and manages risk, takes personal initiative, and ensures results for the Nation's warriors. PEO-SW proves its worth in the fight in every action, every strike, and every operation. SOF Warrior executes with a sense of urgency and purpose in support of SOF operations every day. **Why Work with us?** Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. **Responsibilities Include:** + Support the Government Program Security Manager (PSM), Program Security Officer (PSO), and Special Access Program (SAP) Security Officer (GSSO) + Responsible for supporting security administration, management, and operations of DoD Special Access Programs and SAP facilities (SAPFs) managed by USSOCOM SOF AT&L Acquisition Security Directorate + Create and maintain secure environments for the execution of SAP acquisition programs. + Coordinate security matters for and with the Program Security Officer and the Government Program Manager when needed + Coordinate with internal and external stakeholders, including Other Government Agencies, to ensure protection of critical program information, execution of classified acquisition programs in accordance with approved Security Classification guides and Program Protection Plans + Facilitates compliance with OSD SAP Central Office and ASD(SO/LIC) SAPCO program policies and procedures based on changes to regulations and ongoing SAP transition activities. + Ability to establish performance goals and assess progress toward their achievement + Adjust work operations and program objectives to meet emergencies, changing programs, or production requirements within available resources + Other duties as assigned. **Qualifications/Technical Experience Requirements:** **Citizenship:** Must be a US citizen **Clearance:** Must possess and maintain a TS w/SCI clearance **Must have SAP Experience** **Certifications:** + Center for Development and Security Excellence (CDSE) Security Fundamentals Professional Certification (SFPC) + CDSE Special Program Security Credential (SPSC) **Education:** Bachelor's degree in acquisition/business, or related field **Years of Experience:** Minimum 10 years working in federal government classified acquisition projects to include: + Facilitates compliance with OSD SAP Central Office and ASD(SO/LIC) SAPCO program policies and procedures based on changes to regulations and ongoing SAP transition activities + Creation and maintenance of secure environments for the execution of SAP acquisition programs. + supporting security administration, management, and operations of DoD Special Access Programs and SAP facilities (SAPFs) All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Job Summary Raytheon has an immediate opening for a Sr. Industrial Security Specialist/Alt COMSEC Custodian position located onsite in St. Petersburg, Florida. This is a multi-faceted Industrial Security position working within a fast-paced, deadline driven environment. The candidate will help develop, administer and maintain a comprehensive security program in accordance with the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM) and the COMSEC Policy Manual 3-16. What You Will Do Perform various employee in-processing/out-processing security briefings/debriefings. Process classified visits, incoming and outgoing. Update security personnel access lists and databases accordingly. Maintain classified document control/accountability of classified media shipped and received. Receipt, custody, issue, safeguarding and accounting of COMSEC keying material and Controlled Cryptographic Items (CCI) IAW COMSEC Policy Manual 3-16. Data entry and maintenance of the Distributed INFOSEC Accounting System (DIAS). Submission of all required accounting reports, semi-annual and yearly audits and inspections Assist with implementing Security Education and Media Control Plan Assist with the implementation of local Standard Operating Procedures (SOP) and Operations Security (OPSEC) Plans, and Concept of Operations (CONOPs), etc. Participate in a team environment to develop, update, and implement security policies and procedures in coordination with the company policies and government regulations. Perform additional Industrial Security duties as needed. Must able to obtain a Top Secret government security clearance within six months of employment. Qualifications You Must Have Typically requires a Bachelor's Degree or equivalent experience and minimum of two (2) years prior relevant security experience, or An Advanced Degree in a related field. Experience with 32 CFR 117, DoD 5220.22-M (NISPOM) and COMSEC Policy 3-16 Experience in Industrial Security and COMSEC, working in a manufacturing environment Qualification We Prefer Knowledge of DISS and NISS Knowledge of Distributed INFOSEC Accounting System (DIAS) software Ability to communicate well with others both verbally and in writing Completion of the FSO Program Management for Possessing Facilities IS030.CU curriculum located on the Defense Counterintelligence and Security Agency's (DCSA) Security Training, Education and Professionalization Portal (STEPP). ISP Certification What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Safety, Trust, Respect, Accountability, Collaboration, and Innovation. This position is not eligible for relocation. Learn More & Apply Now! Please consider the following role type definition as you apply for this role. Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 66,000 USD - 130,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Title: Network & Systems Security Analyst, Cisco Focus, Progression Company: Tampa Electric Company State and City: Florida - Tampa Shift: 8 Hr. X 5 Days Hiring Manager: David Cain Recruiter: Mark E Koener TITLE: Network & Systems Security Analyst Progression PERFORMANCE COACH: Mgr Network Engineering & Cyber Security Operations COMPANY: Tampa Electric DEPARTMENT: High Performance Computing & BP Support FOCUS Areas - Cisco Networking - Cisco Wireless - Cisco ISE - Networking Engineering Related Skills POSITION CONCEPT The Network & Systems Security Analyst is responsible for planning/designing, implementing, and supporting new and existing network, server, storage infrastructure. This role is also responsible for ensuring all network security controls (i.e., firewalls, web application firewalls [WAF], proxies, network segmentation, NAC, ACLs, etc.) are implemented and managed per corporate information security standards. Additionally, responsibilities include assessing enterprise assets and critical assets for secure configurations and maintaining and enforcing regulations and standards such as NERC Critical Infrastructure Protection (CIP), Sarbanes-Oxley (SOX), and Payment Card Industry (PCI). Responsible for the design, planning, operation, maintenance, and support of the TECO and NMGC network infrastructure. This includes primary accountability for network technologies such as route/switch, on-premise LAN/WAN, IPAM, Wi-Fi, ISP management, site-to-site VPNs, proxies (forward and reverse), perimeter firewall management, DNS, Azure cloud environments, automation, NAC/user access, hyperconverged infrastructure, and overall network security. Partners with the Telecommunication teams on establishing/upgrading existing circuits/communication links. Responsible for the NERC Cyber Infrastructure Protection and disaster recovery plans. Responsible for VoIP, SIP, DHCP, DNS, TCP/IP routing and routing protocols such as OSPF and BGP, binary mathematics, NAT, PAT, IPsec and SSL VPN technologies, GRE tunneling, route redistribution, traffic shaping, port-level filtering, SD-WAN, MPLS and other communications related technologies. Responsible for the installation, configuration, and maintenance of all WAN and LAN connectivity which includes core and campus switches, routers, firewalls, wireless access points, WAN scalers and load balancer technologies. Responsible for the design, installation, configuration, and maintenance of DNP over IP and serial SCADA communications between the primary and backup control centers, power plants, solar sites, and substations. Responsible for the configuration and maintenance of Smart GRID communication hardware switches and routers between the primary and backup control centers. NETWORK & SYSTEMS SECURITY ANALYST I (LEVEL 1) Monitors and troubleshoots server, network, and security controls related problems and failures; and installs and configures hardware/software. Works under direct supervision. PRIMARY DUTIES AND RESPONSIBILITIES 1. Plan, design, and implement network, server, and storage infrastructure based on project requirements, capacity plans, and system support. (20%) 2. Problem solving involves basic troubleshooting following the OSI (Open Systems Interconnection) model, making or calling for equipment repairs, and problem escalation. (20%) 3. Detection and correction of work stoppages and/or errors are accomplished by monitoring systems and changing configurations, as necessary. (20%) 4. Install and support network, server, and storage hardware and software. (10%) 5. Direct participation in the planning and designing, maintenance, testing and documentation of the company's disaster recovery plans are vital. (10%) 6. Provide and apply appropriate security consulting and support for IT infrastructure across multiple platforms (Firewalls, proxies, WAFs, ACLs, NAC, Operating Systems, NetScaler load balancers, DDoS protection, and other network devices). (10%) 7. Provide third-level technical support for security systems and authentication mechanisms on all operating system platforms. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least one related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNA, MCSA, VCP, Security+, CISSP EXPERIENCE Required: Minimum four (4) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, or Cisco Networking. In lieu of some experience listed above, may consider three (3) years of related experience with an Associate's Degree or two (2) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Working knowledge of network, server, and security controls infrastructure regardless of the complexity • Working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI WORKING CONDITIONS Normal working conditions with occasional extended hours during the week and weekends. PHYSICAL DEMANDS/REQUIREMENTS Normal physical demands related to an office and operational (Power Plant, Solar, Control Center) workplace environment. Must be able to lift 50-pound boxes and ascend/descend a ladder to service network access points. NETWORK & SYSTEMS SECURITY ANALYST II (LEVEL 2) In addition to the duties & responsibilities of the Level 1 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead and mentor Level 1 Analyst. Works under general supervision. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (30%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (40%) 3. Design and planning required for small projects. (20%) 4. Project leadership, consulting, or cross-train peers. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Intermediate knowledge of network, server, and security controls infrastructure regardless of the complexity • Good working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Good working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ANALYST III (LEVEL 3) In addition to the duties & responsibilities of the Level 2 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead, cross-train peers, and mentor Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (20%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (20%) 3. Design and planning required for small projects. (40%) 4. Project leadership, consulting, or cross-train peers. (20%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum eight (8) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider six (6) years of related experience with an Associate's Degree or four (4) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ARCHITECT (LEVEL 4) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (40%) 4. Project leadership, consulting, or cross-train peers. (40%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, consulting, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI LEAD NETWORK & SYSTEMS SECURITY ANALYST (PERFORMANCE COACH) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in leading and managing Level 1 through 3 Analyst. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analyst. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (25%) 4. Project leadership, consulting, or cross-train peers. (25%) 5. Lead and manage the network analyst (Level 1, 2, and 3) team (30%) QUALIFICATIONS LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Leadership/management certifications/certificates may be considered in lieu of professional certifications. Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, coaching, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI #LI-SC1 TECO offers a competitive Benefits package!! Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Overview Location: MacDill AFB - Tampa, FL Clearance Required: Active TS clearance (eligibility for SCI and ability to obtain a CI poly is required upon application for initial consideration) **We are not able to upgrade or sponsor clearances** Certification Required: CISA, CRISC, CISM, CGEIT, CISSP or CAP At Bcore, our strength comes from how we deliver impact to the mission. Whether it's architecting critical IT solutions, producing actionable intelligence, or developing cutting edge technology, we succeed because of the expertise, collaboration, and agility of our teams. Our Mission Services division combines enterprise IT, cloud solutions, DevSecOps, systems engineering, software development, and operational support. Bcore accelerates decisive advantage for warfighters and intelligence professionals by fusing human insight, rapid-fire engineering, precision-measured outcomes, and relentless grit into mission-ready solutions. Do you want to join a team that is building tailored technical solutions to modernize our government's mission and our client's business? Do you have a desire to change how people work? Are you interested in helping to protect our nation's cyber interests? Join our growing team supporting the NGA customer missions as an Information System Security Officer (ISSO). Responsibilities What you get to do every day: Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system Assist the component with staying on track with Core Controls and A-123 control assessment schedules Work with components to ensure each Risk Based Decisions (RBD's) has a current Waivers. Coordinate with CSS Customer Liaison support, including status of the process and POA&Ms. Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed. Develop or update the Business Continuity and Contingency Plan for the component. Assist the components with decisions that affect security of their systems and networks. Facilitate preparations for the tri-annual Security Assessment and Authorization (SA&A) component's Information System. Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation. Review information system infrastructure and application architecture to assess security requirements Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.) Assess NIST 800-53, Rev 4. Control and document results Evaluate and strengthen standard SA&A Documentation Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities; Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks; Design and development of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems; Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems. Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices. Design and development of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems Developing and conducting System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems Conduct OMB A-123 security assessments of Federal Government IT Systems. Qualifications Clearance Required: Active TS clearance (eligibility for SCI and ability to obtain a CI poly is required upon application for initial consideration) **We are not able to upgrade or sponsor clearances** Certification Required: Current certification in one or more of the following IT Security disciplines: ISACA - Certified Information Systems Auditor (CISA) ISACA - Certified in Risk and Information Systems Control (CRISC) ISACA - Certified Information Security Manager (CISM) ISACA - Certified in Governance of Enterprise IT(CGEIT) (ISC)2 - Certified Information Systems Security Professional (CISSP) (ISC)2 - Certified Authorization Professional (CAP) Education/Experience: Requires Bachelor's degree 8+ years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems. 8+ years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards. 8+ years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system What is ideal? Intelligence Community Experience preferred What you can expect from us Recognizing great achievements do not go unnoticed by bcore through service anniversaries, spot awards, and employee referral bonuses You'll join a growing organization of passionate, top-shelf, IT engineering professionals with extensive experience in actively developing the technology revolution in the Intelligence community Highlights of our benefits include Health/Dental/Vision, 401(k) match and potential Profit Sharing, Universal Leave, STD/LTD/Life Insurance/Voluntary Life Insurance, Stipends, Referral Bonuses, and more! Compensation is unique to each candidate and compensation packages are based on education, experience, and other requirements. BCore is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

Introduction This is highly responsible work in system and security administration across a variety of computer platforms and departments. Nature Of Work The Senior Security Systems Analyst plays a crucial role in safeguarding the integrity, confidentiality, and availability of sensitive information within the City of Tampa's digital infrastructure. As a key member of the Technology & Innovation Security Office, the incumbent will be responsible for designing, implementing, and maintaining robust security systems to protect against cyber threats, ensuring compliance with regulatory standards, and responding to security incidents. The Senior Security Systems Analyst will collaborate with various departments to assess security needs, recommend solutions, and contribute to the overall enhancement of the City of Tampa's cybersecurity posture. Examples of Duties Develops, implements, and maintains security architectures for critical systems and networks. Designs and oversees the implementation of security measures to protect digital assets and sensitive information. Monitors and analyzes security alerts, incidents, and vulnerabilities. Conducts regular security assessments and penetration tests to identify and address potential weaknesses. Responds promptly to security incidents and provides detailed post-event analyses. Contributes to the development and enforcement of security policies, standards, and procedures. Ensures compliance with relevant regulatory requirements and industry best practices. Collaborates with other IT staff and departments to integrate security measures into the overall IT architecture. Provides training and awareness programs to educate staff on security best practices. Assess and prioritizes security risks, recommending appropriate mitigation strategies. Conducts regular risk assessments and audits to identify and address potential vulnerabilities. Leads the response to security incidents, including coordinating with internal and external stakeholders. Conducts thorough investigations into security breaches, documenting findings and recommending corrective actions. Evaluates and manages third-party security vendors and tools. Collaborates with vendors to implement and maintain security solutions. Knowledge, Skills & Abilities Extensive knowledge of: cybersecurity principles, practices, and technologies; conducting internal security audits and assessments; conducting comprehensive risk assessments and presenting findings to stakeholders; coordinating with vendors and external partners to implement security solutions; implementing and managing security