Senior Security Engineer jobs at Google

MANTECH seeks a motivated, career and customer-oriented Cyber Security Engineer Lead to join our team in Springfield, VA. The Cyber Security Engineer Lead is responsible for the detection, identification, analysis, and reporting of cyber threats, intrusions, anomalous activities, and potential misuse of systems. This role supports the protection of customer's digital assets and sensitive data through the administration, monitoring, and continuous improvement of cybersecurity technologies and processes. Responsibilities include but are not limited to: Threat Detection & Response: Identify, assess, and report potential cyber-attacks, intrusions, and abnormal system behaviors. Participate actively in incident response and recovery activities. Technology Administration: Administer and maintain systems supporting Identity Management, Privileged User Access, Access Control (firewall), End Point Protection, Internet Protection, Vulnerability Scanning, and Security Information and Event Management (SIEM) tools. Mitigation & Remediation: Develop and implement enterprise-level mitigation strategies to address complex vulnerabilities. Operational Support: Ensure proper installation, testing, patching, upgrading, and performance of cybersecurity tools and applications. Maintain system resiliency and availability across all managed technologies. Policy Enforcement & Compliance: Enforce cybersecurity policies, standards, and best practices in alignment with ManTech's security framework and regulatory requirements. Leadership & Collaboration: Lead or participate in cross-functional projects and initiatives. Provide technical mentorship and subject matter expertise to junior team members.; Continuous Improvement: Interpret internal and external cybersecurity trends and business challenges; recommend and implement innovative solutions to strengthen the enterprise security posture. Monitor intrusion detection and prevention systems and other security event data sources; determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures. Minimum Qualifications: Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, or a related Cyber Security field. Certified Information Systems Security Professional (CISSP) certification (required within 6 months of assignment to the position, otherwise failure to obtain certification within 6 months of assignment to the position may result in removal). 8+ years of relevant cybersecurity experience, including hands-on technical administration and operational security support. Strong analytical and problem-solving abilities Deep knowledge of cybersecurity frameworks, principles, and technologies Proficiency in SIEM, endpoint protection, and identity management tool Must be able to travel up to 25% Preferred Qualifications: Have a good understanding of DISA compliance directives and recommend having knowledge of the JSIG. Ability to lead small teams or projects Excellent communication and influence skills; Strong judgment in identifying and mitigating security risks Correlate data from intrusion detection and prevention systems with data from other sources Clearance Requirements: Must have current/active TS/SCI with the ability to obtain and maintain a Yankee White security clearance Physical Requirements: Must be able to remain in a stationary position 50% The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

MANTECH seeks a motivated, career and customer-oriented Senior Information System Security Officer (ISSO) to join our team in Huntsville, Alabama. Responsibilities include, but are not limited to: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS and that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Provide liaison support between the system owner and other IS security personnel Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis; Conduct required IS vulnerability scans according to risk assessment parameters Manage the risks to ISs and other FBI assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs). Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for FBI ISs to maintain security Authorized to Operate (ATO); Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an FBI IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR; Working knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes Minimum Qualifications: Must meet one of the following levels of experience: A high school diploma/GED and 7 years' experience, a bachelor's degree in computer science cybersecurity or a related discipline and five years' experience, or a master's degree in computer science cybersecurity or a related discipline and 3 years' experience. Hold at least one of the following Information Assurance Management (IAM) Level III certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or equivalent certifications Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications Preferred Qualifications: A bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline Clearance Requirements: Must have a current/active Top Secret security clearance with eligibility to obtain SCI prior to starting this position. Selected candidate must be willing to undergo a Polygraph. Physical Requirements: Must be able to remain in a stationary position 50% Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer Often positions self to maintain computers in the lab, including under the desks and in the server closet Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

