Information security analyst jobs in Bellingham, WA

Knight Federal Solutions is a trusted provider to industry leading prime contractors, the Department of Defense and the Intelligence Community. We have established a company culture that supports our employees, their families and the communities in which they live and work. When you join our team you belong to a group of people that work hard, strive for greatness and care about people. Our hard work is evident in everything we do. Whether it be supporting large government programs in the areas of Simulation and Training, Information Technology, Intelligence or Engineering we always strive to be the best. It is for this reason that we have been recognized as a World Class Team Supplier by Northrop Grumman and were also named one of Florida's fastest growing companies by Inc. Magazine. As Knight Federal Solutions continues to grow, we look forward to hiring the best and the brightest to join us in our success! Responsibilities Conducts analysis using intelligence and information from multiple sources to assess, interpret, forecast, and explain a range of national security issues and developments that are regional or functional in nature. Provides all-source analytic support to collections, operations, investigations, and other defense intelligence analytic requirements. Support the Mobility & Sustainment team Requirements 3+ years of experience producing all-source intelligence analysis reports and briefings and input to IC databases Experience with all-source intelligence analysis and production on foreign national cyber military capabilities and foreign use of cyberspace, including but not limited to doctrine, intent, operations, supporting services and infrastructure, and vulnerabilities Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings Knowledge of IC and Combatant Command environments Ability to develop high-quality deliverables tailored to senior policymakers or defense stakeholders, including complex written products and formal or informal briefings TS/SCI clearance, willingness to take a CI polygraph Bachelor's degree, or 7+ years of experience in all-source analysis in lieu of a degree Preferred 3+ years of experience with transportation and logistics systems, including railroads, roads/highways, bridges, storage facilities, ports, and airfields TS/SCI with a CI Polygraph Experience with network development tools and methods Knowledge of ICD 203/206 analytic tradecraft standards Knowledge of the COMBATANT COMMANDS Knight Federal Solutions provides equal employment opportunities to all qualified individuals without regard to race, color, religion, sex, gender identity, sexual orientation, pregnancy, age, national origin, physical or mental disability, military or veteran status, genetic information or any other protected classification.

Aditi Staffing is an MBE certified, IT Staffing firm in the US offering contract, contract-to-hire & direct hire career opportunities with Fortune Firms. Recently recognized as one of the fastest growing staffing firms and top diversity firm by the Staffing Industry Analysts, Aditi Staffing has been a partner of choice for candidates and clients. Visit our website: http://www.aditistaffing.com/ Job Description Role: Information Security Analyst Location: Information Security Analyst 6-8 years of experience in information security / technology or related field. Advanced verbal and communication skills with diverse cross functioning groups. Strong background and experience in policy development, program administration. In depth knowledge and experience in incident response activities and compliance. Ability to plan, organize and prioritize tasks to complete independently and within time frame established. While technical knowledge of information technology and security issues is highly desirable, technical expertise and resources will be available from units such as Security Operations to support the information security and privacy program. Strong technical writing abilities. Very good understanding of security controls, control systems, and business drivers that impact security controls. Knowledge of SEC, FFC, Sarbanes-Oxley (SOX) and or Gramm-Leach Bliley Act regulatory policies & guidelines. Strong background in security authentication, security applications development methodologies, security architecture and operational procedures, organization, business continuity skills, disaster recovery skills, identity management skills and hands on experience implementing products / solutions e.g. NetIQ, Entrust, Netegrity, Oblix, PKI, and some director service, RSA, strong understanding of the development and maintenance of RBAC s (Role Based Access Controls). Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse cross functional groups of people is required. Good to Have: Knowledge of the following technologies a plus: Intrusion Detection / Prevention Systems for networks and hosts Security Event Management Systems Vulnerability Assessment Systems Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking Windows Systems administration and security tools Experience with remote access, terminal servers, etc a plus Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus Experience in developing and administering an information security program desirable Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable Additional Information Regards, Arun Kumar R arunkr(AT)aditistaffing.com D: 425-457-7916

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

We exist to wow our customers. We know we're doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we're collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. We are proud to have the best of both worlds - a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurs surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day. Our mission to build the future of commerce is real. We push the boundaries of what's possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Role Overview As our Cyber Security Incident Response Team (CSIRT) for our Seattle office, you will be a part of our special forces within the BlueTeam. You must have a calm and collected mannerism in high-pressure and time sensitive situations, think like both an attacker and defender, and work with relevant teams to take the right and timely actions to analyze, respond and neutralize attacks. The BlueTeam is responsible for the detection and response to credible threats. We work hands-on developing detective capabilities, identifying mitigations to vulnerabilities and respond to potential threats to Coupang systems. BlueTeam CSIRT Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. The Senior Security Engineer position requires an experienced CSIRT personnel that have expert working knowledge in IR, investigation and hunt techniques, root-cause security flaws and vulnerabilities, quickly assessing the potential cyber threats. Security Engineers are also expected to develop elegant solutions to complex problems and apply appropriate technologies while following security engineering best practices. What You Will Do Analyze and respond to security anomalies, intrusion attempts, and breaches, and root cause analysis, containment, creating the report Threat hunting to find undetected security threat from the SOC using data from end points, servers, clouds, network and other sources Ticket review, and security analysis escalated from SOC Improvement of incident response policies and procedures, and process of SOC. - Analyze and respond to Web security events by CDN security solutions (e.g. Akamai, CloudFlare) Analyze and respond to Email Security events Oncall to response urgent security events or security issues Collaborate effectively with internal teams through efficient communication Minimum Qualifications Bachelors Degree in Computer Science or a related technical field or equivalent professional experience. 2 years of experience in information Security with experience in Cyber Security Incident Analysis Preferred Qualifications 8+ years of experience in information security with at least 5+ years as a Cyber Security Incident Analyst Experience of Host based security investigation (Windows, Linux, Network/Security appliances) Experience of analyzing security event and knowledge of AWS or Cloud environment Experience of analyzing security event from Web security solutions (Akamai, CloudFlare) Experience of analyzing security event from network security and SaaS solutions (IPS/IDS, Network Monitoring solutions, Email Security, O365, etc) Experience of analyzing security event from endpoint security solutions (EDR, HIPS, Anti-Virus, DLP, etc) Experience and skills querying SIEM Solutions for analyzing security events from the logs Skill to analyze big data or big size logs Experience in Automation and Scripting using Bash, Python, PowerShell Proactive and proactive work attitude Pay & Benefits Our compensation reflects the cost of living across several US geographic markets. At Coupang, your base pay is one part of your total compensation. The base pay for this position ranges from $108,000/year in our lowest geographic market to $232,000/year in our highest geographic market. Pay is based on several factors including market location and may vary depending on job-related knowledge, skills, and experience. General Description of All Benefits Medical/Dental/Vision/Life, AD&D insurance Flexible Spending Accounts (FSA) & Health Savings Account (HSA) Long-term/Short-term Disability Employee Assistance Program (EAP) program 401K Plan with Company Match 18-21 days of the Paid Time Off (PTO) a year based on the tenure 12 Paid Holidays Paid Parental leave Pre-tax commuter benefits MTV - [Free] Electric Car Charging Station General Description of Other Compensation “Other Compensation” includes, but is not limited to, bonuses, equity, or other forms of compensation that would be offered to the hired applicant in addition to their established salary range or wage scale. Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or gender (including pregnancy, gender identity, gender expression, sexual orientation, transgender status), national origin, age, disability, medical condition, HIV/AIDS or Hepatitis C status, marital status, military or veteran status, use of a trained dog guide or service animal, political activities, or affiliations, citizenship, or any other characteristic or class protected by the laws or regulations in the locations where we operate. If you need assistance and/or reasonable accommodation in the recruiting process due to a disability, please contact us at ************************. Requisition # R0064937