technologies, including firewalls, antivirus software, intrusion detection systems, and endpoint protection solutions. Knowledge of: developing, implementing, and enforcing security policies, standards, and procedures; identifying and implementing improvements to enhance the overall security posture of the organization; security frameworks such as NIST, ISO 27001, and CIS Critical Security Controls; leading incident response efforts, including the ability to analyze and contain security incidents effectively. Ability to: assess and prioritize security risks, understanding their potential impact on the organization; communicate technical details to non-technical stakeholders during incident response efforts; understand regulatory requirements applicable to government entities and the ability to ensure compliance; provide security training and awareness programs for staff; prioritize and manage multiple tasks efficiently, meeting deadlines and delivering high-quality results; troubleshoot and resolve security incidents promptly; pursue relevant certifications and professional development opportunities; staying current with emerging cybersecurity threats, trends, and technologies. Skills in: critical thinking and a proactive approach to identifying and addressing security vulnerabilities; developing and implementing risk mitigation strategies and controls; conducting thorough security investigations, documenting findings, and recommending corrective actions; managing security projects from inception to completion; strong interpersonal skills for effective collaboration with cross-functional teams and various departments; strong analytical skills to assess complex security issues and provide effective solutions; excellent written and verbal communication skills to articulate complex security concepts to both technical and non-technical audiences. Physical Requirements Mostly sedentary, indoors, requires extended use of computer, typing and viewing monitor. Minimum Qualifications Bachelor's degree in Information Technology, Computer Science, or a related field. Proven experience (minimum of 5 years) in a senior-level security role, preferably within a government or public sector environment. Licenses or Certifications Possession of a valid drivers license may be required. Relevant certifications (e.g., CISSP, CISM, or equivalent) is preferred. Examination Evaluation of education and experience. Drug testing is included in all pre-employment processing. Comments Employees may be required to work rotating shifts, including nights, weekends, holidays, and overtime as needed. During periods when the Mayor issues an emergency declaration for the City of Tampa, all employees may be required to work in preparation, response or recovery activities related to the stated emergency. Conclusion HELPFUL HINTS FOR COMPLETING YOUR APPLICATION: Please register before you begin the application process. This will enable you to view and re-use information from previously submitted applications to complete and submit any future applications. Please make certain your application is complete and the information you provide clearly demonstrates that you possess the minimum job qualifications as stated in the job announcement. Resumes can be submitted in support of an application, but not in lieu of an application. Resumes and copies of certifications or other required documents may be attached to your online application.

The Cyber Security Systems Engineer provides cyber defense analysis and engineering support for MARCENT systems, ensuring resilience and compliance against advanced threats. This role engineers security solutions for MARCENT communications systems, conducts vulnerability assessments and security audits, implements DoD cybersecurity standards, and provides documentation and training on cyber defense posture. With 7-10 years of experience, the engineer applies expertise in network security analysis, packet inspection, threat hunting, vulnerability assessment, SIEM operations, and forensic analysis. By integrating technical expertise with operational awareness, the Cyber Security Systems Engineer ensures MARCENT systems remain secure, compliant, and ready to counter evolving cyber threats. *THIS EMPLOYMENT IS CONTINGENT UPON CONTRACT AWARD* Responsibilities/Duties: * Engineer security solutions for MARCENT communications and information systems. * Conduct vulnerability assessments, penetration testing, and security audits to identify risks. * Implement DoD cybersecurity standards and RMF requirements. * Provide documentation, training, and guidance on MARCENT's cyber defense posture. * Perform network security analysis, including packet inspection and traffic monitoring. * Conduct threat hunting and vulnerability assessments to proactively identify risks. * Operate SIEM platforms, triage alerts, and conduct malware behavior and forensic analysis. * Apply frameworks such as the cyber kill chain and ATT&CK models to enhance defense strategies. Supplemental Duties: * Assist in developing SOPs for cyber