Security Engineer jobs at EAB - 1468 jobs

A leading consulting firm in Washington is seeking an experienced IDS and IPS Cyber Security Engineer to join their cybersecurity team. The role requires expertise in Linux and YAML configuration management for network intrusion systems. Responsibilities include designing and maintaining IDS/IPS across multiple networks, optimizing YAML configurations, and troubleshooting system issues in a Red Hat environment. The compensation range is competitive, offering a long-term career with strong professional development opportunities. #J-18808-Ljbffr

Novacoast Staffing is currently assisting a financial government institution in its search for an experienced Firewall Security Engineer that is experienced in Palo Alto Firewalls for a contract role that is expected to go a minimum of 2 years with option to extend. This is a hybrid role with a few days onsite in Alexandria VA and a pay range of 60-68/ hour. To qualify for this role, you must be able to pass an extensive federal background check. Qualifications To qualify for this position, you must have at least 5 years of experience with Palo Alto Next Generation firewalls, Zero Trust, and strong knowledge of advanced firewall features such as Wildfire, App-ID, User-ID, Global Protect, Security, and NAT policies, within Cloud environments. Responsibilities In this role, you will be responsible for the design, administrations, and management of Palo Alto Firewalls using Centralized Panorama Management. You will also be responsible for configuration and troubleshooting IPSEC site-to-site VPNs and SSL decryption on Palo Alto Firewalls. Requirements 5+ years experience with Palo Alto next-generation Firewalls and working in cloud and Zero Trust environments Strong knowledge of advanced firewall features such as Wildfire, App-ID, User-ID, Global Protect, Security and NAT policies Expert level knowledge in the design, administration of Palo Alto Firewalls using Centralized Panorama Management Expert level knowledge in configuration and troubleshooting IPSEC Site-to-Site VPNs US Citizenship is required due to the position being with a Federal Client If this role is aligned with your next career move, submit your resume today for immediate consideration! Job Type: Contract Pay: $60.00 - $68.00 per hour #J-18808-Ljbffr

We are seeking a Security Engineer who specializes in designing and implementing new systems and tools to enhance the security of Meta's products and infrastructure. This role is ideal for individuals with deep security domain expertise who are passionate about building solutions and using AI to address evolving security requirements and use cases. Cloud Security Engineer Responsibilities Design, prototype, and implement AI-driven security systems and tools to protect Meta's products and internal infrastructure Develop and maintain security-focused code, libraries, and frameworks for use by Security Engineers, Analysts, and engineering teams Collaborate with cross-functional partners to deliver scalable, security solutions aligned with company objectives Rapidly experiment with and iterate on specialized security technologies, leveraging AI to address emerging threats and requirements Apply deep security expertise to solve complex challenges, mitigate risks, and mentor other engineers in advanced security domains Minimum Qualifications B.S. or M.S. in Computer Science or related field, or equivalent experience 5+ years of experience in designing and implementing security systems, tools, or frameworks Extensive knowledge of attacker tactics, techniques, and procedures Proficiency in coding with experience in languages such as Python, C/C++, Go, or equivalent Experience collaborating with technical and non-technical stakeholders Ability to rapidly prototype and iterate on security solutions Preferred Qualifications Experience on securing cloud deployments, IAC (Infrastructure as Code) deployments for cloud (terraform) Experience addressing security problems by building scalable engineering solutions Experience influencing software engineers building security products Experience creating metrics to measure service and program effectiveness and consistency Experience making contributions to the security or privacy community (public research, OSS, blogging, presentations, etc.) Public Compensation $147,000/year to $208,000/year + bonus + equity + benefits Industry Internet Equal Opportunity Meta is proud to be an Equal Employment Opportunity and Affia... (full statement) Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com. #J-18808-Ljbffr

