Security Engineer jobs at Electronic Systems - 141 jobs

Salary: Job Summary: The Security Engineer is responsible for identifying, analyzing, and mitigating security threats while ensuring the organization's cyber defenses remain strong. This role focuses on implementing advanced security measures, monitoring network activity, and responding to cyber incidents in a timely and effective manner. The Engineer will work closely with IT and security teams to enhance the organization's overall security posture and protect critical data from potential breaches. Essential Functions Design, implement, and maintain security solutions to protect IT infrastructure and sensitive data. Manage and maintain Security Operations Center functions, including the monitoring and analysis of security events, alerts, and incidents. Conduct risk assessments, Lead and coordinate incident response activities, including investigation, containment, and remediation. Develop and enforce security policies, procedures, and best practices. Conduct vulnerability assessments and penetration testing to identify security gaps. Configure, deploy, and manage EDR/XDR solutions to detect and respond to threats on endpoints across the organization. Investigate and analyze security breaches to determine root causes and implement corrective actions. Collaborate with IT teams to ensure secure configuration of networks, servers, and endpoints. Provide recommendations and deploy security tools such as firewalls, intrusion detection systems (IDS), and endpoint protection. Stay updated on emerging cybersecurity threats, industry best practices, and regulatory compliance requirements. Oversee security configurations for Office 365, ensuring best practices are followed in access controls, monitoring, and incident detection in cloud services. Train staff on cybersecurity awareness and promote security best practices across the organization. Document security incidents, response actions, and resolution processes for continuous improvement. Required Knowledge, Skills, Abilities Strong understanding of cybersecurity principles, frameworks, and methodologies. Proficiency in security technologies, including SIEM, firewalls, antivirus, and endpoint security solutions. Experience with security incident detection, analysis, and response. Knowledge of network protocols, cloud security, and encryption methods. Ability to assess security risks and develop mitigation strategies. Proficiency in scripting or programming languages (Python, PowerShell, etc.) is a plus. Strong analytical, problem-solving, and decision-making skills. Excellent communication and collaboration skills to work with cross-functional teams. Familiarity with regulatory compliance requirements (e.g., NIST, ISO 27001, GDPR) Required Education, Certifications/ Licenses, Related Experience Bachelors degree in computer science, Information Security, or a related field (or equivalent experience). Industry certifications such as CISSP, CISM, CEH, GCIH or Security+ preferred. Minimum of 3-5 years of experience in cybersecurity, network security, SOC Analyst or a related field. In lieu of degree, a total number of 10 years of experience in related fields (in addition to the management experience required) will meet the education and related experience requirements listed above Physical Job Requirements Ability to work in an office environment with prolonged periods of sitting at a desk. May require lifting of equipment (up to 25 lbs) as needed. Ability to respond to security incidents outside of normal working hours as necessary. Travel Requirements Occasional travel may be required for training, conferences, or collaboration with remote teams. Anticipated travel will be by car, air, and/or train Securiport is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Securiport is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor'sEEO posterand EEO poster supplementfor additional information. Disclaimer: Nothing in this restricts management's right to assign or reassign duties and responsibilities to this job at any time. The above statements are intended to describe the general nature and level of work being performed by people assigned to this position at the time this job description was written. They are not intended to be an exhaustive list of all duties, responsibilities and skills required of personnel so classified. This document does not create an employment contract, implied or otherwise, and all employees in this position are employed at-will.

Job Summary: The Security Engineer is responsible for identifying, analyzing, and mitigating security threats while ensuring the organization's cyber defenses remain strong. This role focuses on implementing advanced security measures, monitoring network activity, and responding to cyber incidents in a timely and effective manner. The Engineer will work closely with IT and security teams to enhance the organization's overall security posture and protect critical data from potential breaches. Essential Functions · Design, implement, and maintain security solutions to protect IT infrastructure and sensitive data. · Manage and maintain Security Operations Center functions, including the monitoring and analysis of security events, alerts, and incidents. · Conduct risk assessments, Lead and coordinate incident response activities, including investigation, containment, and remediation. · Develop and enforce security policies, procedures, and best practices. · Conduct vulnerability assessments and penetration testing to identify security gaps. · Configure, deploy, and manage EDR/XDR solutions to detect and respond to threats on endpoints across the organization. · Investigate and analyze security breaches to determine root causes and implement corrective actions. · Collaborate with IT teams to ensure secure configuration of networks, servers, and endpoints. · Provide recommendations and deploy security tools such as firewalls, intrusion detection systems (IDS), and endpoint protection. · Stay updated on emerging cybersecurity threats, industry best practices, and regulatory compliance requirements. · Oversee security configurations for Office 365, ensuring best practices are followed in access controls, monitoring, and incident detection in cloud services. · Train staff on cybersecurity awareness and promote security best practices across the organization. · Document security incidents, response actions, and resolution processes for continuous improvement. Required Knowledge, Skills, Abilities Strong understanding of cybersecurity principles, frameworks, and methodologies. Proficiency in security technologies, including SIEM, firewalls, antivirus, and endpoint security solutions. Experience with security incident detection, analysis, and response. Knowledge of network protocols, cloud security, and encryption methods. Ability to assess security risks and develop mitigation strategies. Proficiency in scripting or programming languages (Python, PowerShell, etc.) is a plus. Strong analytical, problem-solving, and decision-making skills. Excellent communication and collaboration skills to work with cross-functional teams. Familiarity with regulatory compliance requirements (e.g., NIST, ISO 27001, GDPR) Required Education, Certifications/ Licenses, Related Experience · Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience). · Industry certifications such as CISSP, CISM, CEH, GCIH or Security+ preferred. · Minimum of 3-5 years of experience in cybersecurity, network security, SOC Analyst or a related field. · In lieu of degree, a total number of 10 years of experience in related fields (in addition to the management experience required) will meet the education and related experience requirements listed above Physical Job Requirements · Ability to work in an office environment with prolonged periods of sitting at a desk. · May require lifting of equipment (up to 25 lbs) as needed. · Ability to respond to security incidents outside of normal working hours as necessary. Travel Requirements · Occasional travel may be required for training, conferences, or collaboration with remote teams. · Anticipated travel will be by car, air, and/or train Securiport is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Securiport is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor's EEO poster and EEO poster supplement for additional information. Disclaimer: Nothing in this restricts management's right to assign or reassign duties and responsibilities to this job at any time. The above statements are intended to describe the general nature and level of work being performed by people assigned to this position at the time this job description was written. They are not intended to be an exhaustive list of all duties, responsibilities and skills required of personnel so classified. This document does not create an employment contract, implied or otherwise, and all employees in this position are employed “at-will.”

