Information security analyst jobs in Dundalk, MD - 2,820 jobs

A leading technology firm is seeking a Cyber Machine Learning Engineer to build and improve machine learning models for detecting cyber threats. The ideal candidate has significant experience in cyber threat hunting and proficiency in Python and MLOps practices. This position offers a competitive compensation range of $99,000 to $225,000 annually, along with comprehensive benefits including health, life, and professional development opportunities. The job supports flexible work arrangements. #J-18808-Ljbffr

Information Assurance Engineer / Security ManagerC2 Labs, Inc. - ************** C2 Labs partners with clients on their IT transformation journey via our industry-leading capabilities in full stack development, hyper-automation/DevOps, and cybersecurity compliance. We provide specialized products and services that enable clients to innovate with speed and scale while maintaining a robust and effective security posture. As digital transformation partners, we address the most urgent needs holding back our clients, including proactively addressing cultural change, quantifying risk, automating compliance, and closing critical skill gaps We are seeking a highly skilled and experienced Information Security Engineering Manager to spearhead the development, implementation, and management of our organization's security infrastructure. This pivotal role will be responsible for safeguarding our critical assets and ensuring compliance with industry-leading security standards. You will lead a team of security professionals, providing technical guidance and fostering a culture of security awareness. Responsibilities Design, develop, and implement robust security networking architectures, incorporating Intrusion Detection/Prevention Systems (IDS/IPS) and other advanced security technologies. Develop and enforce comprehensive security policies and procedures aligned with industry best practices and regulatory requirements. Lead the monitoring and analysis of security systems, proactively identifying and responding to potential threats and vulnerabilities. Manage and optimize existing security solutions, ensuring their effectiveness and efficiency. Drive compliance initiatives, with a focus on the Risk Management Framework (RMF) and NIST 800-53 Rev 5 controls. Effectively manage security projects, ensuring timely completion and adherence to budget. Lead incident response efforts, coordinating investigations and implementing remediation strategies. Mentor and develop a high-performing team of security professionals. Qualifications Bachelor's degree in an IT-related field required. Minimum 15 years of experience in information security, or Certified Information Systems Security Professional (CISSP) certification with a minimum of 10 years of experience. Demonstrated deep understanding of information security principles, including access control, network security, cryptography, and vulnerability management. Proven experience in managing security projects and leading incident response activities. Extensive experience with the Risk Management Framework (RMF) and NIST 800-53 Rev 5 controls. Excellent communication, leadership, and problem-solving skills. EOE STATEMENT We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment drug screen. #J-18808-Ljbffr

A government contracting firm in Washington, DC is seeking a Senior Security Engineer to enhance its IT security architecture and support compliance with the Cybersecurity Executive Order. The ideal candidate will possess a master's degree in information security, an active government clearance, and over 10 years of relevant experience. Key responsibilities include designing security infrastructure and advising leadership on security policies. This position requires strong analytical and communication skills. #J-18808-Ljbffr

A cybersecurity solutions provider is seeking a Security Engineer specializing in Tanium to enhance endpoint management and security within federal government environments. Responsibilities include designing and maintaining Tanium infrastructure and collaborating with cybersecurity teams. Candidates must possess 12+ years of IT/Security experience and a relevant Bachelor's degree. This position offers a hybrid work model, a competitive salary between $135,000 and $155,000, and extensive benefits including medical and retirement plans. #J-18808-Ljbffr

A healthcare technology firm located in Maryland is seeking a Senior Security Engineer I to enhance security capabilities within cloud-native environments. The candidate will design and implement security solutions, lead incident response efforts, and collaborate with various teams to strengthen security posture. Applicants should have a degree in Computer Science or related field, extensive experience in security engineering, and proficiency in scripting languages like Python and Bash. This role offers a supportive workplace that values diversity and innovation. #J-18808-Ljbffr