MANTECH seeks a motivated, career and customer-oriented Personnel Security Specialist II to join our team in El Segundo, CA. The Personnel Security Specialist's primary function is to handle personnel security functions in support of the customer's facility and organization. The position will provide “day-today” PERSEC services for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Responsibilities include but are not limited to: Build and Maintain tracking spreadsheets/databases for customer PERSEC activities. Provide support for the security awareness and education programs. Perform miscellaneous administrative support functions as directed by the contractor site lead and/or the Government Security Representative. Review, track, and monitor security clearance processing activities with appropriate government personnel to achieve appropriate clearance actions. Conduct Defense Central Index of Investigations (DCII), Joint Personnel Access System (JPAS), and SAPNP reviews of candidates being submitted for SAP access. Perform data entry and record checks in the Joint Access Database (JADE) and maintain all customer sponsored personnel access information. Receive and/or transmit classified visit requests as necessary to meet customer needs. Minimum Qualifications: Bachelor's degree; an additional 4 years of experience may be considered in lieu of degree. 6 + years of related experience. 4 + years of relevant SCI experience. Must be familiar with security policy/manuals and the appropriate ICDs/JAFANs/DOD Manuals and other guiding policy documents. Preferred Qualifications: 2+ years of SAP-related experience. Clearance Requirements: Current Top Secret Clearance with SCI Eligibility. Eligibility for access to Special Access Program Information. Willingness to submit to a polygraph. Physical Requirements: Must be able to remain in a stationary position 50%. Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

Job Title: Lead SAP Security Consultant Duration: 12 Months plus only on w2 We are looking for a Senior/Lead SAP Security Consultant with strong experience in SAP authorization design, GRC tools, and IAM/SSO integration. The ideal candidate will act as a security architect, lead team members, and support SAP transformation initiatives. Key Responsibilities Lead SAP Security architecture and role design across SAP landscapes. Integrate SAP Security with IAM and SSO platforms for secure access. Manage and mentor the SAP Security team; coordinate with SAP, IT Security, Infrastructure, and external vendors. Build and manage roles using PFCG, and oversee SAP user administration. Work with SAP GRC tools including Firefighter, Access Enforcer, Compliance Calibrator. Required Skills 10+ years of SAP Security experience. Deep expertise in: SAP Authorization & Role Design SAP GRC (Access Control, Firefighter, Access Enforcer) PFCG & user administration IAM & SSO integration Strong leadership and communication skills.

Job Title: Lead SAP Security Consultant Duration: 12 Months plus only on w2 We are looking for a Senior/Lead SAP Security Consultant with strong experience in SAP authorization design, GRC tools, and IAM/SSO integration. The ideal candidate will act as a security architect, lead team members, and support SAP transformation initiatives. Key Responsibilities Lead SAP Security architecture and role design across SAP landscapes. Integrate SAP Security with IAM and SSO platforms for secure access. Manage and mentor the SAP Security team; coordinate with SAP, IT Security, Infrastructure, and external vendors. Build and manage roles using PFCG, and oversee SAP user administration. Work with SAP GRC tools including Firefighter, Access Enforcer, Compliance Calibrator. Required Skills 10+ years of SAP Security experience. Deep expertise in: SAP Authorization & Role Design SAP GRC (Access Control, Firefighter, Access Enforcer) PFCG & user administration IAM & SSO integration Strong leadership and communication skills.

Design and implement advanced security architectures across cloud, on-prem, and hybrid environments while driving Zero Trust, SASE, and cloud-native security initiatives. Lead global strategic programs, network modernization efforts, and rapid tactical responses to critical incidents, converting gaps into standards and governance. Develop security reference architectures, HLD/LLD solution packages, and Infra-as-Code-driven delivery models aligned with enterprise transformation goals. Conduct threat modeling, risk assessments, and gap analysis across applications, infrastructure, APIs, containers, and third-party integrations. Implement cloud and DevSecOps security controls, integrating tooling into CI/CD pipelines and enforcing secure coding and IaC policies. Build security automation, SOAR playbooks, and SIEM integrations to streamline detection, vulnerability management, compliance, and response workflows. Enhance detection engineering through custom rules, behavioral analytics, log enrichment, and purple-team/adversary emulation exercises. Provide cross-functional leadership for initiatives involving cloud migration, AI/ML, M&A, and digital modernization, presenting strategies and risk posture to executive stakeholders.