Introduction We working on a project that tackles the problem of managing large-scale IT networks. We are seeking talented and highly motivated engineers to join us in bringing this project to a larger audience. You would be responsible for helping to create, evolve, document, and implement security development and deployment practices for a product that's delivered both on-premises as well as to the cloud. This work would include evaluating and disseminating information and recommendations from resources such as NIST, OWASP, MITRE, and other sources of security information and best practices. This work would also include-with the assistance of the rest of the development team-implementing these security controls and practices as part of the software development process, supplying guidance and requirements for deploying our product on-premises, and creating a secure environment for our upcoming cloud offering. Our product is a .NET Core application (with some TypeScript and Python components) backed primarily by PostgreSQL, that serves both a web frontend and REST API. The application source is hosted in GitLab, and we use merge requests and GitLab CI to manage our code contribution workflows. Things we really need Experience maintaining a secure software supply chain (monitoring for CVEs, creating SBOMs, etc.) Experience evaluating security best practices and applying them to processes and assets Experience reviewing code and architecture to identify potential security issues Experience writing internal documentation around security evaluations and decisions Experience with security monitoring infrastructure (log analysis, web application firewalls) United States citizenship 8+ years of experience Things we want too Familiarity with writing infrastructural code in support of security goals (abstractions, constraints, etc.) Familiarity with working with developers to help them learn and self-apply secure development principals Familiarity with government/industry security auditing processes Specific familiarity with web security concepts and best practices (TLS/HTTPS, common web vulnerabilities, federated authentication, etc.) Things that are extra cool Specific familiarity with government programs pertaining to secure application development (STIGs, APL, NIAP) Specific experience with the Microsoft web application development stack (C#, .NET, ASP.NET) Specific experience with AWS security tooling Experience with static application security analysis tools Our end of the bargain Remote-first environment (if that's your thing) Dedicated collaborative office space in NoVA (if that's your thing) We respect work/life balance Occasional on-site team summits Competitive salary and annual reviews

Who We Are Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. What Drives Success The Network Security Analyst position will act as a first-level escalation point for concerns involving firewall access requests, network troubleshooting, and VPN issues. The analyst will be responsible for initial response to incidents involving client VPN and troubleshooting firewall issues. Design and implement approved firewall change requests in accordance with established guidelines. Perform operational checks of the firewalls to ensure optimal operation. Conduct periodic review of firewall policies to identify and remove any unused, duplicate, or expired objects and/or rules through change management. Troubleshoot network connectivity issues involving systems, applications, and services. Initiate the RMA of faulty firewall equipment. Work closely with the security engineering team to implement security enhancements and/or mitigate identified security gaps. Assist with firewall updates, and operating system upgrades. Assist with troubleshooting client VPN connectivity issues. What We Are Looking For 2 to 3 years of experience administering enterprise class NextGen firewalls. 1 to 3 years of experience working with Windows and Linux systems. One or more of the following certifications is preferred: (ISC)2 SSCP, CompTIA Security+, Palo Alto PCNSA/PCNSE, SANS GSEC, or Cisco CCNP Security. Associates degree in related field or equivalent experience required. Basic understanding of malware (computer viruses, worms, spyware, ransomware, etc.) and associated risk mitigation techniques. Strong understanding of next generation firewall technologies; Palo Alto experience preferred. Strong understanding of the uses and associated cyber security risks of well-known network ports and protocols such as SSL, HTTP, DNS, SMTP, FTP, SSH, IPsec, etc. Understanding of threat mitigation profiles and configuration in next generation firewalls. Strong intrusion detection / prevention system (IDS/IPS) knowledge. Ability to interpret and understand firewall traffic and threat logs. Ability to troubleshoot network connectivity and application problems. Strong understanding of computer network routing and switching fundamentals. Familiarity of Windows Server 2008/2012/2019 and Windows 10 Familiarity of the Linux operating system. Familiarity of current threats and trends in Cyber Security. Basic understanding of cyber security frameworks (e.g., NIST, zero trust). What We Offer This position is based 100% onsite in the office, Monday through Friday. Compensation: This is a salaried exempt role. The starting salary range for this role and market is between $75,000-$100,000 annually. Factors that may affect starting salary include geography/market and the skills, education, experience, and other qualifications of the successful candidate. Employees in this role are also eligible for an annual bonus in accordance with the terms of the Company's applicable plan. Employees in this role are not eligible for overtime. Benefits: Subject to applicable eligibility requirements, the following benefits are offered for this role: tuition reimbursement; medical, dental, and vision insurance; prescription drug coverage; 401(k) retirement plan; short-term disability insurance; 8 weeks paid birthing leave; 2 weeks paid bonding leave; life and long-term disability insurance. Depending on date of hire, and subject to applicable eligibility requirements, new employees in this role also receive up to: 12 days paid time off, 2 paid well-being days, 1 paid volunteer day, 12 paid holidays, and 3 floating holidays per year. Our Culture: At Lennox, our Core Values of Integrity, Respect & Excellence are ingrained in the fabric of the organization. They define our culture - which is about how we do business and how we treat others. Lennox is not just a workplace; we are a global community that values each team member's contributions. As an equal opportunity employer, we are committed to recruit, develop, and retain talented individuals from a wide range of backgrounds, ensuring that everyone has the opportunity to succeed and contribute to our continued growth and success. At Lennox, you'll take pride in our brands, knowing you are part of something special. Come, stay, and grow with us! Disclaimers: The compensation and benefits information is accurate as of the date of this posting. Lennox reserves the right to modify this information at any time, with or without notice, subject to applicable law. #LI-MH2 #LI-Onsite We can recommend jobs specifically for you! Click here to get started.