Evolver Federal is seeking a Senior Security Engineer to fulfill a requirement for a potential government client. The Senior Security Engineer is responsible for designing, implementing, and maintaining advanced security solutions to protect federal systems and data. This role prioritizes continuous monitoring, FISMA compliance, and OIG audit readiness while engineering secure architectures, integrating cybersecurity technologies, and ensuring adherence to federal standards such as NIST 800-series, RMF, and TIC 3.0. The Senior Security Engineer will work closely with SOC teams, architects, and program managers to deliver robust security capabilities across cloud (AWS GovCloud, Azure Government), on-premises, and hybrid environments. This position requires deep technical expertise, hands-on experience with security tools, and the ability to lead engineering efforts for mission‑critical systems in highly regulated environments. Responsibilities Design and implement security solutions for enterprise and federal environments, ensuring compliance with RMF and NIST guidelines. Engineer secure configurations for SIEM, SOAR, EDR, and vulnerability management platforms. Support Tier 2/3 SOC analysts by developing advanced correlation rules for Splunk and optimizing detection workflows. Support SOC operations by integrating advanced detection and response capabilities. Conduct security assessments, penetration testing, and risk analysis for critical systems. Implement continuous monitoring and automated compliance reporting to meet Department of Labor and federal requirements. Develop and maintain security engineering documentation, including system security plans and architecture diagrams. Collaborate with architects and program managers to align security engineering with strategic objectives. Lead efforts to integrate security into DevSecOps pipelines and CI/CD workflows. Provide technical expertise during incident response and forensic investigations. Evaluate emerging technologies and recommend enhancements to improve security posture. Define and track measurable outcomes such as MTTR reduction, SLA adherence, compliance score improvements, and false positive reduction to meet performance‑based contract KPIs. Coordinate with federal stakeholders (CISO, ISSOs, AO) and provide audit support for ATO processes. Ensure adherence to performance‑based contract requirements and federal cybersecurity mandates. Basic Qualifications Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience, or 4 years' experience in IT Solutions at senior management Certified Information Systems Security Professional (CISSP) mandatory with Information Systems Security Engineering Professional (ISSEP) concentration Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended) Information Technology Infrastructure Library (ITIL) 4 Foundation 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical contract/BPAs US Citizen with the ability to pass a comprehensive government background check Preferred Qualifications Master's degree in cybersecurity, IT, or a related technical field Experience supporting SOC operations in federal or regulated environments Familiarity with RMF, NIST 800-series, OMB A-130, and TIC 3.0 Proven leadership in cross‑functional teams and performance‑based contracts Strong communication skills, including executive briefings and incident reporting Hands‑on experience with SIEM (Splunk, Elastic), SOAR (Cortex XSOAR), and EDR (CrowdStrike, Microsoft Defender). Expertise in cloud security engineering (AWS, Azure, GCP) and container security (Kubernetes, Docker). Familiarity with Zero Trust Architecture principles and implementation strategies. Familiarity Continuous Diagnostics and Mitigation (CDM). Experience with PKI, encryption standards, and secure network design. Knowledge of automation tools for security orchestration and compliance reporting. Ability to lead technical teams and mentor junior engineers in cybersecurity best practices. Experience integrating security controls into large-scale federal systems and mission‑critical applications. Understanding of advanced threat detection techniques and AI‑driven security solutions. Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law. Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. #J-18808-Ljbffr

Staffing Pros, a division of VETS Inc., is recruiting for a full-time Qualys Security Engineer onsite in Washington, DC or Beltsville, MD. This position requires an Active Secret Clearance. The Senior Qualys Security Engineer will support our customer's enterprise vulnerability management initiatives. This role involves maintaining and optimizing Qualys toolsets, performing vulnerability assessments, and working collaboratively across technical teams to strengthen organizational cybersecurity posture. This position is based on-site at either the Washington, DC or Beltsville, MD office, with occasional travel between the two locations. What you'll do: Oversee day-to-day management of the Qualys platform including agents, scanners, and connectors. Optimize scan configurations, authentication methods, and template deployments. Review and interpret scan results to generate actionable intelligence for technical and non-technical audiences. Partner with infrastructure, development, and SOC teams to validate findings and drive remediation efforts. Automate tasks using Qualys APIs and custom scripts to support reporting and data integration. Maintain an up-to-date asset inventory through discovery and classification workflows. Minimize false positives through tuning and validation. Conduct policy compliance assessments in support of regulatory frameworks. Provide guidance and mentorship to junior analysts in vulnerability management best practices. Required Qualifications 5+ years of hands-on expertise with Qualys. Must be able to commute to Beltsville, MD or Washington, DC for full-time onsite work. Secret clearance with the ability to obtain a Top Secret clearance is required. Proficiency in scripting (Python, PowerShell, or Bash). Familiarity with network protocols, OS security (Windows/Linux), and web application vulnerabilities. Understanding of compliance standards and frameworks (e.g., NIST 800-53, CIS Controls, ISO 27001.) Qualys Vulnerability Management & Policy Compliance. Qualys Web Application Scanning. Automation using Qualys APIs. Network architecture and protocol knowledge. Database and OS-level security. Vulnerability lifecycle and remediation strategies. Excellent written and verbal communication. Strong problem-solving and analytical mindset. Ability to operate independently or as part of a multi-disciplinary team. Solid documentation and reporting practices. Experience engaging with cross-functional stakeholders. US Citizenship is required. Preferred Qualifications Professional certifications: CISSP, CEH, GIAC, or equivalent. Exposure to other scanning tools (e.g., Tenable, Rapid7). Familiarity with public cloud security models (AWS, Azure, GCP). Experience with configuration management tools and CI/CD pipelines. Background in system administration, network engineering, or DevSecOps. EEO Statement Staffing Pros a division of VETS-inc is an Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