DirectViz Solutions, (DVS) is a rapidly growing government contractor that provides strategic services that meet mission IT needs for government customers. DVS offers competitive compensation, comprehensive medical plans, 401k match, PTO accrual, professional development reimbursement, corporate-funded technology certifications, and employee recognition programs. At DVS, we recognize that our employees are our number one resource. If you are a problem-solving people-person, apply today! Location Washington, DC Position Lead Cyber Threat Analyst Location: Washington, DC Position Summary The Lead Cyber Threat Analyst serves as the technical and operational lead for enterprise cybersecurity operations, overseeing approximately 63 systems and ensuring compliance with all federal security standards. This role drives the organization\'s threat detection, analysis, and response strategy, leads the Computer Security Incident Response Center (CSIRC), and manages enterprise security monitoring tools within the Enterprise Security Operations Center (ESOC). The position requires deep expertise in cybersecurity frameworks, threat intelligence, and vulnerability management, combined with strong leadership, analytical, and communication skills to guide analysts, coordinate incident response, and safeguard sensitive financial and operational systems. Key Responsibilities Lead enterprise-wide cybersecurity operations across ~63 systems, ensuring continuous protection and compliance with federal security standards. Oversee daily security monitoring, analysis, and response activities within the ESOC. Direct 24/7 CSIRC operations, including incident triage, containment, and recovery. Develop and maintain comprehensive security documentation, including System Security Plans (SSPs), Privacy Impact Assessments (PIAs), and RMF artifacts. Conduct annual Security Control Assessments (SCAs) and evaluate new systems and applications. Identify, track, and remediate vulnerabilities and risks across enterprise environments. Develop and maintain a real-time Cyber Threat Dashboard for senior leadership reporting and situational awareness. Lead the Vulnerability Management Program, including prioritization, patching, and remediation oversight. Monitor and analyze network traffic for potential intrusions, unauthorized activity, and anomalous behavior. Manage security tools, threat intelligence feeds, and automation solutions supporting the ESOC mission. Provide training, mentoring, and technical guidance to cybersecurity analysts and SOC staff. Oversee incident handling involving Personally Identifiable Information (PII) and ensure proper documentation and escalation. Collaborate with cross-functional and government stakeholders to align operations with NIST, FISMA, and organizational security policies. Support the protection and compliance of financial systems under the OCFO through proactive risk management. Maintain system and application security posture, ensuring ongoing compliance and operational integrity. Qualifications Bachelor\'s degree in Computer Science, Information Technology, Engineering, or a related field. Minimum of 10 years of progressive IT or technology experience, including at least 5 years within the past decade supporting large-scale federal technical contracts. At least 7 years of cybersecurity experience, with 5 years focused on threat analysis in SOC or CSIRC environments supporting government systems. Required Certification: Certified Information Systems Security Professional (CISSP). Preferred Certifications: GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), CompTIA Cybersecurity Analyst (CySA+). Required: Information Technology Infrastructure Library (ITIL) 4 Foundation certification. Strong understanding of cybersecurity frameworks and principles (NIST 800-53, FISMA, RMF, ISO 27001). Proven experience with enterprise risk management, incident response, and vulnerability remediation. Excellent analytical and problem-solving skills, with strong attention to detail. Effective communication and interpersonal skills to collaborate across technical, executive, and federal teams. Ability to lead multiple projects simultaneously and deliver results under tight deadlines. Physical and Mental Qualifications Be able to maintain awareness during scheduled working hours. Prolonged periods sitting or standing at desk and working on a computer (mouse and keyboard). Able to lift up to 15 pounds. Excellent verbal and written communication; good command of the English language. Execute tasks independently and work as a team. Learns and memories routine tasks. Strong organizational, grammar, business correspondence, and self-management skills. Candidates must be able to perform the essential functions of the position satisfactorily. If requested, reasonable accommodation will be provided for employees with disabilities. DVS retains the right to change or assign other duties to this position. Equal Opportunity DirectViz Solutions, LLC (DVS) is an equal opportunity employer and prohibits discrimination and harassment against any employee or applicant for employment because of race, color, sex (including pregnancy), age, gender identity, creed, religion, national origin, sexual orientation, marital status, genetic information, disability, political affiliation, protected veteran status, or any other status protected by federal, state or local law. DVS has a zero-tolerance policy for harassment, threats, coercion, discrimination, and intimidation. Employees may file a complaint or exercise any right protected by Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, as amended, Section 4212 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, or the Veterans Employment Opportunities Act of 1998. #J-18808-Ljbffr