Who We Are Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. What Drives Success The Network Security Analyst position will act as a first-level escalation point for concerns involving firewall access requests, network troubleshooting, and VPN issues. The analyst will be responsible for initial response to incidents involving client VPN and troubleshooting firewall issues. * Design and implement approved firewall change requests in accordance with established guidelines. * Perform operational checks of the firewalls to ensure optimal operation. * Conduct periodic review of firewall policies to identify and remove any unused, duplicate, or expired objects and/or rules through change management. * Troubleshoot network connectivity issues involving systems, applications, and services. * Initiate the RMA of faulty firewall equipment. * Work closely with the security engineering team to implement security enhancements and/or mitigate identified security gaps. * Assist with firewall updates, and operating system upgrades. * Assist with troubleshooting client VPN connectivity issues. What We Are Looking For * 2 to 3 years of experience administering enterprise class NextGen firewalls. * 1 to 3 years of experience working with Windows and Linux systems. * One or more of the following certifications is preferred: (ISC)2 SSCP, CompTIA Security+, Palo Alto PCNSA/PCNSE, SANS GSEC, or Cisco CCNP Security. * Associates degree in related field or equivalent experience required. * Basic understanding of malware (computer viruses, worms, spyware, ransomware, etc.) and associated risk mitigation techniques. * Strong understanding of next generation firewall technologies; Palo Alto experience preferred. * Strong understanding of the uses and associated cyber security risks of well-known network ports and protocols such as SSL, HTTP, DNS, SMTP, FTP, SSH, IPsec, etc. * Understanding of threat mitigation profiles and configuration in next generation firewalls. * Strong intrusion detection / prevention system (IDS/IPS) knowledge. * Ability to interpret and understand firewall traffic and threat logs. * Ability to troubleshoot network connectivity and application problems. * Strong understanding of computer network routing and switching fundamentals. * Familiarity of Windows Server 2008/2012/2019 and Windows 10 * Familiarity of the Linux operating system. * Familiarity of current threats and trends in Cyber Security. * Basic understanding of cyber security frameworks (e.g., NIST, zero trust). What We Offer This position is based 100% onsite in the office, Monday through Friday. Compensation: This is a salaried exempt role. The starting salary range for this role and market is between $75,000-$100,000 annually. Factors that may affect starting salary include geography/market and the skills, education, experience, and other qualifications of the successful candidate. Employees in this role are also eligible for an annual bonus in accordance with the terms of the Company's applicable plan. Employees in this role are not eligible for overtime. Benefits: Subject to applicable eligibility requirements, the following benefits are offered for this role: tuition reimbursement; medical, dental, and vision insurance; prescription drug coverage; 401(k) retirement plan; short-term disability insurance; 8 weeks paid birthing leave; 2 weeks paid bonding leave; life and long-term disability insurance. Depending on date of hire, and subject to applicable eligibility requirements, new employees in this role also receive up to: 12 days paid time off, 2 paid well-being days, 1 paid volunteer day, 12 paid holidays, and 3 floating holidays per year. Our Culture: At Lennox, our Core Values of Integrity, Respect & Excellence are ingrained in the fabric of the organization. They define our culture - which is about how we do business and how we treat others. Lennox is not just a workplace; we are a global community that values each team member's contributions. As an equal opportunity employer, we are committed to recruit, develop, and retain talented individuals from a wide range of backgrounds, ensuring that everyone has the opportunity to succeed and contribute to our continued growth and success. At Lennox, you'll take pride in our brands, knowing you are part of something special. Come, stay, and grow with us! Disclaimers: The compensation and benefits information is accurate as of the date of this posting. Lennox reserves the right to modify this information at any time, with or without notice, subject to applicable law. #LI-MH2 #LI-Onsite

Job DescriptionSalary: Cyber security project engineer skilled in supporting Information Assurance, Certification & Accreditation and Assessment & Authorization activities. You will successfully guide the team through the security process coordinating and tracking risks, generating security plans and be the security advocate for all system/architecture changes. An active security clearance is required for this position.

Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional Information Work with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

blue Stone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide Job Description Our client seeking a Cyber Security Operations Analyst to support an operations team that supports a large government customer. The candidate will be relied upon to assist teammates and perform troubleshooting as needed. The candidate should excel in a fast-paced work environment and be willing to face new challenges. Qualifications • Proficiency with vulnerability scanning, remediation and reporting • Knowledge in web application scanning using various tools • Demonstrated proficiency with Windows, UNIX, & LINUX operating systems • Experience working in a customer service information technology environment • Network security and system security experience • Ability to discuss real world troubleshooting; problems and solutions encountered • Knowledge of IT security best practices, US federal government standards, regulations and policy (FedRamp, TIC, NIST 800-37rev1 & 800-53rev3) • Must be motivated and able to work independently • Proven project leadership (PowerPoint presenting, MS Project Planning) • Experience working with change implementation in a controlled environment • Excellent verbal, written communication and technical writing skills Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience. 2-5 years of related experience in data security administration. Experience using some of the following tools: o Nessus o Tenable Security Center o Netsparker o WebInspect o BurpSite Additional InformationWork with blue Stone recruiting to find your next Cyber Security role. You can find us at ******************************* We look forward to speaking with you.