defense operations and incident response. * Support compliance audits and RMF documentation requirements. * Contribute to after-action reviews and lessons learned from cybersecurity incidents. Administrative Duties: * Maintain compliance with MARCENT administrative procedures and reporting requirements. * Ensure cybersecurity documentation is archived according to records management standards. Supervisory Responsibilities: None. Education/Experience/Qualification: * Bachelor's Degree in Cybersecurity, Computer Science, or related discipline required. * 7-10 years of experience in cybersecurity engineering for DoD or military systems. * DoD IAT II or above certification required (e.g., Security+, CISSP). * Experience in network security analysis, packet inspection, and threat hunting. * Proficiency in SIEM operations, alert triage, and forensic/malware behavior analysis. * Experience with RMF documentation and compliance auditing. * Familiarity with frameworks such as kill chain and ATT&CK models. * Strong communication and briefing skills for both technical and non-technical audiences. * TS/SCI clearance required. Additional Skills: * Ability to engineer innovative cybersecurity solutions tailored to operational needs. * Strong analytical skills to assess risks and develop mitigation strategies. * Proficiency with Microsoft Office Suite and cybersecurity tools. * Attention to detail in documentation, compliance, and reporting requirements. Location: Primary workplace is MARCENT Headquarters, MacDill Air Force Base, Tampa, Florida. Work Environment: Office environment within a joint military/civilian/contractor staff. Includes coordination with cybersecurity teams, IT personnel, and external DoD partners. Physical Demands: Primarily sedentary office work with extensive computer use. May involve occasional travel to support cybersecurity inspections, training, or incident response activities. Work Schedule: Full-time, 40 hours per week. Monday-Friday, 0800-1600. May require flexibility during cybersecurity incidents or system upgrades. License and Other Requirements: Valid U.S. Driver's License. Eligibility for issuance of a Common Access Card (CAC). Salary and Benefits: As stated during the hiring process. Security Clearance: TS/SCI clearance required. Travel: May include CONUS and OCONUS travel to support cybersecurity operations, training, and system sustainment.

At LaForce, we specialize in delivering access control, video surveillance, and intercom solutions that keep people and businesses secure. We're looking for a dedicated and skilled Security Integration Field Laborer in our Tampa, FL location to join our team. This role assists with installing and maintaining access control systems, video surveillance, and other electro-mechanical security products for commercial businesses. What You'll Do: As a Field Laborer, you will help with ensuring secure and functional installations for our customers. Every day will bring new challenges, from problem solving complex technical issues to learning new technologies in the security industry. Your day-to-day will include: * Helping with installing and programming access control systems, CCTV, intercoms, security systems, and electrical hardware with precision and efficiency. * Troubleshooting and adjusting new or existing systems to meet customer needs. * Safely handling disassembly and removal of electrical products and door hardware. * Training customers on new and existing systems and software. * Producing quality results on time and within budget, representing the company professionally, and fostering strong customer relationships. * Helping with accurate wiring diagrams upon project completion for future reference. * Maintaining clear, professional communication with customers, sales staff, and supervisors. * Operating a company vehicle safely and respectfully in accordance with company policy. What You'll Bring: We welcome applicants with technical certificates, equivalent professional experience, or relevant military experience in electrical or mechanical fields. The ideal candidate has knowledge of low-voltage electrical wiring, the ability to read wiring diagrams and blueprints, strong problem-solving skills, and a valid driver's license with a clean record. Physical Requirements This role demands physical stamina and precision, including: * Frequently standing, walking, climbing ladders, and lifting up to 40 pounds. * Occasionally carrying loads up to 75 pounds * Performing tasks requiring elevated activity. Why Join LaForce? At LaForce, you're part of a team dedicated to growth, innovation, and excellence. From competitive pay to a supportive culture that values your ideas, we're here to help you thrive. You'll receive a cell phone stipend, company-provided tools, and comprehensive hands-on training. How to Apply Screening includes a drug test, background check, and driver's license verification. If you're passionate about security systems and looking to make a difference in the field, apply today! We look forward to meeting you!