Your growth matters to us - explore our career development opportunities. BE EMPOWERED TO SUCCEED Connect with others in our people‑first culture and enhance our collective ingenuity. SUPPORT YOUR WELLBEING Learn how we'll support you as you pursue a balanced, fulfilling life. YOUR CANDIDATE JOURNEY Discover what to expect during your journey as a candidate with us. IDS and IPS Cyber Security Engineer We are seeking an experienced Network Intrusion Detection Engineer to join our cybersecurity team. The ideal candidate must possess strong Linux engineering expertise with experience managing YAML configuration files, and how these configurations integrate and influence the Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS). You will leverage hands‑on engineering and O & M experience with Suricata or other network‑based IDS capabilities such as Snort, VectraAI, or Corelight. You will play a critical role in deploying, tuning, and maintaining the IDS within a complex enterprise IT environment, primarily running on Red Hat Enterprise Linux. Work with us as we secure and protect our nation's most sensitive capabilities. The Opportunity What You'll Work On: Designing, deploying, and maintaining IDS / IPS systems across a large enterprise with multiple networks. Developing, reviewing, and optimizing YAML configuration files to ensure optimal detection capabilities and minimal false positives. Understanding and managing the interaction between YAML configuration and its runtime engine, including rule loading, protocol decoding, and logging. Tuning IDS / IPS for optimal performance with NICs, including configuring Direct Memory Access (DMA), RSS queues, interrupt coalescing, and leveraging any NIC‑specific acceleration features. Collaborating with security teams to integrate IDS / IPS with SIEM and other security monitoring platforms. Troubleshooting installation and operational issues specific to IDS / IPS on Red Hat Enterprise Linux, addressing compatibility, kernel module requirements, SE‑Linux policies, and performance tuning. Identifying and mitigating common pitfalls encountered when deploying IDS / IPS in large‑scale enterprise environments, including package dependencies, system resource constraints, and NIC driver or configuration issues. Providing detailed documentation and runbooks for Suricata configuration, tuning NICs, and deployment processes. Staying current with platform IDS / IPS software releases, NIC driver updates, and community best practices for network interface tuning and IDS / IPS performance enhancement. You Have: Experience working with network IDS / IPS systems such as Snort, Suricata, or Corelight, including hands‑on management of YAML configuration files. Experience administering Red Hat Enterprise Linux (RHEL) systems, including package management, such as yum or dnf, kernel module management, SE‑Linux configuration, and system optimization via Unix CLI and remote shell access vectors, such as PuTTY or SSH. Experience tuning Suricata for high‑performance packet capture with Napatech NICs or advanced network interface cards. Experience with NIC‑specific features such as DMA, Receive Side Scaling (RSS), interrupt moderation, and off‑load capabilities, and how to configure them for Suricata. Experience troubleshooting Suricata's interaction with NIC drivers and kernel modules in an enterprise environment. Knowledge of configuration structure, syntax, and how it controls detection rules, logging, and output modules. Active TS/SCI clearance; willingness to take a polygraph exam. Associate's degree and 5+ years of experience supporting IT projects and activities or Bachelor's degree and 3+ years of experience supporting IT projects and activities or Master's degree and 1+ years of experience supporting IT projects and activities. DoD 8570 IAT Level II Certification, including Security+ CE, CCNA‑Security, GSEC, SSCP, CySA+, GICSP, or CND Certification. Ability to obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support Certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND Certification, within 60 days of start date. Nice If You Have: Experience with scripting languages, such as Bash, Python, YAML, or Ansible to automate Suricata configuration and deployment tasks. Experience integrating Suricata with Splunk or other SIEM solutions. Experience with Detection and Response (NDR) solutions, including with Trellix or FireEye, Corelight, Endace, Vectra AI, Darktrace, Cisco Security Network Analytics, Open XDR, Fortinet FortiNDR, or Trend Vision. Knowledge of network protocols, intrusion detection methodologies, and security event correlation. Knowledge of containerized deployments of Suricata, such as Docker or Kubernetes, in enterprise environments. Ability to be a self‑starter, work without considerable direction, and work with a team. Possession of excellent verbal and written communication skills, including client briefings and coordinating efforts. Clearance Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well‑being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work‑life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full‑time and part‑time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract‑specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people‑first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non‑Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law. #J-18808-Ljbffr