Conviso Inc is looking for ISSO Officer for onsite Job. This role comes with benefits, 401K & some accrued PTO. The Ideal must have hands-on technical and analytical experience supporting the RMF lifecycle, cybersecurity monitoring, continuous authorization, and security control assessments. Are you open to new opportunities & could this be of interest? On Site Job at 3 locations - Albuquerque NM, Las Vegas NV, Germantown MD Active Top-Secret Clearance Required Title: Information System Security Officer (ISSO) Minimum 3 years as an ISSO Required Skills: ISSO personnel must understand and interpret data from security tools and apply NIST frameworks with precision. Capabilities include: Proficiency in NIST SP 800-37, 800-53, 800-60, FIPS 199, CNSSI 1253. Ability to perform risk assessments, system categorization, and control selection. Experience with eGRC tools (e.g., Archer) for documentation, continuous monitoring, and POA&M management. Responsibilities: Prepare: Support enterprise, mission, and system-level RMF readiness, establish tailored baselines, identify assets, assess risks, and determine system placement in the enterprise architecture. Categorize Information Systems: Perform FIPS 199 categorization, develop SSP subsections, register systems, and ensure early engagement with developers to integrate cybersecurity impact analysis. Select Security Controls: Document, implement, and validate selected controls, incorporating security architecture, privacy requirements, and common control inheritance. Assessment: Develop assessment plans, test controls, produce SARs, document findings, and support POA&M development. Data Calls: Provide timely and accurate evidence and responses using approved tools. Internal & External Assessments: Support audits, collaborate with internal and external partners, and perform self-assessments. Program-Level Documentation Support: Maintain program policies, adjudicate comments, and assess the impact of federal directives and legislation.

A leading technology solutions provider in Washington, DC is seeking a Senior Systems Security Engineer. This role involves hands-on engineering and securing multiple operating systems, managing vulnerabilities, and ensuring compliance with security frameworks. Ideal candidates will have 5-10 years of experience in system engineering and strong communication skills. The position offers competitive pay and extensive benefits including paid medical and dental insurance. #J-18808-Ljbffr

Clearance: Active Secret Employment Type: Full-Time We are seeking a Principal Cloud Security Engineer to lead the design, automation, and enforcement of security across large-scale federal cloud environments. This role focuses on cloud security architecture, DevSecOps automation, and secure platform enablement in a multi-cloud ecosystem. The ideal candidate is highly technical, self-directed, and comfortable operating as the senior security authority for cloud platforms. You will define secure patterns, implement guardrails at scale, and embed security directly into infrastructure and CI/CD pipelines. Key Responsibilities: Cloud Security Architecture: Design and guide secure architectures across AWS, Azure, and GCP, including GovCloud and restricted environments Define and enforce security baselines aligned with NIST 800-53, FedRAMP, and CIS Benchmarks Lead threat modeling, architecture reviews, and secure design guidance for cloud workloads DevSecOps & Automation: Build and maintain Infrastructure as Code using Terraform (preferred) and cloud-native tooling Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning, container scanning) Implement policy-as-code guardrails using tools such as AWS SCPs, Azure Policy, and cloud-native governance services Develop automated remediation and enforcement workflows to reduce manual security effort Governance, Compliance & Visibility: Embed compliance controls directly into cloud infrastructure and pipelines to support ATO efforts Partner with compliance teams and auditors on evidence collection and continuous monitoring Implement centralized logging, monitoring, and incident response across cloud environments Technical Leadership: Serve as the senior cloud security SME for engineers, architects, and stakeholders Mentor engineers on secure cloud development and DevSecOps practices Translate complex security concepts to both technical and non-technical audiences Required Qualifications: Active Secret clearance 8+ years in cybersecurity or cloud engineering, including 5+ years focused on cloud security Deep hands-on experience securing AWS, Azure, or GCP (experience in at least two preferred) Strong Infrastructure as Code experience (Terraform strongly preferred) Experience integrating security into CI/CD pipelines (GitHub Actions, GitLab, or similar) Proficiency in Python, Go, PowerShell, or Bash Strong understanding of IAM, networking, encryption, key management, and cloud-native security services Ability to operate independently and define security priorities without daily direction Preferred Qualifications: Experience securing GovCloud, DoD IL5/IL6, or other regulated cloud environments Kubernetes and container security experience Zero Trust architecture implementation experience ServiceNow integrations for security workflows Cloud security certifications (AWS Security Specialty, Azure Security Engineer, etc.) What Makes This a True Principal Role: Highly hands-on and deeply technical Owns security outcomes rather than executing predefined tasks Heavy DevSecOps and IaC focus Large-scale, multi-cloud environment Architecture and influence matter as much as implementation