Immediate need for a talented Senior Cloud Security Engineer . This is a 04 months contract opportunity with long-term potential and is located in Elkhorn,NE(Remote). Please review the job description below and contact me ASAP if you are interested. Job ID:25-94911 Pay Range: $90 - $91.19/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Deploy and configure container scanning tools to ensure secure containerized environments. Analyze vulnerabilities identified through SAST, DAST, SCA, and container scans, prioritizing remediation based on risk. Develop and maintain custom scripts to automate security processes and enhance scanning capabilities. Consult with development teams to provide secure coding guidance and assist with remediation strategies. Onboard applications into DAST scanning workflows, ensuring proper configuration and coverage. Configure and troubleshoot DAST scans, resolving issues related to application accessibility and scan accuracy. Review and validate SAST and SCA findings, confirming or rejecting false positives and “mitigated by design” claims from development teams. Document findings, create actionable reports, and communicate technical details effectively to stakeholders. Key Requirements and Technology Experience: Key Skills; Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Ability to troubleshoot complex scanning issues and optimize configurations for accuracy and performance. Strong analytical skills for vulnerability triage and risk prioritization. Excellent communication skills for consulting with development teams and explaining technical findings. Experience integrating security tools into CI/CD pipelines. Familiarity with cloud-native security (AWS, Azure, GCP) and container orchestration (Kubernetes). Knowledge of API security testing and microservices architecture. Exposure to DevSecOps practices and security automation frameworks. Relevant certifications such as OSWE, GWAPT, or CSSLP. Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

We are looking for a Developer Security professional with strong expertise in DevOps and Cloud Computing. In this role, you will design, develop, and implement secure, scalable software solutions across the full Secure Software Development Life Cycle (SDLC) - from conception to deployment. Familiarity with CI/CD pipelines is essential, and experience with Kubernetes is a plus. Responsibilities Design and develop Terraform scripts for infrastructure automation. Automate cloud deployments and ensure secure configurations. Install and configure products on Kubernetes clusters. Develop and unit test software components following best practices. Collaborate with business partners to translate requirements into technical solutions. Work closely with architects and enterprise framework teams to deliver optimal solutions. Ensure non-functional requirements (security, performance, scalability, maintainability, usability, reliability) are met. Maintain code quality standards and perform appropriate testing. Qualifications 8+ years of experience in software development and security. Strong knowledge of cloud deployments and Terraform. Familiarity with middleware technologies (WebLogic, Tomcat, JBoss). Experience with Spring Boot and Agile development methodologies. Proficiency in CI/CD pipelines and GIT-based source control. Solid understanding of the secure software development lifecycle. Experience with Kubernetes, React, and Docker. Knowledge of web technologies and application servers. Skills Terraform Kubernetes Cloud Deployment Middleware (WebLogic, Tomcat, JBoss) Spring Boot CI/CD pipelines GIT-based source control Rate: $75-95/HR