EPS Corporation is seeking a talented Systems Security Engineer to provide comprehensive cybersecurity support within a Department of Defense (DoD) or U.S. Navy environment. The ideal candidate will possess a strong background in system security engineering, vulnerability management, and risk assessment, with hands-on experience supporting accreditation and audit processes. Requirements Perform vulnerability assessments and risk analyses on networked systems, applications, and devices to ensure compliance with DoD cybersecurity standards. Conduct virus and malware scans, identifying and mitigating software threats that could impact system performance or security. Support the accreditation and auditing of information systems in accordance with DoD and Navy security requirements. Implement and maintain security controls to protect information systems and data integrity. Collaborate with system administrators, network engineers, and program security teams to resolve findings from scans, assessments, and audits. Prepare and maintain security documentation, including risk assessments, plans of action and milestones (POA&Ms), and system security plans (SSPs). Contribute to the continuous monitoring and improvement of cybersecurity practices within assigned systems and networks. Required Qualifications Four (4) years of professional experience in IT security within the DoD or Navy environment. Proven experience performing vulnerability analysis, risk analysis, and malware detection. Qualified experience supporting system accreditation and security audits. Familiarity with DoD cybersecurity standards, including the Risk Management Framework (RMF) and DISA STIGs. Must meet DoD 8570 IAT Level II certification requirements (e.g., Security+ CE, CCNA Security, or equivalent). Must possess an active T3 investigation (Secret clearance eligibility). Strong attention to detail, analytical thinking, and problem-solving abilities. Preferred Qualifications Experience with vulnerability scanning tools such as ACAS, Nessus, or SCAP. Working knowledge of eMASS and system authorization processes. Understanding of network security, incident response, and configuration management best practices.

We are seeking a Cyber Security Analyst. This position provides 24x7 cybersecurity monitoring and analysis services for Department of Defense networks above the SECRET level. This includes performing real-time cyber threat intelligence analysis, correlating actionable security events, performing network traffic analysis using raw packet data, and participating in the coordination of resources during the incident response process. Review DoD and open source intelligence for threats and to identify Indicators of Compromise (IOCs) and integrate those into sensors and SIEMs Utilize alerts from endpoints, IDS/IPS, netflow, and custom sensors to identify compromises on customer networks/endpoints Review massive log files, pivot between data sets, and correlate evidence for incident investigations Triage alerts to identify malicious actors on customer networks Report incidents to customers and USCYBERCOM Qualifications Bachelor's Degree and 4+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of a degree. Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting. DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire. Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain and an ability to think and work independently Bachelor's degree and less than 2+ years of prior relevant experience; additional work experience or Cyber courses/certifications may be substituted in lieu of degree. Strong analytical and troubleshooting skills Willing to perform shift work Must be a US Citizen Must have an active DoD TOP Secret security w/ SCI clearance eligibility. Preferred Qualifications: CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization. Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs). Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements. Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, Full Packet Capture), and other attack artifacts in support of incident investigations. In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic). Experience and proficiency with any of the following: Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics. Experience with malware analysis concepts and methods. Unix/Linux command line experience. Scripting and programming experience. Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings. Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain methodology. Existing 8570 CSSP Analyst Certifications (CEH), CySA+ etc. Clearance Level: TSSCI Certifications: IAT Level II Baseline Certification

Cyber Analyst - Mid requires an active TS/Sensitive Compartmental Information (SCI) clearance. Cherokee Insights is seeking a Cyber Analyst to provide mid-level cyber analysis to identify, assess, and disrupt threats to cleared industry, cleared personnel, DOD, and Defense Counterintelligence and Security Agency (DCSA). The Cyber Analyst will facilitate USG responses to adversary action and insider threats by sharing threat indicators and enabling responsive measures from other agencies and services. Compensation & Benefits: Pay commensurate with experience. Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice. Cyber Analyst - Mid Responsibilities Include: Develop cyber capabilities and processes that illuminate threats, enhance awareness, and enable customer response. Operationalize an enterprise security risk management methodology across Government and industry stakeholders. Provide CI Cyber analytic support to the Joint Cyber Intelligence Tool Suite (JCITS) via validation and ingest of indicators of compromise (IOC). Author and/or support cyber threat products and briefings that illuminate threats and enhance awareness. Produce Activity Reports from Mandatory Incident Reports (MIR) with analytic assessments in DCSA system of record. Author Shared Indicator Bulletins that adhere to IC standards and reveal emerging trends in FIE targeting, issues of strategic significance, and/or actionable information against FIE threats. Support analytic production on classified CI Cyber threat products that highlight emerging trends in FIE targeting, issues of strategic, and/or actionable information against FIE threats. Collaborate, coordinate, and engage with customers, stakeholders, and the CI cyber community to share threat information, promote integration, enhance awareness, and enable customer response. Support CI cyber engagements or working groups. Distribute Defense Cyber Crime Center (DC3) Mandatory Incident Reports (MIR) to DCSA Field Personnel. Publish mission area related IIR evaluations/Source Directed Requirements (SDR) for all finished CI cyber analytic products. Performs other job-related duties as assigned Cyber Analyst - Mid Experience, Education, Skills, Abilities requested: Must have an active Top Secret / SCI level security clearance. Desired to have a minimum 8 years of experience related to the Cyber Analyst role with at least a portion of the experience within the last 2 years. Preferred to have a Bachelor's degree Comprehensive mission knowledge and skills that affirms completion of all developmental training and experiences for the labor category. Ability to communicate understanding from information that may be incomplete, indirect, highly complex, seemingly unrelated, and / or technically advanced. Able to structure analysis based on trends in reporting and a range of analytic perspectives from other analysts, organizations, and intelligence disciplines. Able to work independently with minimal oversight and direction. Collaborate and work with other IC members on information Sharing, driving collection, and addressing analytic disputes and conflict resolution. Develop concise, insightful. and comprehensive products for defense intelligence. Demonstrates ability to lead teams in researching multifaceted or critical problems. Provides guidance in selecting, designing, and applying analytic methodologies. Uses argument evaluation and validated analytic methodologies to challenge differing perspectives. Working knowledge of the concepts involved in the specific functions outlined in the specified labor category description. Knowledgeable of and demonstrates ability to apply Intelligence Community (IC) and DoD classification guidelines and procedures. Able to work semi-independently with oversight and direction. Demonstrates ability to use logic when evaluating and synthesizing multiple sources of information. Has understanding of interpreting analysis to include, but not limited to, its meaning, importance, and implications. Able to defend analytic judgements with sound, logical conclusions and adapt analytic judgments when presented with new information, evolving conditions, or unexpected developments. Demonstrates ability to produce timely, logical, and concise analytic reports, documents, assessments, studies, and briefing materials in formats including Microsoft Office tools (e.g. Excel, Word, PowerPoint, etc.), electronic/ soft copy matrices and/ or web-enabled formats. Demonstrates ability to communicate complex issues clearly in a concise and organized manner both verbally and non-verbally, with strong grammar skills. Proficiency using Microsoft Office tools. Develop structured research including, but not limited to, obtaining, evaluating, organizing, and maintaining information within security and data protocols. Able to recognize nuances and resolve contradictions and inconsistencies in information. Has working knowledge using complex analytic methodologies, such as structured analytic techniques or alternative approaches, to examine biases, assumptions, and theories to eliminate uncertainty, strengthen analytic arguments, and mitigate surprise. Structured analytic techniques include, but not limited to, Analysis of Competing Hypotheses, Devil's Advocacy, High-Impact/ Low-Impact Analysis, Red Team Analysis and Alternative Futures Analysis. Understanding of intelligence collection capabilities and limitations, to include but not limited to, technical sensors/ platforms and human intelligence sources related to the labor category. Demonstrates understanding of evaluating collected intelligence reporting, engaging with collection managers, and developing collection requirements. Must pass pre-employment qualifications of Cherokee Federal Company Information: Cherokee Insights (Insights) is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government's mission with compassion and heart. To learn more about Insights, visit cherokee-federal.com. #CherokeeFederal #LI-SM1 #IntelCareers Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. Similar searchable job titles: Intelligence Analyst All Source Analyst Cyber Analyst Technology Analyst Emerging Disruptive Technology Analyst Keywords: Cyber Emerging technology Technology Targeting Counterintelligence CI Technology Legal Disclaimer: All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state or local law. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal. As required by our governmental client, this position requires being a US Citizen AND an active TS/Sensitive Compartmental Information (SCI) clearance.