At SERVISS, we deliver cutting-edge cybersecurity and IT solutions to government and commercial clients, with a mission to secure systems, data, and critical infrastructure through innovation and expertise. As we expand our capabilities, we're seeking a highly skilled and talented Information Assurance Professional. Position Summary We are seeking a dynamic and versatile Information Assurance Professional to support a high-impact U.S. Government program. The ideal candidate brings a rare balance of hands-on technical acumen and governance expertise-able to move seamlessly between engineering, architecture, and GRC functions. This role is pivotal in ensuring that systems are not only compliant but also resilient, secure, and aligned with federal risk management frameworks. Key Responsibilities · Serve as a trusted IA advisor, bridging technical engineering efforts with cybersecurity policy, governance, and risk management. · Collaborate with system architects and engineers to design secure solutions that meet compliance and mission requirements. · Support the development, review, and maintenance of key authorization documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms). · Guide system owners and developers through the Risk Management Framework (RMF) process and associated controls (e.g., NIST 800-53, 800-171, CMMC, FedRAMP). · Translate complex technical risks and mitigation strategies into actionable GRC documentation and executive communications. · Conduct system security assessments, gap analyses, and continuous monitoring activities. · Coordinate with cybersecurity operations, incident response, and engineering teams to align IA strategy with operational realities. · Recommend and help implement security architecture improvements based on evolving threat and compliance landscapes. · Track and report on IA posture, risk status, and compliance progress across multiple systems or program areas. Required Qualifications · 10+ years of experience in information assurance, cybersecurity engineering, or GRC. · In-depth knowledge of federal compliance frameworks (e.g., NIST, FISMA, FedRAMP). · Strong technical foundation with the ability to understand complex systems, architectures, and security configurations. · Excellent verbal and written communication skills, including experience preparing formal security documentation and reports. · Demonstrated ability to work cross-functionally with engineering, architecture, operations, and policy teams. · Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field; or Associate's degree with 2+ years of additional relevant experience. Preferred Qualifications · Prior experience supporting U.S. federal agencies or DoD environments. · Professional certifications such as CISSP, CISM, CAP, CCSP, or Security+. · Experience with security automation tools and continuous compliance approaches. · Understanding of Zero Trust principles, DevSecOps environments, and modern system architecture. Why Join SERVISS Our goal as an employer is simple yet profound: to create an environment where you can be your best self, pursue your passions, and enjoy the freedom to thrive both personally and professionally. Your success is our success, and we're committed to supporting you every step of the way. Freedom to Thrive. · Be part of an exciting company with ground floor opportunities to include equity · Highly competitive compensation and best in class benefits · Opportunities for annual performance bonuses, growth incentives, and profit-sharing · 100% of medical, vision, dental, and life insurance premiums covered by SERVISS · 401(k) retirement plan with company match for the first 6% Note: This position is contingent upon contract renewal and funding from the sponsoring federal agency, anticipated end of May 2025.