A leading cybersecurity firm is seeking a Senior Software Applied AI Engineer to develop cutting-edge AI solutions aimed at enhancing cybersecurity. You will build and enhance the AI security agent 'Hai', creating tools that allow organizations to develop more secure software while combating emerging threats. The role embraces flexible remote work within the Seattle area, and offers competitive compensation with substantial benefits. #J-18808-Ljbffr

Seattle, Washington, United States Corporate Functions Imagine what you could do here. At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. We're a diverse collection of problem solvers and doers, continually reimagining our products, systems, and practices to help people do what they love in new ways. This is a deeply reciprocal place, where everything we build is the result of people in different roles and teams working together to make each other's ideas stronger. That same real passion for innovation that goes into our products also applies to our practices, strengthening our dedication to leave the world better than we found it! We are seeking a leader for our Security Services team. This role requires a strategic, results-driven leader to advance our security services portfolio while ensuring delivery excellence, operational efficiency, and exceptional customer outcomes. In this role, you will drive the evolution, optimization, and continuous improvement of security offerings, aligning capabilities with business objectives and emerging security needs. The ideal candidate brings a strong blend of security or technical expertise, proven people leadership, and a customer‑centric mindset. We are seeking a strategic and results-oriented leader in Service Delivery to drive and advance our security service portfolio, ensuring consistent delivery excellence, operational efficiency, and customer satisfaction. This role will drive the evolution, optimization, and continuous improvement of our security service offerings, aligning capabilities with business objectives and emerging security needs. The ideal candidate will possess a strong blend of technical or security expertise, leadership skills, and a customer‑centric approach. Description The Manager, Security Services will be responsible for influencing and driving transformational change to across the organization. This is an opportunity to play a key role in shaping the future of our security service offerings. You must be passionate about service excellence and continuous improvement. Responsibilities Service Catalog Management: Develop and maintain a comprehensive service catalog that clearly defines and describes all available services, ensuring alignment with business objectives, customer and security needs. Service Standards Design: Establish and implement service standards that ensure consistent quality and performance across all service offerings. Maturity Assessments & Roadmaps: Conduct maturity assessments to evaluate current service capabilities and develop strategic roadmaps for continuous improvement. Performance Metrics Establishment: Work across teams to monitor key performance indicators (KPIs) to assess service effectiveness, efficiency, and customer satisfaction. Minimum Qualifications Demonstrated ability to manage, lead, and inspire teams while driving transformational organizational change Expertise with service delivery management; overseeing the end-to-end delivery of managed services Experience leading teams in a matrixed environment including working with security engineering, engineering managers, software developers, and other cross‑functional teams Strong problem solving skills; with the ability to lead through ambiguity to deliver incremental value to our customers Exceptional communication and presentation skills Preferred Qualifications Experience in leading an MSP (managed service provider) or MSSP (managed security service provider) organization Expert knowledge of service management frameworks (e.g. ITIL) and security best practices. CISSP and related security certifications is a plus At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $197,800 and $297,300, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits. Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program. Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant . Apple accepts applications to this posting on an ongoing basis. #J-18808-Ljbffr