Responsible for the performance of highly complex cyber security functions related to the design, installation, maintenance, auditing, investigation, and assessment of software applications, networks, and the County's enterprise level information systems. Responsible for proactively identifying and implementing security measures to prevent emerging vulnerabilities, utilizing a diverse array of tools and methodologies. Incumbent will use sound judgement to assess risk, conduct audits, collect and review data, collaborate with other technology divisions, and write reports to advise leadership. The ideal candidate is a highly analytical and detail-oriented professional with a strong foundation in network security, threat detection, and incident response. They possess a deep understanding of security protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM platforms, endpoint protection technologies, and vulnerability and exposure management processes. The candidate should have hands-on experience with compliance and security standards such as HIPAA, PCI-DSS, NIST, and threat modeling frameworks like the MITRE ATT&CK framework. A successful Cyber Security Engineer is not only technically skilled but also an effective communicator, capable of translating complex security concepts into actionable insights for both technical and non-technical stakeholders. Certifications such as CISSP, CEH, or OSCP are highly desirable, along with a proactive mindset and a commitment to continuous learning in the ever-evolving threat landscape. Starting Salary $75,129 - $97,676 [max: $137,696] Benefits Click HERE to view our Benefits at a glance Minimum Qualifications Bachelor's degree from an accredited college or university with a major in information security or another similar technology field; AND Three years of experience in information security system administration and risk assessment within an enterprise environment, encompassing third-party risk, risk analysis, risk mitigation, and residual risk management. Three years of experience leveraging industry-leading cybersecurity tools (SIEM, EDR, vulnerability scanning, and web application security) for comprehensive threat detection and mitigation; OR An equivalent combination of education (not less than a high school diploma/GED), training and experience that would reasonably be expected to provide the job-related competencies noted above. Core Competencies Customer Commitment - Proactively seeks to understand the needs of the customers and provide the highest standards of service. Dedication to Professionalism and Integrity - Demonstrates and promotes fair, honest, professional and ethical behaviors that establishes trust throughout the organization and with the public we serve. Organizational Excellence - Takes ownership for excellence through one's personal effectiveness and dedication to the continuous improvement of our operations. Success through Teamwork - Collaborates and builds partnerships through trust and the open exchange of diverse ideas and perspectives to achieve organizational goals. Duties and Responsibilities Note: The following duties are illustrative and not exhaustive. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. Depending on assigned area of responsibility, incumbents in the position may perform one or more of the activities described below: Conduct thorough assessments of software applications, networks, and systems to identify security vulnerabilities and weaknesses. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Collaborate with cross-functional teams to prioritize and mitigate vulnerabilities based on their potential impact and risk. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Assist in incident response activities, analyzing security incidents to determine the root cause and providing recommendations for prevention. Use frameworks such as MITRE ATT&CK to map adversary tactics and techniques and design hunting scenarios based on threat actor behavior. Collaborate with incident response teams to validate incidents, identify root causes, and assist with post-mortem analysis. Other related duties as assigned. Job Specifications Critical Thinking: Exceptional critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Decision Making: Demonstrates high personal integrity and the ability to handle confidential matters with sound judgment and professionalism. Communication: Proficient communication skills to effectively collaborate with both technical and non-technical stakeholders. Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation. Strategic Planning: Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively. Managerial/ Operational Skills: Work closely with developers and system administrators to verify implementation of security patches, fixes, and improvements. Participate in designing and implementing security measures to prevent future vulnerabilities. Leadership: Capable of serving as a Cyber Security Subject Matter Expert (SME) for externally managed technology projects from various departments. Analytical Ability: Excellent critical thinking and situational awareness skills to identify systemic security issues through vulnerability and configuration data analysis. Managing Complexity: Extensive knowledge of cybersecurity best practices, including familiarity with CIS Critical Controls, NIST Cybersecurity Framework (CSF), MITRE ATT&CK Framework. Utilize various tools and methodologies to perform vulnerability scanning, penetration testing, and code review. Other: Hands-on experience in incident response and recovery, utilizing MITRE and security best-practice assessment methodologies. Physical Requirements Speaking, vision, hearing, sitting, and standing. Use of office machinery such as PCs, Smart Phones, Tablets, and multi-function devices. Work Category Sedentary Work - Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. Emergency Management Responsibilities In the event of an emergency or disaster, an employee may be required to respond promptly to duties and responsibilities as assigned by the employee's department, the County's Office of Emergency Management, or County Administration. Such assignments may be for before, during or after the emergency/disaster.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