Join us in stopping bad bots, for good! Kasada protects millions of online users everyday. Founded to stop automated bot attacks, we believe the internet should be a safe place for everyone. Bad bots are highly destructive. They take over accounts, steal content, overload systems and infrastructure and cause billions of dollars in damages every year. Seeking to restore trust in the internet, Kasada stops bots at the very first request including those that have never been seen before. We've grown from a few friends working out of a shipping container under the Sydney Harbour Bridge to now operating globally, we're spread across the world protecting some of the most well-known brands on the face of the earth. We're an innately curious team that's not afraid to bring bold ideas to create better ways of solving problems. We're looking for people who are passionate about solving some of the most difficult and pressing cybersecurity issues, while having fun doing it! The Role We're currently on the lookout for a Senior Security Analyst to join our Security Operations team, focused on taking on complex and high impact unwanted automation for our customers. This role will require you to act as an escalation point for other analysts, handle investigations end to end, and contribute to improving our investigative methods and tooling. Your experience in a similar role in a cyber security environment will be highly regarded. This position will allow you to apply your analytical skills in the fight against bad bots. Working with some of the world's biggest companies, you'll help reduce the damage caused by unwanted automation, while sharing your expertise and supporting our team. This is a remote role, to ensure timezone overlap with our Australia-based team candidates should be located on the West Coast. What you will be doing; Lead complex investigations and in-depth analysis of automated software activity within customer environments, driving cases to resolution. Act as an escalation point for incident response and threat detection, providing expert guidance on challenging or ambiguous cases. Apply and optimise a range of investigative tools and techniques to uncover patterns, anomalies, and root causes. Collaborate across teams to provide clear, actionable advice on complex investigations and contribute to improving detection and response processes. What you will bring; Demonstrable, recent experience in cybersecurity or IT security roles. Significant experience identifying and mitigating security risks in a web application or similar environments. Solid understanding of security frameworks, incident response methodologies, and threat intelligence. Familiarity with analytical security tools (e.g., Splunk, ElasticSearch, SQL, NoSQL databases). Solid knowledge of web technologies (TCP stack, HTTP/S, WebSockets, Browser Architectures, Operating Systems) Subject matter knowledge and awareness of automated cyber security attacks and/or bot groups. Relevant certifications (e.g., CISSP, CISM, CEH, Bachelors degree in a relevant field) are desirable but not essential. Critical and analytical mindset with proven ability to make sound, timely judgments. $140,000 - $175,000 a year The Benefits of being a Kasadian We want to ensure Kasada remains a great place to work and a place to do great work. It's important to us to build an inclusive environment where you can realize your full potential. We are a highly collaborative team regardless of location, placing a strong emphasis on our core values; and we have designed our benefits package so you can thrive, both inside and outside of work: - A stake in Kasada's global success with equity/stock options - Flexible working hours and arrangements - Create a schedule that suits you - Support for growing families - Generous parental leave allowances and resources to help in the lead up, during and after parental leave. - Resources for well-being to support your growth including our EAP - confidential counselling for you and your loved ones - Birthday leave - Wellness leave - An action packed calendar of fun in-person and virtual events Sound interesting? What's next? Hit the apply button and one of our team will set up an exploratory, confidential discussion. We have designed our hiring process to be streamlined and thorough so everyone can make the right call on whether it is the right move for you. We are an inclusive team and this extends to all candidates that interview with us. Interviews are conducted virtually however if you want to come onsite - just ask! When you apply, please tell us the pronouns you use and any adjustments you may need during the interview process, we want to ensure you are set up for success in every conversation. Still with us? Just a little bit more… Research shows that women and other marginalized individuals tend to only apply when they check every box. We're always keen to broaden our perspective, so if you think you have what it takes, but don't necessarily meet every single point above, please still get in touch, we'd love to have a chat and see if you could be a great addition to the team! Please note: Kasada is an e-verify employer (US based applicants only)

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: As a member of the Cyber Remediation Operations team, you will work closely with the Disney Entertainment business teams in protecting Disney's highly respected Disney Entertainment portfolio, including ESPN, Disney+, Hulu, and ABC. Responsibilities of Role: * Review reports, assessments, and findings to develop and prioritize appropriate remediation or corrective action plans. * Collaborate with IT, security teams, business partners, and operational teams to drive remediation of security deficiencies. * Regularly communicate portfolio health results to stakeholders, including technical and non-technical audiences. * Develop and document risk mitigation strategies when compliance cannot be achieved. * Analyze business areas and develop improvement plans to strengthen security posture. * Drive improvement to security baselines, policies and standards. * Verify implemented remediation and corrective action activity achieves compliance with TWDC policies and standards. * Stay updated on evolving cybersecurity threats, vulnerabilities, trends, technologies, and best practices and incorporate them into IT and business practices. * Consolidate data from multiple sources into clear, concise, actionable presentations for senior management, communicating data-driven insights. * Support the on-time delivery of security and compliance initiatives. Must Haves: * Minimum of 5+ Years of related cybersecurity experience * Demonstrated experience facilitating cyber remediation and vulnerability management. * Ability to handle confidential information with integrity. * Ability to work well with individuals and teams with varying technical and business backgrounds. * Understanding of security frameworks and standards. * Strong analytical, problem-solving, and critical-thinking skills with attention to detail. * Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous process improvement skills. * Experience working in a security program for a large and complex organization. Nice to Haves: * Working knowledge of industry compliance programs such as PCI, SOX, etc. * One or more general security certifications including Security+, CySA+, AWS, GSEC, GICSP, CISSP, or other relevant certifications * One or more vulnerability assessment or auditing certification including CISA, CISM, GCCC, GSNA or other relevant certifications Education: * Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience #DISNEYTECH The hiring range for this position in Glendale, CA is $117,500 to $157,500 per year and in Seattle, WA is $123,000 to $165,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Company: The Boeing Company Boeing Defense Space & Security (BDS) is seeking an innovative Product Security Analyst to join our team in Seattle, Washington. In this role, you will lead embedded system cybersecurity and resiliency efforts across the full product lifecycle-from requirements and design through testing, production, and sustainment-ensuring the security of Boeing's advanced aerospace products and services. You will collaborate with a multidisciplinary, enterprise-wide Product Security community to develop and implement best practices, tools, and solutions that protect complex systems, including IT, embedded, and non-IT environments. This role offers the opportunity to solve high-impact security challenges, influence next-generation security engineering, and directly contribute to the resilience of Boeing's commercial and defense offerings. Ideal candidates bring experience in software and system security, rapid prototyping, and supporting system development, integration, and testing. Strong communication, problem-solving skills, and the ability to work independently and collaboratively with diverse teams and customers are essential. If you are passionate about advancing cybersecurity in aerospace and want to make a meaningful impact on the future of flight, we encourage you to apply. Position Responsibilities: In this position, you will engage in one or more of the following activities: Support the development and enhancement of product security requirements and architectures to meet certification and customer requirements. Conduct product security risk assessments, attack surface analyses, and vulnerability evaluations for embedded and IT systems. Assist in security audits and assessments of applications, components, and subsystems integrated into Boeing products and services. Coordinate with governments, customers, suppliers, and industry partners to identify risks and improve security standards and regulatory compliance. Analyze and triage product security incidents, identifying attack indicators and escalating potential breaches. Perform trend analysis and support the development of detection and mitigation capabilities against evolving threats. Prepare and present technical reports and briefings tailored to technical teams and senior leadership. Collaborate with cross-functional teams to integrate security practices into the product lifecycle, ensuring a holistic approach to security. Stay current with emerging threats, vulnerabilities, and security technologies to continuously improve security posture. Support research and development activities that result in innovative solutions to enhance product security. Travel to other Boeing sites within the U.S. may be required (estimated to be ~10% travel time). Differentiators by Level: Individual Contributor 3 (IC-3): Focuses on researching and analyzing technical data, performing standard risk assessments, and supporting incident coordination. Prepares technical reports and briefings under guidance. Individual Contributor 4 (IC-4): Leads complex security analyses and incident coordination efforts. Provides technical leadership within teams and presents findings to senior management. Drives improvements in detection capabilities and security integration. Individual Contributor 5 (IC-5): Acts as a consultant and technical authority on product security integration and risk management. Oversees complex assessments and leads strategic initiatives to advance detection and mitigation capabilities. Communicates technical impacts to senior leadership and influences enterprise security posture. This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options. This position requires a minimum active/current U.S. Secret Security Clearance for which the U.S. Government requires U.S. Citizenship. Basic Qualifications (Required Skill/Experience): Bachelor's degree in Cybersecurity, or related technical discipline. Bachelor's degree and 5+ years' experience or Master's and 3+ years (IC-3); Bachelor's degree and 9+ years' experience or Master's and 7+ years (IC-4); Bachelor's degree and 14+ years' experience or Master's and 12+ years (IC-5) 3+ years of experience in product security analysis, risk assessment, vulnerability management, or related fields. Must obtain a CompTIA Security+, a CISSP certification or equivalent Cyber Security certification within 6 months of employment in this role. Preferred Qualifications (Desired Skills/Experience): Experience leading security projects or teams (for levels IC-4 and IC-5). Knowledge of system-level product security concepts and operational environments. Familiarity with malware analysis, attack surface reduction, and security audit methodologies. Experience with security incident response and trend analysis. Ability to present complex technical information to diverse audiences, including senior leadership. Strong analytical and problem-solving skills. Effective written and verbal communication skills. Ability to work collaboratively in cross-functional teams. Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. Relocation: This position offers relocation based on candidate eligibility. Note: Basic relocation will be offered for eligible internal candidates. Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary Pay Range: Level 3: 119,000 - $161,000 Level 4: $148,750 - $201,250 Level 5: 181,900 - $246,100 Language Requirements: Not Applicable Education: Not Applicable Relocation: This position offers relocation based on candidate eligibility. Export Control Requirement: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