ESSENTIAL DUTIES & RESPONSIBILITIES Monitors performance of production systems and ensures 24x7X365 availability to our customers; acts as primary liaison between Kaneka IT and third-party vendors. Installs, configures, tunes, maintains, troubleshoots, and administers security updates and patches to our systems and servers in both physical and virtual environments. Designs, installs, configures, tunes, maintains, troubleshoots, and administers components and accounts within the Microsoft Azure cloud. Maintains key performance indicators, analyzes systems performance, identifies corrective action, designs and reviews solutions with infrastructure Manager, tests and implements security solutions. Leads, plans, coordinates and executes necessary IT engineering efforts and upgrades/updates to core security infrastructure servers and systems. Ensures only allowed devices are connected to the network using the Cisco Identity Services Engine (ISE) solution to register and allow only Kaneka and known BYOD devices. Installs, Configures, and maintains servers, routers, switches, and firewalls as needed with an emphasis on cybersecurity, reliability, and performance. Consults with customers to capture security business requirements, proposes solutions and leads projects delivering the agreed solution. Audits and ensures backups and restores are being performed by datacenter personnel as required; recommends and/or takes corrective action as appropriate. Coordinates and performs security restore operations as the business requires. Ensures updates to network software applications are tested and implemented according to policies; ensure updates are functioning properly. Provides administration, troubleshooting, and support for the hosted IP-based phone system. Develops, documents and maintains Disaster Recovery procedures and maintains current IT's DRP Manual; conducts training and hands-on drills with the IT Team and hosting vendors. Participates in the IT on-call roster. Ensures adequate knowledge and continuous learning by attending industry training and seminars. OTHER RESPONSIBILITIES Maintain complete and open lines of communication with other personnel, functions, or departments to facilitate operations and interaction in the organization. Keep supervisor informed of status and progress, ensuring that regular and periodic communication takes place. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks and keeping abreast of industry trends and related compliance issues within the area of responsibilities. Maintain professional conduct, attendance, and high ethical standards in the work place, complying with company's policies and procedures. Fulfill mandatory training requirements applicable for department and job duties as appropriate. Perform other duties and responsibilities as required or requested by supervisor or Management.

Job DescriptionOur Company Arch is a Series B financial technology company that automates the management of private investments, improving access, understanding, and the human experience of investing across asset classes. Private investments such as venture capital, hedge funds, and private equity, make up roughly 25% of the investment universe. Traditionally, investors, advisors, banks, families, and managers track hundreds of investments in complicated spreadsheets, file folders, and busy inboxes. Not only is this tedious and time-consuming, but it is rife with opportunity for manual data entry errors, inconsistent reporting, and lost information. Enter, Arch. Arch delivers standardized data, documents, and insights in a single platform, avoiding the need to chase information across dozens or hundreds of ‘portals'. Our purpose is to save investors' time while empowering them to make more informed investment decisions, leading to better financial outcomes. We are a fast-growing, dynamic team of 120+, serving over 400 clients, including several of America's largest banks, families, and financial institutions. We've over doubled the size of the company every year since inception and we are looking to hire in all departments as we scale. The role: As a Security Engineer on the Security team, they will focus on safeguarding Arch's enterprise infrastructure, managing identity security, implementing zero trust models, hardening critical services and endpoint systems, and ensuring the secure integration and operation of our extended workforce and third-party SaaS applications. Key responsibilities: Design, implement, and maintain enterprise-wide identity and authentication solutions, ensuring security and compliance. Develop and deploy Zero Trust frameworks to strengthen access control and reduce risk. Evaluate and manage third-party SaaS applications for compliance with Arch's security standards. Collaborate with IT, engineering, and compliance to secure endpoints and manage access for extended workforce and contractors. Identify, assess, and mitigate security risks across enterprise applications and third-party integrations. Promote security awareness by educating employees on best practices and data protection. Support Security and IT Operations in diagnosing and resolving enterprise security issues. Foster secure productivity in a dynamic, fast-paced environment. Talk to us about your experience with: Infrastructure - IAM (Okta), AWS, Google Workspace. Security Fundamentals - OWASP, NIST, CIS Benchmarks, ISO 27001, SOC 2 Authentication & Access - SSO, MFA, SCIM, LDAP, Zero Trust, least privilege Automation & Scripting - Python, PowerShell, Bash, automation of identity/security workflows A Note about us: All of our full-time roles are based onsite at our New York City office, where our team thrives on in-person collaboration and dynamic teamwork. Being onsite daily enables us to build strong connections, collaborate effectively to solve challenges, and foster an engaging environment focused on shipping product and delivering exceptional service to our clients. We encourage applicants currently located in or willing to relocate to the NYC area to join us in this exciting, hands-on workspace. Some perks of working for Arch include: Strong Team - You'll be backed by a strong team that consistently exceeds client expectations and ships new products quickly. Your work is high impact - Being part of a small team means you have real responsibility and impact from day one. You'll be involved in discussions that drive the growth and direction of our platform from the very beginning. Product Market Fit - We have strong product market fit, exceptionally low churn, and have grown mostly organically through word of mouth. Team community and camaraderie - We have enormous trust in each other and always do what we can do to support one another. We're always ready to step in to help. Great office - we've invested in a great space for the Arch team to come together, at 18th and Park in Manhattan (the old Buzzfeed / NYT headquarters). Lunch is on Us - Grab lunch on us while you're in the office and take a break to laugh, brainstorm, or just hang out with your teammates over a meal. Compensation Range: $125K - $200K