DNI is on the lookout for a Senior Cyber Security Analyst - Information Systems Security Manager (ISSM) to deliver expert guidance in Information Systems Security and cybersecurity support for the Enterprise Information Services at the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), located at the Savannah River Site (SRS) in Aiken, SC. Requirements Reports to the Chief Information Security Officer (CISO) and Program Manager. Oversee the Authority to Operate (ATO) lifecycle, manage risk assessments, develop and monitor Plan of Action and Milestones (POAMs), ensuring compliance with security standards and timely mitigation of organizational boundary security risks. Actively participate in the bi-weekly accreditation boundary meetings and keep the AODR informed of any changes/updates to eRAMS/POA&Ms/STAR items or any new VPM and CM issues that may arise. Provide technical and procedural cyber security advice to DOE, associate contractor partners, and Industrial Control Systems (ICS) teams as necessary. Oversee operational information systems security implementation programs. Coordinate with Information System Security Officer (ISSO) or PSO on approval of External Information Systems (e.g. guest systems, interconnected system with another organization). Oversee ISSOs to ensure they follow established policies and procedures and timelines. Ensure CM policies and procedures for authorizing the use of hardware/software on an IT system are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the AODR prior to the addition, change or modification. ISSM shall have authority to veto any proposed change they feel is detrimental to security in boundaries under their purview. Appeals on an ISSM/ISSO veto may be taken to the AODR. Ensure approved procedures are used for sanitizing and releasing system components and media as necessary. Ensure proper measures are taken when cyber security incident or vulnerability is discovered. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Manage, maintain, and execute the information security continuous monitoring plan. Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AODR; and assess changes to the system, its environment, and operational needs that could affect the security authorization. Other related tasks as assigned. Support information technology (IT) security goals and objectives and reduce overall organizational risk; Advise senior management (e.g., Chief Information Security Officer [CISO] and Chief Information Officer [CIO] on risk levels and security posture.); Advise appropriate senior leadership of changes affecting the organization's cybersecurity posture; Communicate the value of information technology (IT) security. Knowledge, Skills, and Abilities: Highly organized individual with exceptional communication skills, ensuring all stakeholders are consistently informed and updated as required. Excellent written and oral communication skills (writing samples may be requested). Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result. Ability to identify problems, brainstorm and analyze answers, and implement the best solutions. Ability to develop and review security related procedures or processes and reports. Demonstrated ability to provide clear, precise, and factual information to senior leaders, team members, and external stakeholders. Capable of attending all customer-required meetings and promptly providing responses as requested. Familiarity with applicable regulations affecting Cyber Security NIST 800 Series Standards. Clearance: Must possess (or be able to obtain) a “Q” level security clearance. Education: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for education on a year-for-year basis. Experience: 7+ years in IT security or related field. Authority to Operate Life Cycle (ATO), Risk Management, POAMS & Milestones Certification: Highly desired certifications: Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) Benefits Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Are you considering a new role in Cyber Security and want to work in a company that is helping to change the world? Consider joining an organization serving the global scientific research community, supporting the brightest minds on the planet. Are you a collaborative Incident Response Engineer looking to work for a mission driven global organization? About the role, Elsevier is expanding its Global InfoSec Security Incident Response team. As a Security Incident Response Engineer, you will play a crucial role in our internal security support team, assisting with incident response investigations. This team is entrusted with analyzing, triaging, scoping, containing, and providing guidance for remediation, as well as determining the root cause of security incidents. This team also is empowered by collecting and analyzing security incident-related data to identify indicators of attack and compromise. Responsibilities: Assisting in scoping security incidents and identifying indicators of attack and compromise. Analyzing incident data from threat analytics tools. Communicating recommendations and guidance based on security incident analysis. Coordinating responses to security incidents with other security and consulting teams. Developing, documenting, and implementing runbooks, capabilities, and techniques for Incident Response. Performing security triage and analysis on endpoint, server, and network infrastructure. Conducting activities necessary for immediate containment and short-term resolution of incidents. Maintaining current knowledge of the threat landscape, emerging security threats, and vulnerabilities. Investigating the root cause of complex security incidents. Maintaining a high level of confidentiality. Requirements Possess experience in cybersecurity incident response or related fields. Proven ability to analyze, triage, scope, contain, and remediate security incidents. Have current and extensive knowledge of security technologies, tools, and processes. Experience with major cloud providers, including cloud security, networking, and multi-cloud or hybrid deployments. Have current skills in automation using PowerShell, Python, Java, or similar languages. Experience in Linux and/or Mac administration. Experience in Network Security Administration or Systems Administration. Experience supporting large, complex, and geographically distributed enterprise environments. Preferred certifications: CISSP, CISM, SANS, GIAC, ethical hacking/penetration tester, or security risk assessment. Elsevier employs 10,000 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

Role: Cybersecurity Manager Duration: 6+ months Summary: The Cybersecurity Manager leads global cybersecurity operations, incident response, cloud security, and vulnerability management across IT, OT, and cloud environments. This role drives security maturity, manages SOC functions, and ensures compliance with frameworks like ISO 27001, NIST, and ITAR. Key Responsibilities:Lead cybersecurity operations, including SOC oversight, threat detection, and endpoint security. Manage incident response for ransomware, APT, insider threats, and major security events. Oversee vulnerability and patch management programs (Tenable, Automox, CrowdStrike). Strengthen cloud and identity security across Azure, Entra ID, and Microsoft 365. Implement Zero Trust architecture and secure configuration standards. Support compliance efforts (ISO 27001, NIST CSF/800-53/171, ITAR, GDPR, HIPAA, PCI). Lead global cybersecurity teams, contractors, and MSSP partners. Provide executive-level reporting on risk posture, incidents, and security metrics. Requirements:10+ years of cybersecurity experience with leadership responsibilities. Strong background in SOC operations, IR, EDR, SIEM/SOAR, and cloud security. Hands-on experience with Sentinel, XSOAR, CrowdStrike, Defender, Tenable. Knowledge of ISO 27001, NIST, ITAR, and broader regulatory frameworks. Strong communication, team leadership, and cross-functional collaboration skills.