A Senior Cyber Intrusion Detection Analyst is needed to provide advanced incident response and monitoring support. This is a hybrid position based in Washington, D.C., covering 5th shift work (7am7pm Saturday & Sunday, Friday 11pm7am, and Tuesday 7am3pm). Responsibilities Respond to cyber incidents, including SOC incident response calls and emails. Serve as Subject Matter Expert (SME) in investigations escalated from SOC Tier I & II analysts. Investigate phishing attempts and other potential cyber threats. Collaborate with SOC federal staff and Incident Handlers to triage, contain, and remediate incidents. Participate in Splunk engineer working groups to improve alerting rules and reduce false positives. Work closely with Threat Hunt and Security Intelligence teams to strengthen SOC capabilities. Follow established incident response procedures, while identifying process improvement opportunities. Manage incidents involving enterprise systems and sensitive data, including PII breaches. Detect, collect, analyze, and report cybersecurity incidents. Investigate and remediate malware infections. Analyze a variety of logs and alerts (firewall, IDS, malware, HIPS, PCAP, proxy, Windows/Active Directory, etc.) to identify anomalous activity and document findings. Conduct advanced log and malicious code reviews to support containment and recovery. Assist with cybersecurity workforce development by reviewing tickets and annotations. Required Qualifications Bachelors degree with 8+ years of cybersecurity experience (or equivalent). At least 6 years of intrusion detection examination experience. Experience with a wide range of security technologies and logging data, including WANs, IPS/IDS/HIPS, web logs, raw data logs, and event reviews. Strong knowledge of Splunk SIEM with 3+ years of advanced analytics experience (queries, Grep skills, firewall ACL review, Snort IDS events, PCAPs, and web server logs). Strong written and verbal communication skills. One or more advanced certifications, such as: CERT Certified Computer Security Incident Handler CEH (Certified Ethical Hacker) CISSP GCIH (Certified Incident Handler) GISF (Information Security Fundamentals) Clearance Must be able to obtain and maintain a Public Trust clearance. Working Place: Washington, D.C., District of Columbia, United States Company : 2025 Sept 11 Virtual Career Fair - GovCIO