The Amazon Web Services Professional Services (ProServe) team is seeking a skilled Delivery Consultant to join our team at Amazon Web Services (AWS). In this role, you will work closely with customers to design, implement, and manage AWS solutions that meet their technical requirements and business objectives. You will be a key player in driving customer success through their cloud journey, providing technical expertise and best practices throughout the project lifecycle. Possessing a deep understanding of AWS products and services, you will be proficient in architecting complex, scalable, and secure solutions tailored to meet the specific needs of each customer. You will work closely with stakeholders to gather requirements, assess current infrastructure, and propose effective migration strategies to AWS. As a trusted advisor to our customers, you will provide guidance on industry trends, emerging technologies, and innovative solutions, and you will be responsible for leading the implementation process, ensuring adherence to best practices, optimizing performance, and managing risks throughout the project. The AWS Professional Services organization is a global team of experts that help customers realize their desired business outcomes when using the AWS Cloud. We work together with customer teams and the AWS Partner Network (APN) to execute enterprise cloud computing initiatives. Our team provides assistance through a collection of offerings that help customers achieve specific outcomes related to enterprise cloud adoption. We also deliver focused guidance through our global specialty practices, which cover a variety of solutions, technologies, and industries. This position requires an active US Government security clearance of TS/SCI with Polygraph. Key Job Responsibilities Design and implement complex, scalable, and secure AWS solutions tailored to customer needs. Provide technical guidance and troubleshooting support throughout project delivery. Collaborate with stakeholders to gather requirements and propose effective migration strategies. Act as a trusted advisor to customers on industry trends and emerging technologies. Share knowledge within the organization through mentoring, training, and creating reusable artifacts. About the Team AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed below, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why AWS? Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Inclusive Team Culture - Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (diversity) conferences, inspire us to never stop embracing our uniqueness. Mentorship & Career Growth - We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance - We value work‑life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud. Basic Qualifications 7+ years of technical specialist, design and architecture experience. 5+ years of database (SQL, NoSQL, Hadoop, Spark, Kafka, Kinesis) experience. 7+ years of consulting, design and implementation of serverless distributed solutions experience. 5+ years of software development with object‑oriented language experience. 3+ years of cloud‑based solution (AWS or equivalent), system, network and operating system experience. 7+ years of external or internal customer‑facing, complex and large‑scale project management experience. 5+ years of cloud architecture and solution implementation experience. Bachelor's degree, or 7+ years of professional or military experience. Current, active US Government Security Clearance of TS/SCI with Polygraph. Preferred Qualifications Degree in advanced technology, or AWS Professional level certification. Knowledge of AWS services including compute, storage, networking, security, databases, machine learning, and serverless technologies. Knowledge of security and compliance standards including HIPAA and GDPR. Experience in performance optimization and cost management for cloud environments. Experience communicating technical concepts to diverse audiences in pre‑sales environments. Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit ********************************************************* for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $138,200/year in our lowest geographic market up to $239,000/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job‑related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign‑on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit ******************************************************** This position will remain posted until filled. Applicants should apply via our internal or external career site. Share this job Important FAQs for current Government employees Before proceeding, please review the following FAQs: ************************************************************ Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. #J-18808-Ljbffr