The Information Security Specialist is responsible for Information Security within the Americas region. Duties include designing, implementing, and improving security controls, incident response strategies, and risk mitigation measures to safeguard IT systems and sensitive data. *This position is office-based in Newport News, VA.* Responsibilities Designs and implements security solutions to protect IT infrastructure Develops and enforces security policies, standards, and risk mitigation strategies Conducts penetration testing, vulnerability scanning, and security audits Investigates and responds to security incidents, performing forensic analysis Ensures compliance with regulatory frameworks (GDPR, NIS2, ISO 27001) Evaluates and integrates new security tools and technologies Automates security processes and threat mitigation where possible Works with IT, DevOps, and risk management teams Engages with regulatory bodies and compliance auditors Coordinates with external cybersecurity partner Competencies Education and Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Technology or related discipline and 4 years of IT experience focused on Information Security relevant technologies; or combination of equivalent education, training, certification, and 8 years relevant experience. Information Security certifications (such as CISSP: Certified Information Systems Security Professional; CEH: Certified Ethical Hacker; CISM: Certified Information Security Manager; GIAC: Global Information Assurance Certification) can be accepted in lieu of bachelor's degree. Security+ preferred. Knowledge of Information Security engineering principles (least privilege, zero trust) Knowledge of IAM solutions (Active Directory, Okta, SSO, MFA) Knowledge of threat modeling and risk analysis techniques Knowledge of Information Security automation tools (Ansible, PowerShell, Python) Knowledge of Compliance frameworks (NIST CSF, CIS Controls, ISO 27001) Skilled in designing and implementing security architectures Skilled in automating security processes and threat mitigation Skilled in managing security operations and improving response efficiency Ability to work independently and take ownership of security initiatives Strong problem-solving skills in high-pressure situations Excellent teamwork and collaboration in cross-functional security projects Clear and concise communication to bridge technical and non-technical audiences Travel domestically and internationally occasionally. Ability to obtain and maintain a valid driver license and passport. Our Offer An interesting and ambitious role in a successful international company. We offer a secure work environment with a comprehensive benefits package that includes major medical, dental and vision insurance, 401K plan with company match, paid vacation and personal days and competitive salary. Referral Bonus: Tier III Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Thomas Steele. Liebherr-America, Inc. and its US affiliates are Equal Opportunity Employers. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. If you are a California resident, please visit Liebherr USA, Co. Privacy Statement for more information regarding how Liebherr-America, Inc. and its US affiliates collect and process your personal information. One Passion. Many Opportunities. The company In line with its international growth, Liebherr's venture into the United States began in 1970. Within a couple of years, the company expanded and completed its production facilities in Newport News, Virginia, for its product line of hydraulic excavators. It was later converted into Liebherr's manufacturing facility for mining trucks and remains home to Liebherr Mining Equipment Newport News, Co. In addition to its production facility, Liebherr markets a wide variety of products and technologies through its companies located across the United States. The companies are Liebherr-Aerospace Saline, Inc., Liebherr Gear Technology, Inc., Liebherr Automation Systems, Co., and Liebherr USA, Co., the umbrella company for 12 product segments that are positioned across the United States. Location Liebherr USA Co. 4800 Chestnut Avenue 23607 Newport News, VA United States (US) Contact Thomas Steele ************************ [Not translated in selected language]

The Information Security Specialist is responsible for Information Security within the Americas region. Duties include designing, implementing, and improving security controls, incident response strategies, and risk mitigation measures to safeguard IT systems and sensitive data. * This position is office-based in Newport News, VA.* Responsibilities * Designs and implements security solutions to protect IT infrastructure * Develops and enforces security policies, standards, and risk mitigation strategies * Conducts penetration testing, vulnerability scanning, and security audits * Investigates and responds to security incidents, performing forensic analysis * Ensures compliance with regulatory frameworks (GDPR, NIS2, ISO 27001) * Evaluates and integrates new security tools and technologies * Automates security processes and threat mitigation where possible * Works with IT, DevOps, and risk management teams * Engages with regulatory bodies and compliance auditors * Coordinates with external cybersecurity partner Competencies * Education and Experience: Bachelor's degree in Cybersecurity, Computer Science, Information Technology or related discipline and 4 years of IT experience focused on Information Security relevant technologies; or combination of equivalent education, training, certification, and 8 years relevant experience. Information Security certifications (such as CISSP: Certified Information Systems Security Professional; CEH: Certified Ethical Hacker; CISM: Certified Information Security Manager; GIAC: Global Information Assurance Certification) can be accepted in lieu of bachelor's degree. Security+ preferred. * Knowledge of Information Security engineering principles (least privilege, zero trust) * Knowledge of IAM solutions (Active Directory, Okta, SSO, MFA) * Knowledge of threat modeling and risk analysis techniques * Knowledge of Information Security automation tools (Ansible, PowerShell, Python) * Knowledge of Compliance frameworks (NIST CSF, CIS Controls, ISO 27001) * Skilled in designing and implementing security architectures * Skilled in automating security processes and threat mitigation * Skilled in managing security operations and improving response efficiency * Ability to work independently and take ownership of security initiatives * Strong problem-solving skills in high-pressure situations * Excellent teamwork and collaboration in cross-functional security projects * Clear and concise communication to bridge technical and non-technical audiences * Travel domestically and internationally occasionally. * Ability to obtain and maintain a valid driver license and passport. Our Offer An interesting and ambitious role in a successful international company. We offer a secure work environment with a comprehensive benefits package that includes major medical, dental and vision insurance, 401K plan with company match, paid vacation and personal days and competitive salary. Referral Bonus: Tier III Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Thomas Steele. Liebherr-America, Inc. and its US affiliates are Equal Opportunity Employers. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. If you are a California resident, please visit Liebherr USA, Co. Privacy Statement for more information regarding how Liebherr-America, Inc. and its US affiliates collect and process your personal information. One Passion. Many Opportunities.