Immediate need for a talented Information Security Analyst - Lead . This is a 09+ months contract opportunity with long-term potential and is located in Atlanta,GA(Hybrid). Please review the job description below and contact me ASAP if you are interested. Job ID:25-93807 Pay Range: $68 - $68.61/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Act as a liaison between cybersecurity metric owners, data engineers, and governance teams to ensure accurate and timely metric development. Facilitate metric working sessions to define metric name, definition, calculation, system of record, and critical data elements (CDEs). Support the documentation and validation of metric logic and data lineage. Coordinate and lead standing meetings to provide updates, manage timelines, and escalate blockers or data challenges. Review and validate data quality and completeness of metric inputs in coordination with data engineers. Support the development of root cause commentary and trend analysis for metrics that breach established thresholds. Partner with control and process owners to align metrics with applicable frameworks (e.g., NIST CSF, CIS, FFIEC). Prepare clear, concise executive-level summaries and presentations on metric performance and risk trends. Maintain oversight of multiple metrics in different stages of the build lifecycle, ensuring governance and consistency. Contribute to continuous improvement of the metrics program, including standardization, automation, and data quality enhancements. Key Requirements and Technology Experience: Key Skills;Metrics governance/Risk Metrics/Performance Metrics . Bachelor's degree or five years of related experience or an equivalent combination of education and experience In-depth knowledge of principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management, etc.) Understands foundational concepts of other related professional disciplines. Experience managing small projects Ability to interpret and explain complex information to a range of audiences and build consensus among different stakeholders. Ability to provide direction and mentor less experienced teammates Strong organizational skills with the ability to manage multiple priorities simultaneously. Excellent written and verbal communication skills, including experience drafting executive summaries. Proficiency in Microsoft Excel, PowerPoint, and collaboration tools (e.g., Teams, SharePoint). 5-7 years of experience in cybersecurity, risk management, technology project coordination, or data analytics. Familiarity with cybersecurity domains (e.g., vulnerability management, DLP, IAM, cloud security, incident management). Working knowledge of risk and performance metric design, including KRIs, KPIs, and operational indicators. Experience gathering and documenting business requirements and translating them into actionable data or metric logic. Basic understanding of SQL or ability to read data dictionaries and data mappings. Exposure to cyber control frameworks such as NIST CSF, ISO 27001, or CIS. Exposure to Agile or iterative project delivery methods. Cybersecurity/Risk management Vulnerability management Stakeholder engagement . Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Job Title: Technology - Security Analyst Senior Duration: Long term contract Experienced professional responsible for implementing, maintaining, monitoring, and troubleshooting enterprise-wide security systems. Supports 24/7 availability, mentors junior staff, and ensures compliance with security frameworks and policies. ✅ Core Responsibilities: Implement and manage enterprise security systems, including cloud-based (AWS/Azure). Perform security audits, risk analysis, and vulnerability assessments. Conduct log analysis via SIEM tools; respond to security incidents. Lead incident response, threat hunting, and forensic analysis. Maintain firewalls, encryption systems, and endpoint protections. Develop and enforce security policies, SOPs, and compliance protocols. Manage user access, logical security, and secure configurations. Collaborate cross-functionally on infrastructure and software security. Support regulatory compliance with standards (e.g., NIST, COBIT). Train and mentor team members; provide escalated issue resolution. Evaluate and onboard new security technologies. ✅ Technical Skills Required: Operating Systems: Windows (5+ years), Linux is a plus Cloud Platforms: AWS (EC2, IAM, Security), Azure (AD, Sentinel, Security Center) Security Tools: SIEM (e.g., Splunk), Firewalls, IDS/IPS, Endpoint Protection Scripting: PowerShell, Python, VBScript, Regex Frameworks & Compliance: NIST, COBIT, ISO 27001, ITIL Forensics & IR: Evidence gathering, threat profiling, penetration testing Documentation: RFPs, RFIs, policy writing, technical reporting Protocols: TCP/IP, DNS, HTTP/S, LDAP, SNMP, VPN, SSH ✅ Soft Skills & Abilities: Critical thinking and creative problem-solving Leadership in projects and incident response Effective communication (written and verbal) Mentoring and knowledge-sharing Ability to prioritize and work independently under pressure Collaboration across departments and vendors ✅ Educational Requirements: Preferred: Bachelor's degree in CS, InfoSec, or related Alternate: 8 years equivalent experience in system/security administration ✅ Experience Requirements: Minimum: 4 years in security/system admin in enterprise IT Mandatory: 5 years in Windows environment ✅ Required Certifications (any 2 or equivalent): Security & Compliance: GIAC GMON, GPCS, DoD 8570 certs Cloud & Microsoft: AWS: Cloud Practitioner, Solutions Architect, Security Specialty Azure: Fundamentals, Security Ops/Engineer, Solutions Architect MCSE Aviatrix Certified Engineer (ACE)