The Amazon Web Services Professional Services (AWS ProServe) team is seeking a skilled Senior Delivery Consultant to join our Cloud Security team. As a Senior Security Consultant, you'll work closely with customers to design, implement, and automate solutions in AWS to protect customer assets, enable customer security teams to operate more effectively, and ensure customers don't accept unnecessary risk. You will work in fast-paced, complex projects that focus on delivering transformative business and security outcomes for customers globally. The ideal candidate is a highly skilled technical security professional with the ability to coach and guide executive security and cloud leaders in their journey, addressing topics such as security strategy and optimizing cloud security operations while being able to dive deep into AWS security technology. Along the way, you'll be expected to invent, extend, and adapt technology to tailor solutions to customer needs as well as coach and mentor junior consultants to enable their success. The AWS Professional Services organization is a global team of experts that help customers realize their desired business outcomes when using the AWS Cloud. We work together with customer teams and the AWS Partner Network (APN) to execute enterprise cloud computing initiatives. Our team provides assistance through a collection of offerings which help customers achieve specific outcomes related to enterprise cloud adoption. We also deliver focused guidance through our global specialty practices, which cover a variety of solutions, technologies, and industries. Key job responsibilities Act as the technical leader for customer engagements and/or the security workstreams of engagements, leading teams of consultants. Lead internal initiatives to deliver quantifiable impact. Develop strategic relationships with internal and external leaders. Design and implement complex, scalable, and secure AWS solutions tailored to customer needs. Enable and engage delivery partners in project delivery. Provide mentorship and coaching to develop others. AWS Global Services includes experts from across AWS who help our customers design, build, operate, and secure their cloud environments. Customers innovate with AWS Professional Services, upskill with AWS Training and Certification, optimize with AWS Support and Managed Services, and meet objectives with AWS Security Assurance Services. Our expertise and emerging technologies include AWS Partners, AWS Sovereign Cloud, AWS International Product, and the Generative AI Innovation Center. You'll join a diverse team of technical experts in dozens of countries who help customers achieve more with the AWS cloud. Amazon Web Services (AWS) values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job below, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products & services to power their businesses. Inclusive Team Culture - Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (diversity) conferences, inspire us to never stop embracing our uniqueness. Mentorship & Career Growth - We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance - We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud. Basic Qualifications 5+ years of experience in cloud architecture and implementation. Bachelor's degree in Computer Science, Engineering, related field, or equivalent experience. 3+ year(s) of experience in IT security, compliance, or risk management. 5+ years experience in technology automation, implementation, integration, and/or deployment. Preferred Qualifications AWS experience preferred, with proficiency in a wide range of AWS services (e.g. EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation). AWS Professional level certifications (e.g. Solutions Architect Professional, DevOps Engineer Professional) preferred. Experience with automation and scripting (e.g. Terraform, Python). Knowledge of security and compliance standards (e.g. HIPAA, GDPR). Strong communication skills with the ability to explain technical concepts to both technical and non-technical audiences. Work experience in any of the following industries: financial services (banking, capital markets, payments, insurance, or other segments), automotive, telecommunications, healthcare, life sciences, energy, media & entertainment, or manufacturing. Hands‑on technical expertise in building security capabilities in code, deploying infrastructure as code, and implementing enterprise security solutions (e.g. WAF, IPS, Anti‑DDOS, SIEM). Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit ********************************************************* for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. The base salary for this position ranges from $126,000/year up to $210,400/year. Salary is based on a number of factors and may vary depending on job‑related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign‑on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. Applicants should apply via our internal or external career site. #J-18808-Ljbffr

A leading consulting firm in Washington, DC, is seeking a Senior AWS Network Architect to secure cloud environments for critical operations. The ideal candidate has over 5 years of experience in AWS architecture and managing Palo Alto firewalls. Responsibilities include developing security architectures and mentoring junior staff. This role offers a salary range of $86,800 to $198,000, with comprehensive benefits and flexibility in work arrangements. #J-18808-Ljbffr

Be Challenged and Make a Difference In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. Description of Task to be Performed: AnaVation is looking for a Sr. Systems Security Engineer to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members. Responsibilities Perform hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications. Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance. Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles. Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs. Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF). Conducting, configuring, and managing vulnerability scans. Conducting vulnerability remediations, patching, and system hardening. Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls. Support security assessments, audits, and accreditation/authorization (ATO) activities. Document security configurations, engineering solutions, and compliance evidence. Troubleshoot and resolve security-related technical issues in a timely manner. Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans. Providing Incident Response (IR) activities including triage, investigation, interviewing, resolving, and reporting on events. Promoting information security awareness across the program, ensuring security controls and processes are implemented. Presenting vulnerability analysis to system owners and leadership. Required Qualifications 5-10 years of experience in information system engineering and configuration management. 5 years of experience in control implementation and secure system engineering or design. Excellent communication skills. Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management SIEM tools (e.g., Splunk) Vulnerability Scanning tools (e.g., Tenable, Nessus) EDR tools (e.g., Crowdstrike) Web App Scanning tools (e.g., Burpsuite, Acunetix) Active Directory SANs VMWare Networking Devices Expertise in batch, bash, and/or PowerShell scripting Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership). Experience configuring and operating enterprise storage across networks (SAN) Server visualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc) Experience with: Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases Agile Methodologies GRC Tools (e.g., CSAM) Strong desire to learn, grow and be highly motivated. Certifications: OS specific certifications, Security + Personnel assigned to this task shall possess a blend of strong technical skills (networking, operating systems, security tools, programming, encryption) and essential soft skills (problem-solving, critical thinking, communication, collaboration) to design, implement, and maintain an information system's security control implementation. Desired Qualifications Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP Understanding of servers and security tools Education: Bachelor's degree in Engineering, Computer Science, or Information Systems Certifications: CompTIA Server+, Cloud certifications (AWS, Azure, Google), Network+, CCNA, RHCSA, Azure (AZ-104, AZ-204, AZ-500, AZ-305), AWS Solutions Architect Benefits Generous cost sharing for medical insurance for the employee and dependents 100% company paid dental insurance for employees and dependents 100% company paid long-term and short-term disability insurance 100% company paid vision insurance for employees and dependents 401k plan with generous match and 100% immediate vesting Competitive Pay Generous paid leave and holiday package Tuition and training reimbursement Life and AD&D Insurance About AnaVation AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team. If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you! AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. #J-18808-Ljbffr