GW Information Technology (GW IT) provides empowering tools and caring support for all members of The George Washington University (GW) community. We are focused on driving digital transformation and innovation to enable the academic and operational excellence of our students, faculty, staff, and researchers. At GW IT, we are committed to cultivating a team culture that values diversity, inclusion, respect and collaboration, and invests in each of our team members to grow in their technology and career skills. The Senior Cloud Security Analyst is a mid-level position within GW IT's Application Security team that will collaborate on application security risk assessments, threat modeling, vulnerability assessments specific to GW IT's cloud environment. Primary Responsibilities: Experience evaluating security controls and the application of commonly used cyber risk standards and frameworks: e.g., NIST 800-171, NIST -800-53, CIS , OWASP . Familiarity with cloud computing environments (e.g., AWS , Azure) Experience in the secure design of cloud-based solutions to measurable performance and security standards Familiarity with cloud-managed security services such as Amazon Inspector, AWS WAF and Shield, and AWS Directory Service. Ability to translate security risks and misconfigurations into product security rules and controls to map against standards, policies and procedures. Familiarity with AWS and Azure core cloud infrastructure capabilities, features, and services. Review cloud logging reports for events that occur in the cloud environment. Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position Minimum Qualifications Qualified candidates will hold a Bachelor's degree in an appropriate area of specialization plus 5 years of relevant professional experience, OR, a Master's degree or higher in a relevant area of study plus 3 years of relevant professional experience, OR a Bachelor's degree in an appropriate area of specialization plus 3 years of relevant professional experience PLUS a relevant IT Security certification. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience. Preferred Qualifications 4 years of relevant experience with cloud security requirements Experience working within a distributed team via collaborative tools Certifications: 1+ security certification (e.g., CISSP ) Familiarity with Linux and Windows in cloud environments Experience in secure design of cloud-based solutions to measurable performance and security standards Ability to perform forensic file system analyses to identify indicators of compromise system timeline Experience evaluating log data and cloud-hosted virtual machines to detect security incidents and initiate appropriate steps as a first responder Experience assessing cloud-based security controls using security tools and threat modeling Work Schedule Monday - Friday, 8am - 5pm (occasional evenings and weekends)

Janicki Industries is an innovative, family-owned aerospace company located at the foot of the Cascades. We focus on engineering and manufacturing complex projects for companies in the aerospace, defense, and space industries. . We are looking for an Information System Security Officer to join our team. This position is located on-site in Sedro-Woolley, Washington State POSITION DESCRIPTION The responsibility of the Information System Security Officer (ISSO) is to maintain the governance, risk, and compliance of isolated information systems in support of production and engineering efforts. This position requires strict adherance to the Department of Defense and Customer requirements. The ideal candidate will have a solution-driven attitude with excellent follow-up and an aptitude for collaborative problem-solving. This candidate will interface directly with the Security Department, Information Technology, Program Management, and our Customer's to draft, implement, and audit policy and procedures that allow Janicki to remain at the forefront of engineering The following essential job functions are performed as an ISSO: Maintains Information Systems (IS) security implementation policy and guidelines, plans, instructions, standard operating procedures, and security education, training, and awareness program (SETA) Maintains familiarity with all applicable policies and regulations (e.g. NIST 800-53, NIST 800-71, NISPOM, NSA Policy Manual 9-12, etc.) Ensures all IS security-related documentation is current and authorizations are on file for each Information System Ensures software, hardware, and firmware comply with appropriate security configuration guidelines, policies and procedures, and approvals Effectively works with vendors for product (hardware/software) procurement to ensure systems remain compliant as needs change Maintains classified systems through Security Technical Implementation Guides (STIGs), self-assessments, recurring audits, and verification of system setup with applicable policies and regulations Analyzes security vulnerabilities/risks and provides guidance on suitable options for identified issues Work with program/project Managers to monitor/periodically review contract requirements for conformance Conducts and participates in inspections (internal and external) and implements necessary actions to correct deficiencies Communicates with prime contractors and government agencies to obtain approvals and maintain compliance. Ensure periodic testing is conducted to evaluate the security posture of the IS by employing various intrusion/attack detections and monitoring tools Assists users in account management (e.g., training employees in security procedures, password resets, etc.) Performs additional duties as necessary which may include IT maintenance unrelated to the duties of this position, personnel maintenance, facility lock/unlock procedures, etc. Works well under pressure, meeting and completing multiple deadlines Must be willing to travel on occasion Must work well under pressure, meeting and completing multiple deadlines Must be at work on time and maintain good attendance. This is a condition of employment and is an essential function of the job QUALIFICATIONS MUST BE U.S. CITIZEN OF THE UNITED STATES AND NOT HOLD DUAL CITIZENSHIP WITH ANTOHER COUNTRY. EDUCATION/EXPERIENCE Current DOD Security Clearance Required Minimum 2+ years of experience as ISSO implementing NISPOM Chapter 8, ICD 705, and JSIG IS requirements Bachelor's degree in an IT-related field or equivalent education or work experience CompTIA Security+ Experience with Windows operating environments Familiarity with conducting and reviewing vulnerability and compliance scans Experience developing subordinates and communications up and down the chain of command Experience in providing Information Systems security awareness and training Maintains awareness of upcoming customer/government-driven changes and challenges and suggests approaches to meet those challenges Excellent time management skills; keeps commitments and welcomes a collaborative environment Self-disciplined to lead IA projects with minimal supervision Previous experience working as a security professional in an SAP/SCI environment Familiarity with the National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program (SAP) Implementation Guide (JSIG), and National Institute of Standards and Technology (NIST) frameworks Excellent communication skills (written & oral) Knowledgable in COMSEC ADDITIONAL INFORMATION Salary range for this role is between $80,000 - $110,000, plus discretionary bonus, 401(k) matching, vacation, and health benefits. Employees can also receive additional pay for off-shifts. The range provided is Janicki's estimate of the base compensation for this role. Actual amount offered will be based on job-related and non-discriminatory factors such as experience, location, education, training, skills, and abilities BENEFITS Medical, dental, and vision insurance with employer contribution Disability insurance as well as Life/AD&D insurance HSA (Health Savings Account) with employer contribution and FSA (Flexible Savings Account) 401k with employer matching Paid time off and paid holidays (including two floating holidays) Education reimbursement program Several shift options Premium pay for off-shifts Not sure that you'll be the perfect fit for this role? You should still apply! We'll review your application for other opportunities. We are always on the lookout for talented people! Janicki Industries is an Equal Opportunity Employer. Janicki Industries does not discriminate on the basis of race, color, religion, sex, national origin, sexual orientation, marital or familial status, physical or mental disability, genetic information, age, retaliation, veteran/military service status, or any other legally protected status. Janicki is proud to be a military friendly employer. Applicants or employees wishing to view a copy of Janicki Industries' Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at **************. As a federal government contractor and a recipient of federal funding, Janicki is required to abide by federal drug testing requirements (including preemployment drug testing for cannabis). Additionally, because of Janicki's work on aerospace products and the high volume of safety sensitive positions, Janicki takes the safety of its employees very seriously and requires that employees pass a preemployment drug test prior to starting employment.