Our Company Arch is a Series B financial technology company that automates the management of private investments, improving access, understanding, and the human experience of investing across asset classes. Private investments such as venture capital, hedge funds, and private equity, make up roughly 25% of the investment universe. Traditionally, investors, advisors, banks, families, and managers track hundreds of investments in complicated spreadsheets, file folders, and busy inboxes. Not only is this tedious and time-consuming, but it is rife with opportunity for manual data entry errors, inconsistent reporting, and lost information. Enter, Arch. Arch delivers standardized data, documents, and insights in a single platform, avoiding the need to chase information across dozens or hundreds of 'portals'. Our purpose is to save investors' time while empowering them to make more informed investment decisions, leading to better financial outcomes. We are a fast-growing, dynamic team of 120+, serving over 400 clients, including several of America's largest banks, families, and financial institutions. We've over doubled the size of the company every year since inception and we are looking to hire in all departments as we scale. The role: As a Security Engineer on the Security team, they will focus on safeguarding Arch's enterprise infrastructure, managing identity security, implementing zero trust models, hardening critical services and endpoint systems, and ensuring the secure integration and operation of our extended workforce and third-party SaaS applications. Key responsibilities: * Design, implement, and maintain enterprise-wide identity and authentication solutions, ensuring security and compliance. * Develop and deploy Zero Trust frameworks to strengthen access control and reduce risk. * Evaluate and manage third-party SaaS applications for compliance with Arch's security standards. * Collaborate with IT, engineering, and compliance to secure endpoints and manage access for extended workforce and contractors. * Identify, assess, and mitigate security risks across enterprise applications and third-party integrations. * Promote security awareness by educating employees on best practices and data protection. * Support Security and IT Operations in diagnosing and resolving enterprise security issues. * Foster secure productivity in a dynamic, fast-paced environment. Talk to us about your experience with: * Infrastructure - IAM (Okta), AWS, Google Workspace. * Security Fundamentals - OWASP, NIST, CIS Benchmarks, ISO 27001, SOC 2 * Authentication & Access - SSO, MFA, SCIM, LDAP, Zero Trust, least privilege * Automation & Scripting - Python, PowerShell, Bash, automation of identity/security workflows A Note about us: All of our full-time roles are based onsite at our New York City office, where our team thrives on in-person collaboration and dynamic teamwork. Being onsite daily enables us to build strong connections, collaborate effectively to solve challenges, and foster an engaging environment focused on shipping product and delivering exceptional service to our clients. We encourage applicants currently located in or willing to relocate to the NYC area to join us in this exciting, hands-on workspace. Some perks of working for Arch include: * Strong Team - You'll be backed by a strong team that consistently exceeds client expectations and ships new products quickly. * Your work is high impact - Being part of a small team means you have real responsibility and impact from day one. You'll be involved in discussions that drive the growth and direction of our platform from the very beginning. * Product Market Fit - We have strong product market fit, exceptionally low churn, and have grown mostly organically through word of mouth. * Team community and camaraderie - We have enormous trust in each other and always do what we can do to support one another. We're always ready to step in to help. * Great office - we've invested in a great space for the Arch team to come together, at 18th and Park in Manhattan (the old Buzzfeed / NYT headquarters). * Lunch is on Us - Grab lunch on us while you're in the office and take a break to laugh, brainstorm, or just hang out with your teammates over a meal.

Our Company Arch is a Series B financial technology company that automates the management of private investments, improving access, understanding, and the human experience of investing across asset classes. Private investments such as venture capital, hedge funds, and private equity, make up roughly 25% of the investment universe. Traditionally, investors, advisors, banks, families, and managers track hundreds of investments in complicated spreadsheets, file folders, and busy inboxes. Not only is this tedious and time-consuming, but it is rife with opportunity for manual data entry errors, inconsistent reporting, and lost information. Enter, Arch. Arch delivers standardized data, documents, and insights in a single platform, avoiding the need to chase information across dozens or hundreds of ‘portals'. Our purpose is to save investors' time while empowering them to make more informed investment decisions, leading to better financial outcomes. We are a fast-growing, dynamic team of 120+, serving over 400 clients, including several of America's largest banks, families, and financial institutions. We've over doubled the size of the company every year since inception and we are looking to hire in all departments as we scale. The role: As a Security Engineer on the Security team, they will focus on safeguarding Arch's enterprise infrastructure, managing identity security, implementing zero trust models, hardening critical services and endpoint systems, and ensuring the secure integration and operation of our extended workforce and third-party SaaS applications. Key responsibilities: Design, implement, and maintain enterprise-wide identity and authentication solutions, ensuring security and compliance. Develop and deploy Zero Trust frameworks to strengthen access control and reduce risk. Evaluate and manage third-party SaaS applications for compliance with Arch's security standards. Collaborate with IT, engineering, and compliance to secure endpoints and manage access for extended workforce and contractors. Identify, assess, and mitigate security risks across enterprise applications and third-party integrations. Promote security awareness by educating employees on best practices and data protection. Support Security and IT Operations in diagnosing and resolving enterprise security issues. Foster secure productivity in a dynamic, fast-paced environment. Talk to us about your experience with: Infrastructure - IAM (Okta), AWS, Google Workspace. Security Fundamentals - OWASP, NIST, CIS Benchmarks, ISO 27001, SOC 2 Authentication & Access - SSO, MFA, SCIM, LDAP, Zero Trust, least privilege Automation & Scripting - Python, PowerShell, Bash, automation of identity/security workflows A Note about us: All of our full-time roles are based onsite at our New York City office, where our team thrives on in-person collaboration and dynamic teamwork. Being onsite daily enables us to build strong connections, collaborate effectively to solve challenges, and foster an engaging environment focused on shipping product and delivering exceptional service to our clients. We encourage applicants currently located in or willing to relocate to the NYC area to join us in this exciting, hands-on workspace. Some perks of working for Arch include: Strong Team - You'll be backed by a strong team that consistently exceeds client expectations and ships new products quickly. Your work is high impact - Being part of a small team means you have real responsibility and impact from day one. You'll be involved in discussions that drive the growth and direction of our platform from the very beginning. Product Market Fit - We have strong product market fit, exceptionally low churn, and have grown mostly organically through word of mouth. Team community and camaraderie - We have enormous trust in each other and always do what we can do to support one another. We're always ready to step in to help. Great office - we've invested in a great space for the Arch team to come together, at 18th and Park in Manhattan (the old Buzzfeed / NYT headquarters). Lunch is on Us - Grab lunch on us while you're in the office and take a break to laugh, brainstorm, or just hang out with your teammates over a meal.