" Previous experience in sap security design or basis or development role. " Proficient understanding of sap systems, identity management, auditing tools, modules, and their integration points to effectively manage and control user access " Working and security knowledge tied to sap vulnerability assessment and management, siem and threat management. " Working knowledge of sod (segregation of duties) analysis, sensitive transactions analysis, sap development (includes abap), sap modules, solution manager and transport system, basis component, netweaver, sap-gui, and portals. " Understanding of rfc connections, fiori and workzone security for top-down business role and design. " Strong knowledge of information security principles, frameworks and data protection laws to ensure compliance with the organizations information security policies. " Bachelor's degree in information technology, computer science or a related field. Good to have: cissp, other security certification, or sap security certification.

Job Title: Security Data Analyst - Junior Level Duration: Long-term (24+ Months) Scope: Provide an entry-level Safety & Security Data Analyst to support the OIA's data collection and reporting needs. Responsibilities Include: Gathering and organizing safety and security data from multiple sources. Maintaining accurate records and ensuring data integrity. Performing basic data analysis using Microsoft Excel (pivot tables, charts, formulas). Creating simple reports, charts, and summaries to support decision-making. Collaborating with internal teams to collect and validate data. Minimum Qualifications: Strong proficiency in Microsoft Excel. Experience with data collection and basic reporting. Attention to detail and ability to maintain accurate records. Good communication skills and ability to work in a team environment. Ability to maintain confidentiality and protect the integrity of sensitive and proprietary data. Preferred Qualifications: Familiarity with basic data visualization techniques. Familiarity with Python and SQL is a plus. Familiarity with Microsoft PowerBI and DAX queries is a plus. Exposure to safety, security, or transportation-related data is a plus.

We are seeking a Senior Software Engineer with strong expertise in application security to join a forward-thinking technology team focused on enhancing secure software development practices. This role combines deep technical knowledge with the ability to collaborate across engineering and security teams to ensure robust, secure applications. Role Overview The ideal candidate will have a software development background (Java and JavaScript preferred) and hands-on experience in application security, including vulnerability analysis, remediation strategies, and secure coding principles. This position requires strong communication skills to act as a bridge between development and security teams, driving best practices and influencing architecture decisions. Key Responsibilities Implement and manage software security testing techniques aligned with enterprise standards. Analyze and assess open-source vulnerabilities, including zero-day threats, and determine impact on applications. Develop and execute remediation plans for identified risks, including code refactoring and dependency updates. Champion secure coding practices and lead security reviews across engineering teams. Provide technical designs and recommendations to reduce vulnerabilities and improve security posture. Collaborate with development, architecture, and security teams to integrate security into the software delivery lifecycle. Stay current on emerging threats, tools, and best practices in application and cloud security. Desired Skills & Competencies Strong experience in application security testing and software composition analysis. Knowledge of web application security, cloud security, and container security. Familiarity with OWASP, CWE, CVE standards and vulnerability mitigation techniques. Hands-on experience with tools such as Sonatype, Qualys, SonarQube, and AWS Inspector. Proficiency in Java, JavaScript, and Python. Working knowledge of AWS services, Docker, Terraform, and DevSecOps practices. Excellent communication skills and ability to influence technical and non-technical stakeholders. Preferred Qualifications Bachelor's degree in Computer Science or related field (AWS and security certifications a plus). Experience collaborating with cross-functional teams and driving secure development initiatives. Familiarity with industry-standard tools for code quality, repository management, and CI/CD pipelines.