Guide security policy and participate in broader Information Security governance efforts. Develop and maintain the Information Security Management System (ISMS) in collaboration with regional information security SMEs and technical consultants. Oversee and manage the ISMS and recommend appropriate mitigating controls. Oversees Information Security Risk Management activities, including risk identification, assessment, and communication to relevant interest holders. Provide valuable expertise and leadership directly to the governing Joint Board executive leadership, including sharing metrics to reflect the performance of the regional security program functions, executive risk score reports, and other guidance on a variety of information security topics. Facilitate a committee of Information Security SMEs across the Agencies to ensure both regional compliance and concurrence on information security-related matters, recommending solutions, and working from the regional perspective to achieve optimal solutions. Collaborate with the Systems Integrator, other vendors, and partner Agencies to ensure security best practices, standards, policies, and regulatory requirements are incorporated into core payment system design, implementation, and sustainment, as well as support other future phase projects. Conduct regular security reviews of both software and processes, advising on information security practices. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats. Support external IT security audits and assessments that focus on operation. Develop, update, implement, and conduct information security training programs to support the ISMS objectives. Manage approvals for Identity and Access Management (IAM) and Access Control Administration. Act as Incident Commander for Security Incident Response activities, whenever the Information Security Incident Response Plan is invoked by the regional program; play an interest holder and oversight role if the plan is invoked by other partners or vendors. Participate in information security incident investigation and response efforts; perform root-cause analysis when incidents occur and prepare incident reports. Evaluate change requests to determine potential impacts to Information Security, including IT systems, processes, policies, and provide appropriate input to the Change Management process. Coach future Regional Operations Team (ROOT) information security personnel as the ISMS becomes complete and mature. Keep up to date on latest information security trends, "best practices", threats, and countermeasures. Required Skills and Qualifications: Enterprise-level information security plans, policies, standards, guidelines, methods, and practices based on current industry standards, best practices, tools, and techniques. Information Security Management Systems, and applicable industry standards (ISO 27001/2). Pertinent federal, state, and local laws, codes, and regulations; particularly those that affect information security for payment systems. Environments subject to the Payment Card Industry Data Security Standard (PCI DSS), including compliance-related duties. Knowledge and understanding of developing and administering information-security standards, practices, audits, risk management, and policy compliance. Information Security Audit principles and practices. Knowledge of one or more governance frameworks such as COBIT 5, ISO, NIST, or COSO. Strong understanding of IT Service Delivery (ITIL) core processes and methodologies. Principles, methods, and techniques used in the facilitation of managing projects and leading teams. Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography. In-depth knowledge of security software threats and vulnerability mitigation techniques. Working knowledge of cloud platforms such as Azure/ AWS and relevant security controls. Establishing and maintaining collaborative working relationships with other department staff, management, vendors, and other interest holders. Documenting and explaining risks, recommendations, and incident data to technical interest holders. Interpreting and administering information security policies, standards, and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies. Leading or supporting an Information Security Management System. Generating metrics and preparing reports to facilitate decision-making on security-related activities. Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports. Responding to inquiries with effective oral and written communication. Researching, analyzing, and evaluating new security processes, products, and techniques. Excellent time management skills including the ability to prepare, prioritize, and complete work plans. Working effectively under pressure, meeting deadlines, and adjusting to changing priorities. Writing of technical documentation and standards, including skill in English usage, spelling, grammar, and punctuation Required Certifications or Licenses: At least one of the following (in valid status): Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). Certified Information Security Auditor (CISA). Other industry relevant certifications in the fields of information security, project management, auditing and/ or risk management, such as the Certification in Risk and Information Systems Control (CRISC) Preferred Skills and Qualifications: Knowledge of Governance, Risk, and Compliance (GRC) tools. Principles of leadership, supervision, training, and performance evaluation. Extensive knowledge of risk-based methodologies, and one or more of the following frameworks: ISO 27001/2:2017, 27005:2011, and 31000; PCI-DSS; or NIST 800-53. Duration:11/07/2025 to 2/28/2026 Location: Downtown Seattle (Hybrid) M-F: 8 AM to 5 PM Hybrid: 3 days work onsite Pay: $75 per hour

Bellevue Telecommunications Services Exp 10-15 years Deg Bachelors Relo Bonus Job Description The Information Security Manager, working with in Corporate Information Security Team will be responsible for liaising with assigned business units on behalf of Corporate Information Security (CIS). These responsibilities will include understanding business-driven projects that involve network and information security, applications, networking and web based technologies. They will be responsible for understanding the Business Unit's processes and priorities and working with them to manage business impact and threats, through a risk based methodology. Ensures through positive engagement that business goals are met in a secure and compliant manner, according to industry standard regulations Qualifications Ideal Candidate will have: Candidate must have strong technical, influential and organizational skills. Prefer six years' experience in information security related discipline, in addition to several years' relevant systems and/or network administration experience. Expert relationship building and partnering skills, including persuasion, negotiation and consensus building. Experience translating emerging IT and business trends into meaningful risk reduction opportunities. Demonstrated ability to work effectively in a complex matrixed environment. Outstanding verbal and written communication skills. Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement. Ability to translate security requirements into business risks and impacts. Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA. Strong understanding of encryption, obfuscation and/or tokenization technologies or compensating controls. Appropriate industry certifications, such as CISSP, CISA or CCIE. Preferred skill: Bachelor degree in Computer Science, Information Security, Information Management, or other related discipline. Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred. Skills and Qualifications: A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus. The ability to apply Information Security principles to business solutions. Extensive experience planning and deploying both business and technology security initiatives. Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations. The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business. Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI. Good understanding & experience applying CoBIT, ISO, ITIL, NIST frameworks. Understanding of Local (Wired & Wireless), Wide area, and mobile networks. A good understanding of Network Security, Firewalls, Intrusion Detection and Prevention, AVS, VLANS. Strong background and experience in IP Networking and Routing Protocols. Fluency in the use of all MS Office applications, including SharePoint services. Qualifications · Preferred: Any of the following CISSP, CISA, CISM, C-RISC, CCNA, CCIE, Six Sigma Yellow/Green/Black Belt Education Minimum Required High School Diploma/GED Education/Vocational Training/Experience Preferred Bachelor's degree in Computer Science, Information Technology or related field from an accredited 4-year college or university 10 years of system, network, and application design and architecture experience. Preferably in the wireless communications space CISSP and or CISM Certification (required; experience may be substituted for Cert requirements (4 years minimum) CISA Certification (preferred but not required; experience may be substituted for Cert requirements (4 years minimum) Responsibilities What you will do: Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to its customers, and implementing measures to combat the threat. Understand the operations of the business and comprehend how these create value and risk for the organization. Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes. Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity. Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business. Make risk-based decisions on a daily basis that has the potential to impact our ability to operate and communicate. Ensure the information and network security controls for us are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups. Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program. Interact with internal audit, third party auditors, and appropriate regulatory bodies. Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance. Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures. Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