GRIMM researches and develops the art of the possible in business modernization and computing technologies through cybersecurity, sensors, tools, analytics, frameworks, modeling and simulation, automated testing, cyber range Installation, Operations, and Maintenance (IOM), consulting, and intelligence. Our practices build on extensive experience in cyber mission support for national defense, and commercial service improvement and consulting. Our engineers and subject matter experts (SMEs) learned their trade from real-world engagements, not just textbooks. Job Description Cyber Engineer - Senior We're searching for Cyber Engineer - Senior to support the client's tactical and strategic approaches for mission and ways forward. Provide technical and engineering support in the exploitation and/or remediation of infrastructure and computer systems. Understanding in information assurance, with expertise in computer and telecommunication network systems and cyber operations. Assist in researching new concepts for developing situational awareness and vulnerability tools to support CNO efforts. Assist the Government with the identification, exploitation, and/or remediation of infrastructure and system vulnerabilities; developing and implementing offensive and/or self-defending networks; developing and defending effects-based capabilities; and reverse engineering of systems exploitations to include computer forensics, and analysis of binaries, assembly language, source code, and/or malicious logic code. Direct performance of a major program, project, or activity relating to Information Technology, Ethical Hacking, Cyber Security, and/or Information Assurance. LOCATION In Quantico, Virginia area We promote a Drug-Free Workplace, are an Equal Opportunity Employer (EOE) and Affirmative Action Employer. Qualifications GRIMM researches and develops the art of the possible in business modernization and computing technologies through cybersecurity, sensors, tools, analytics, frameworks, modeling and simulation, automated testing, cyber range Installation, Operations, and Maintenance (IOM), consulting, and intelligence. Our practices build on extensive experience in cyber mission support for national defense, and commercial service improvement and consulting. Our engineers and subject matter experts (SMEs) learned their trade from real-world engagements, not just textbooks. Cyber Engineer - Senior We're searching for Cyber Engineer - Senior to support the client's tactical and strategic approaches for mission and ways forward. REQUIREMENTS Minimum 7 years, performing above referenced duties with the following recent hands-on experience; Senior-level or technical lead in a related position on a major program, project, or activity. Information Technology, Ethical Hacking, Cyber Security, and/or Information Assurance. Must be a US Citizen with TS/SCI Full Scope Clearance. Must have a Bachelor's or Masters or PhD Degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Computer and Information Security, Computer Security, and/or Network Administration from an accredited university/college. LOCATION In Quantico, Virginia area We promote a Drug-Free Workplace, are an Equal Opportunity Employer (EOE) and Affirmative Action Employer. Additional Information GRIMM offers security engineering and consulting services, backed by the research and development, to deliver the art of the possible in cybersecurity. We specialize in breaking things, discovering vulnerabilities, and demonstrating impact to solve complex cybersecurity problems. GRIMM services government and commercial clients from a diverse range of industries. We work in hardware, firmware, and software across traditional enterprise computing, embedded devices, automobiles, planes, drones, energy, and mobile. This is not your ordinary company! This is a collection of the best people in cybersecurity that you have likely never encountered in one place. GRIMM is a team of industry leaders, which includes the largest number of DEF CON CTF Black Badge holders in a single company. We are looking for people at all levels, with a passion for cybersecurity who want to help grow and shape the industry. We promote a Drug-Free Workplace, are an Equal Opportunity Employer (EOE) and Affirmative Action Employer. Visit our career site at ************************

As passionate about our people as we are about our mission. Why Join Q2? Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology-and we do that by empowering our people to help create success for our customers. What Makes Q2 Special? Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together. As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. Provide security guidance and best practices to engineering teams throughout the software development lifecycle. Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. Perform security assessments, including threat modeling and architecture reviews for new features and applications. Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. Deliver secure coding training and resources to engineering teams to foster a security first culture. Own and lead the Security Champions program to drive secure practices and cross-functional engagement. Things You Will Need to Be Successful in This Role Typically requires a Bachelor's degree in a technical field such as Computer Science, Information Security, Information Technology or equivalent experience and may require up to 2 years of related experience; or an advanced degree without experience. Proficiency with code scanning tools (e.g., SAST, DAST) Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. Strong analytical skills to interpret scan results and prioritize remediation efforts. Certifications (Preferred): CSSLP or relevant security certifications. Excellent communication and collaboration skills to work effectively with cross-functional teams. A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle. This position requires fluent written and oral communication in English. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time. Health & Wellness Hybrid Work Opportunities Flexible Time Off Career Development & Mentoring Programs Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents Community Volunteering & Company Philanthropy Programs Employee Peer Recognition Programs - “You Earned it” Click here to find out more about the benefits we offer. Our Culture & Commitment: We're proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare-offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact-in the industry and in the community. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status. Applicants in California or Washington State may not be exempt from federal and state overtime requirements