A leading technology solutions provider in Washington, DC is seeking a Senior Systems Security Engineer. This role involves hands-on engineering and securing multiple operating systems, managing vulnerabilities, and ensuring compliance with security frameworks. Ideal candidates will have 5-10 years of experience in system engineering and strong communication skills. The position offers competitive pay and extensive benefits including paid medical and dental insurance. #J-18808-Ljbffr

A leading cloud security firm in Washington, DC is hiring a Senior AWS Network Architect. You will architect and manage complex AWS networks, ensuring cloud safety for critical operations. Candidates should have extensive experience in AWS, Palo Alto firewalls, and Zero Trust principles. The role includes mentoring junior experts and providing guidance on security architecture. Company offers competitive benefits and a flexible work model. #J-18808-Ljbffr

A technology consulting firm is seeking a skilled Network Security Engineer to join its team at the U.S. Naval Observatory in Washington D.C. The successful candidate will ensure compliance with Department of Defense cybersecurity requirements and provide direct support to various technical departments. With a focus on Cisco and Juniper technologies, applicants should have at least 7 years of relevant experience, including a Top Secret security clearance. Competitive salary and a robust benefits package are offered. #J-18808-Ljbffr

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Clearance Required: Secret Education Required: BA/BS or HS/GED and Equivalent Work Experience US Citizenship: Required The MIL Corporation is looking for a Sr. Host Based Security System (HBSS)- Endpoint Security Services (ESS) Administrator (Info. Systems & Cyber Security, Sr. Associate) to support the administration of Endpoint Security Services. This role supports a Federal Government client in Norfolk, VA. This position currently requires a hybrid schedule with 4 days on-site. Schedule is subject to change based on company/contract requirements. Responsibilities Perform actions with ePO dependencies such as Microsoft (MS) Structured Query Language (SQL) Server 2022 and Apache Administer the HBSS operations for Enterprise computing systems to include the various HBSS modules such Trellix Agent (TA), Data Exchange Layer (DXL), Endpoint Security (ENS), Data Loss Prevention (DLP), Policy Auditor (PA), Rogue System Detection (RSD), Trellix Application and Change Control (TACC), and Threat Intelligence Exchange (TIE) Assist in integrating HBSS with the information systems of Commander, Navy Installations Command (CNIC) Navy regions and tenant organizations Assist CNIC and their customers with deployment, tuning, and configuration of HBSS modules and policies Validate and coordinate all HBSS scheduled maintenance Create custom Firewall policies and work with Information Systems Security Manager (ISSM) and Information System Security Officers (ISSOs) to identify signatures to protect against zero-day threat Create firewall exclusions based on customer demand and the Assessment and Authorization (A&A) process Troubleshoot virtual machine (VM) and SQL issues that conflict with the basic functionality of ePO Create ePO queries and reports to collect various deployment statistics as required Monitor, evaluate and coordinate customer compliance with U.S. Cyber Command (USCYBEROM) orders and directives Assist in preparation for security inspections and support other DoD initiatives related to HBSS Coordinate with the ISSM and ISSOs regarding malicious events detected via HBSS and update incident reports as needed with supplementary HBSS data Travel Up to 10% of the time, to CONUS sites as required. Required Qualifications 10+ years of relevant experience with HBSS Extensive knowledge of ePO server task and query implementations used to automate various HBSS faucets such as endpoint module deployments and compliance Extensive knowledge of the US Navy Vulnerability Remediation Asset Manager (VRAM) Deep understanding of configuring and managing Data eXchange Layer (DXL) Trellix Application Change Control (TACC) integration, sustainment, and policy development experience ENS Firewall and Threat Protection policy