Job Description Centurion is looking to hire an Information System Security Officer for our federal government client in Washington DC. This role is hybrid role open to US Citizens only. Required Skills: Risk Management Framework (RMF), System Security Plan (SSP), Plan of Action and Milestones (POA&M), Authorization to Operate (ATO), Security Impact Analysis (SIA), Information Sensitivity Security Assessment, Information Technology Risk Acceptances, o Configuration Management Plan, Supply Chain Risk Management Plan, Interconnection Security Agreements, Memorandums of Understanding, Information Data Exchange Agreements, Vulnerability Reports, Day-to-day Responsibilities: Conduct continuous monitoring activities, to include: o Maintenance of current ATO o Conducting periodic system self-assessments o Review periodic vulnerability scan reports and compliance reports o Ensure stakeholders are performing system log reviews as defined in the SSP o Ensure assigned IT system user accounts are periodically reviewed for accuracy and completeness • Work with technical teams to mitigate security control deficiencies and vulnerabilities for assigned IT systems. • Assess the cybersecurity impact of changes to assigned IT systems and document findings in a SIA report and brief stakeholders. • Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M. • Manage the POA&M process for designated IT systems to provide timely detection, identification and alerting of non-compliance issues. • In coordination with SO staff, create POA&Ms or remediation plans for vulnerabilities identified during risk assessments, audits, inspections, etc. • Provide the required system access, information, and documentation to security assessment and audit teams. Expected Deliverables: Cybersecurity Staff Augmentation Education: Bachelor's Degree, preferable in Computer Science, Information Technology, or Cybersecurity

Business Operational Concepts (BOC) is a recognized leader in providing Technical and Program Management Services, Information Technology, and Support. BOC has enabled their Government and Commercial clients to achieve their organizational initiatives through the application of high quality, innovative, and cost-effective professional services and solutions. We provide a positive working environment, with opportunities for advancement in our growing Federal sector workforce. We offer an excellent compensation package which includes a generous salary, insurance (medical, dental, etc.), paid leave, 401k plan and more. We are committed to the diversity we bring to the marketplace and believe customer satisfaction comes first. JOB SUMMARY: Business Operational Concepts (BOC) is currently seeking an Information Systems Security Officer (ISSO) to work with our government client. The selected candidate will serve as a technical and governance subject matter expert responsible for integrating cybersecurity risk management with system and infrastructure engineering. This position bridges the traditional gap between GRC and technical implementation by ensuring security is designed, implemented, and continuously monitored throughout the system development life cycle (SDLC). DUTIES AND RESPONSIBILITIES: The incumbent collaborates with system owners, developers, cloud and DevSecOps engineers, and security control assessors to ensure the confidentiality, integrity, and availability of agency information systems in alignment with federal requirements (e.g., FISMA, NIST RMF, FedRAMP, and OMB guidance). Requirements QUALIFICATIONS: Required (Minimum) Qualifications - Education, Certification, Experience, and Skills Risk Management and Governance (40%) Serve as the primary technical lead for system-level RMF activities, including security categorization, control selection, implementation, and assessment. Develop and maintain system security documentation (SSPs, SARs, POA&Ms) and ensure continuous authorization (O-ATO) compliance. Conduct risk assessments to identify vulnerabilities, evaluate likelihood and impact, and recommend mitigation strategies. Support annual FISMA audits, OIG reviews, and internal compliance assessments with defensible technical evidence. Develop standardized risk metrics and dashboards that link system vulnerabilities to enterprise risk posture. Security Engineering and Architecture Integration (35%) Embed security engineering practices into system design and cloud architectures, ensuring 'security-by-design' and 'Zero Trust' principles. Partner with system engineers and developers to integrate security controls in CI/CD pipelines, automation scripts, and infrastructure-as-code deployments. Validate security control implementations through technical testing, configuration review, and vulnerability analysis. Conduct secure architecture reviews and provide technical consultation on encryption, access control, and network segmentation. Collaborate with SOC and vulnerability management teams to ensure findings inform risk posture and remediation planning. Continuous Monitoring and Technical Validation (15%) Develop and maintain continuous monitoring strategies and implement automated data feeds from scanners, SIEM, and cloud tools into GRC systems. Validate and verify that implemented controls are operating as intended and produce desired security outcomes. Track and report control effectiveness and residual risks to leadership. Policy, Audit, and Training Support (10%) Support updates to cybersecurity policy, SOPs, and agency guidance to reflect emerging threats and technologies. Provide training and mentoring to system owners and developers on secure design and RMF requirements. Support external audits by providing technical explanations and evidence of control effectiveness. Knowledge, Skills, and Abilities (KSAs) Security Engineering: Knowledge of systems design, cloud infrastructure, encryption, access control, and secure configuration management. Risk Management: Knowledge of the principles and tools used for risk assessment and mitigation. Compliance & Governance: Expertise in NIST SP 800-37, SP 800-53, SP 800-53A, FIPS 199/200, FedRAMP, and OMB A-130. Vulnerability Management: Ability to analyze vulnerability data, interpret scanning results, and evaluate technical mitigations. Automation & Tools: Familiarity with GRC platforms (e.g., Archer, ServiceNow IRM, Xacta) and technical tools (e.g., Nessus, Splunk, AWS Config, Prisma). Communication: Skill in articulating technical risks and recommendations to both executive and technical audiences. Collaboration: Ability to partner effectively across multidisciplinary teams including developers, engineers, and policy staff. U.S. Citizenship required. Active Public Trust or higher clearance (or ability to obtain). Bachelor's degree in Computer Science, Information Systems, Engineering, or equivalent experience. 3-5 years of experience in security engineering, GRC, or cybersecurity risk management. Preferred Qualifications - Education, Certification, Experience, Skills, Knowledge, and Abilities Desired Certifications: CISSP, CISM, CAP, CGRC, CEH, Security+, or Cloud Security certifications CLEARANCE REQUIREMENTS: Public Trust or the ability to obtain and maintain a Public Trust clearance. (Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.)