Delta Information Systems, Inc. is seeking a highly skilled Information Security Specialist to protect and secure critical systems, data, and intellectual property in a fast-paced Aerospace & Defense environment. This role is responsible for implementing and managing security controls, ensuring compliance with strict regulatory requirements, and defending against advanced cyber threats. The ideal candidate will bring deep technical knowledge, strong problem-solving skills, and the ability to work across teams to maintain the confidentiality, integrity, and availability of sensitive information that supports our national security mission. This is a fully onsite position located in Horsham, PA. Key Responsibilities Implement, monitor, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM platforms. Perform continuous monitoring, vulnerability assessments, penetration testing, and risk analysis of systems and networks. Ensure compliance with DoD, NIST 800-171, CMMC, ITAR, DFARS, and other regulatory frameworks. Champion the company's certification to CMMC Level 2. Develop, document, and enforce cybersecurity policies, procedures, and incident response plans. Support Government and customer security audits, preparing evidence and remediation plans as required. Investigate and respond to cybersecurity incidents, performing root-cause analysis and recommending corrective actions. Collaborate with IT, Engineering, Program Management, and Security teams to embed cybersecurity best practices into operations and product development. Provide cybersecurity awareness training to employees with a focus on handling sensitive defense-related data. Stay current on emerging cyber threats, nation-state tactics, and evolving compliance regulations impacting aerospace and defense. Qualifications Required: Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in information security, IT security operations, or cybersecurity. Strong knowledge of NIST 800-171, CMMC, and DFARS cybersecurity requirements. Experience developing, implementing and achieving CMMC compliance. Experience supporting DoD or government contracts with cybersecurity compliance needs. Hands-on experience with security infrastructure: SIEM, IDS/IPS, endpoint security, and network monitoring tools. Strong understanding of Windows, Linux, and cloud environments (Microsoft Office 365, Deltek Costpoint). Excellent analytical, documentation, and communication skills. U.S. Citizenship (required due to defense industry regulations). Preferred: Active security clearance (Secret or higher), or ability to obtain one. Relevant certifications: CISSP, CISM, Security+, CEH, or GIAC. Experience with RMF (Risk Management Framework) and STIG compliance. Familiarity with secure software development, DevSecOps practices, or classified system security. Compensation Competitive salary Outstanding benefits package 100% Paid Coverage for Medical, Dental, and Vision 401(k) Employer Match Employee Stock Ownership Program (company funded) Life Insurance (company funded) Short-Term Disability (company funded) Long-Term Disability (company funded) Vacation & Sick Holidays: 11 days HealthCare FSA Dependent Care FSA What We Offer Opportunities for training, certifications, and career growth. A mission-driven culture where your work contributes to national security. Exposure to advanced technologies and programs critical to the aerospace and defense sector. About Delta Information Systems, Inc. Delta Information Systems (DIS) is an industry-leading supplier of high-quality aerospace telemetry products for Flight Test, Missile Test, Range Safety, Launch Support and Satellite Command and Control applications. Their products address the complete telemetry chain from Data Acquisition, Storage, Transport and Distribution to Telemetry Processing and Display. DIS customers include all DoD entities, all Major Primes, Integrators, Gov Labs, Aircraft & Missile Manufacturers, & Launch Facilities. In addition, Delta Information Systems (DIS) designs and develops sophisticated electronic equipment that is specifically designed to reliably operate in harsh environments. They deliver critical video communications capability for manned and unmanned Intelligence, Surveillance and Reconnaissance (ISR) programs.

Job Title: Azure Cloud Security Engineer - W2 only - we can provide sponsorship as well Duration: Long Term Top Skills: Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. The Expertise and Skills You Bring 8+ years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Bonus skills Advanced Azure Certifications