management and module sustainment experience 2-4 years of SQL hands-on experience Basic Windows/Linux system admin experience Experience executing and interpreting DISA related STIGS for McAfee/Trellix products and familiarity with ESS OPORD DoD 8570.01 Level 2 Certification (e.g., Security+), or higher Experience with scripting and automation of McAfee ePO and Agent capabilities such as PowerShell and McAfee ePO Endpoint Deployment Kit Have extensive knowledge of Endpoint Security Services (ESS) Have extensive knowledge of Microsoft Defender for Identity (MDI) Desired Qualifications Master's degree in a technical discipline from an accredited college Experience with McAfee/Trellix Native encryption Experience with McAfee Package Designer Working knowledge of Microsoft Defender for Endpoint (MDE) IAT III Certification Endpoint Security Solutions (ESS) Administrator 201 ePO 5.10 Endpoint Security Solutions (ESS) Advanced Administrator 301 ePO 5.10 Endpoint Security Solutions (ESS) Analyst 501 ePO 5.10 Education Bachelor's Degree in a technical discipline from an accredited college. A high school diploma and six (6) years of work experience related to the position or an Associate's Degree in a technical discipline from an accredited college plus four (4) years of additional work experience related to the position may be substituted for a Bachelor's Degree. Clearance All applicants for this position must possess a Secret clearance; please note that the clearance process takes into account financial background aspect Compensation The MIL Corporation values your contributions and offers a range of benefits to support your overall well-being. We are pleased to offer a comprehensive range of benefits to our full-time employees which include health, life, disability, and retirement plans, as well as paid time off, opportunities for professional growth and tuition assistance. Additional benefits and incentives may also apply, which will be communicated during the hiring process. For this position, the projected compensation range is $115,000 - $145,000 per year. This estimate represents the typical salary range and is just one part of MIL's complete compensation package. Final salary for this position is determined based on factors such as individual qualifications, education, experience, and contractual limitations. Learn more on the MIL Careers page. Why MIL? The MIL Corporation (MIL) is a dynamic workforce of industry professionals who deliver world-class solutions in cyber, engineering, financial management, and information technology - and we are looking for candidates like you! MIL offers opportunities for professionals at all stages of their careers, from early-career candidates to experienced industry professionals. We are known for a collaborative, people-first culture where employees are supported, valued, and encouraged to grow. This commitment to our people and our work is reflected in the industry and workplace awards MIL has received over the years. 2021 - 2024, Top Workplaces USA award (Energage) 2017 - 2025 Top Workplaces Award, Greater Washington Area (The Washington Post) 2018 - 2025 Certified Great Workplace, Great Place to Work 2021 - 2025, Best Workplaces in Consulting & Professional Services 2021 Fortune Best Workplaces for Millennials 2018 Fortune, Great Place to Work: Best Place to Work for Diversity 2017, 2020 - 2025 Top Workplace Award, South Carolina (Greenville Business Magazine, Columbia Business Monthly, and Charleston Business Magazine) 2025 Corporate Partnership Award, Association of Fundraising Professionals, Maryland Chapter 2025 Moxie Award, GovCon Category 2024 Patriot Award, Employer Support of the Guard and Reserve (ESGR), Department of Defense 2022 Freedom Award, Employer Support of the Guard and Reserve (ESGR), Department of Defense 2018, Above & Beyond Award, Employer Support of the Guard and Reserve (ESGR), Department of Defense If your goal is to help the federal government deploy leading technologies, improve financial management, or defend the nation in cyberspace, MIL welcomes you. Become a part of something greater, where you, the people, make the difference. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law.

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management