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture for information systems and as such, works in close collaboration with the ISSM, CPSO, and FSO. The ISSO must have detailed knowledge and expertise required to manage the security aspects of an information system and is assigned the day-to-day responsibility for assigned systems. Responsibilities include implementation of the requirements of Risk Management Framework, including the Joint Special Access Program (SAP) Implementation Guide (JSIG), NIST 800-53, or other security requirements as assigned. This position will report to the Corporate Information Assurance Manager and work in close collaboration with the AFSO and FSO. The ISSO is responsible for developing and updating the security authorization package, managing and controlling changes to the system, and assessing the security impact of those changes. Ensure systems are operated, maintained, and disposed of following security policies and procedures as outlined in the security authorization package. Report all security-related incidents to the ISSM. Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure audit records are collected, reviewed, and documented. Duties also include physical and environmental protection, personnel security, and incident handling. DUTIES & RESPONSIBILITIES Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirement Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirements Conduct vulnerability scans and analysis Conduct maintenance on the networks, systems, and hardware Perform software upgrades on networks, systems, and hardware Perform security assignments in accordance with the Automated Information System requirements and local regulations Understand and follow NISPOM/ODAA/RMF/JAFAN/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 4 years' experience in related field DoD 8570 compliant, IAT Level II Experience with Windows based administration of Information Systems Ability to work within compliance standards; previous experience with RMF, HIPAA , PCI DSS, or equivalent compliance standard preferred Strong experience in networking, active directory, centralized logging solutions, vulnerability scanning and anti-virus solutions Experience with security audits for information systems Strong communication and problem-solving skills Ability to work in both a team environment as well as independently Must be organized and detail oriented Ability to obtain and maintain Top Secret clearance with the ability to obtain approval for SAP/SCI access DESIRABLE Have previous experience with DoD Security Regulations and Policies PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Build secure network stacks with appropriate isolation and segmentation Create OS-level attestation and integrity monitoring systems Develop security patches, custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Required Qualifications A Bachelor's degree and three (3) years professional experience OR a combination of education and experience totaling seven (7) years from which comparable knowledge and abilities are acquired. Preferred Qualifications Experience developing operational information security procedures and technical training materials. Demonstrated experience with working within formal project management frameworks. Experience with the Splunk application, to include developing searches, reports, and other automated routines. Experience with security reviews of firewall, file system, and other forms of access control lists. Experience with digital forensics software and processes. Demonstrated ability to appropriately prioritize multiple tasks, projects, or assignments. Expert knowledge of Windows, Linux, and Apple operating systems.

Main Responsibilities Help Desk: * Provide daily user support. * Support Office 365. * Support Microsoft Windows. * Maintain computers. Infrastructure: * Maintain local IT infrastructure in compliance with Continental standards. * Ensure general IT environment health. * Coordinate external service providers and IT vendors. IT Projects: * Support areas in IT projects, contacting providers and preparing the project, including investment description, providers, etc. * Support IT management in preparing the IT budget for infrastructure. * Manage, develop, and execute internal projects. Network: * Manage passive IT infrastructure. * Support the network team at the location. Data Center: * Manage the data center. ShopFloor: * Provide level 1 support for ShopFloor. * BS degree in Information Technology, Computer Science, Software Engineering, or related areas. * More than 2 years of experience working in any Information Technology area. * Experience in IT support functions. * Proven experience with incident management. * Experience in IT infrastructure. * Internal IT audit experience. * At least 2 years of experience working in an ITSM-oriented environment. * Good communication skills, ability to work in teams, and project management skills. * Standards & Rules: IT Governance (advanced) * Process: Process Management & Process analysis (basic) * Method competencies * Service Management (advanced) * Project Management (basic) EEO-Statement: EEO / Disabled / Protected Veteran Employer. Continental offers equal employment opportunities to all qualified individuals, without regard to unlawful consideration to race, color, sex, sexual orientation, gender identity, age, religion, national origin, disability, veteran status, or any other status protected by applicable law. In addition, as a federal contractor, Continental complies with government regulations, including affirmative action responsibilities for qualified individuals with a disability and protected veterans, where they apply. To be considered, you must apply for a specific position for which Continental has a current posted job opening. Qualifying applications will be considered only for the specific opening(s) to which you apply. If you would like to be considered for additional or future job openings, we encourage you to reapply for other opportunities as they become available. Further, Continental provides reasonable accommodations to qualified individuals with a disability. If you need assistance in the application process, please reply to ******************** or contact US Recruiting at ************. This telephone line and email address are reserved solely for job seekers with disabilities requesting accessibility assistance or an accommodation in the job application process. Please do not call about the status of your job application, if you do not require accessibility assistance or an accommodation. Messages left for other purposes, such as following up on an application or non-disability related technical issues, will not receive a call back. Ready to drive with Continental? Take the first step and fill in the online application.