CSCI Consulting is looking for a Cyber Security Specialist (SNR) to design & set up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing. Collaborate with cross-functional teams and responsible for designing & integrating Elastic with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics Responsibilities Perform data transformation using Elastic query language Track the health of the Elastic environment and optimize its performance. Troubleshoot and resolve issues related to security, performance, data indexing, and searches Perform watch-officer monitoring duties, including: Monitoring detecting, investigating, and responding to cybersecurity threats and events using Elastic /SIEM Platform Reviewing correlated alerts and logs for compromise scenarios Performing triage of security alerts to prioritize response Identifying false positives Investigating security incidents and determining root cause Collecting and preserving logs for analysis Escalating confirmed incidents to leadership or SOC teams Coordinating with IT or DevOps for containment and remediation Creating after-action reports (AAR) post-incident In addition, the role may include assistance with monitoring Vulnerability Management tools, such as ACAS and ePO Minimum Requirements Have at least three years of working knowledge and hands-on experience with Elastic/Splunk query languages, monitoring SIEM dashboards and real-time alerts, fine-tuning SIEM rules to reduce noise, and NIST 800-53 & DevSecOps frameworks Must have a DoD/DoW Secret Security Clearance US Citizenship is required Required IT Level: ITII Must currently possess a Security+ certificate Creativity and adaptability in problem-solving Ability to work with clients to understand their needs Strong organizational and time-management skills Excellent written and verbal communication skills Professional presence Preferred Skills Ability to work in a team environment, as well as independently Strong customer and vendor relationship skills Demonstrated ability to comply with data standards and policies Motivation to learn new technologies and methodologies that demonstrate value Past experience working with a federal agency Department of Defense/Department of War experience is a plus! About CSCI CSCI is an award-winning information technology and financial management consulting firm founded on one simple philosophy: "Do what is right, always." We apply this philosophy across all elements of our growing business, from delivering world-class services for customers to providing an environment where associates thrive both personally and professionally. At CSCI, work and fun aren't diametrically opposed! At CSCI, our goal is to hire people with proven track records and retain them with an energizing, diverse company culture. We value each associate's natural drive to excel, and we provide them with the freedom to do things their way. CSCI seeks the best and brightest in the industry-those who are ready to move their lives and career forward. Join us today and get excited about Mondays again! Benefits of Working at CSCI Competitive salaries Generous Paid Time Off (PTO) package Paid holidays aligned to the Federal calendar Full health benefits including medical, dental, vision, and life insurance 401(k) retirement plan Team building events Professional development support Legal CSCI complies with all applicable Federal, state, and local employment regulations. Please reach out to with any questions. Equal Employment Opportunity All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. CSCI provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. If you require an accommodation, please contact CSCI Human Resources for further assistance. For questions regarding the qualifications listed above, please contact the CSCI Recruiting Team. E-Verify CSCI participates in E-Verify to confirm the employment eligibility of all newly hired employees. For more information, please visit********************* California Consumer Privacy Act (CCPA) Notice As part of the application and recruitment process, CSCI Consulting, Inc. may collect personal information as described under the California Consumer Privacy Act (CCPA). This information is collected solely for employment-related purposes, including evaluating your qualifications, processing your application, and complying with legal obligations. By applying to this position, you acknowledge that you have read and understand the following notice regarding the collection of your personal information as a job applicant: Categories of Information Collected: Personal identifiers, employment history, educational information, and any other information provided in your application or as part of the interview process. Purposes for Collecting Information: To review your application, assess your qualifications, and manage the hiring process. Retention and Security: Information collected will be retained indefinitely and will be securely stored and handled in accordance with CCPA guidelines and CSCI Consulting, Inc. policies. Rights of Applicants: Under CCPA, California residents have the right to request information about the personal data we collect, delete it, and request restrictions on certain uses. However, some information may be retained as required by law. For further information, or to exercise your rights under the CCPA, please contact CSCI's HR team. Disclaimer The above declarations are not intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be such a listing of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job.

** DO NOT APPLY IF YOU DO NOT HAVE AN ACTIVE SECRET CLEARANCE AND A CISSP** Location: Suitland, MD - Full-Time, On-Site Salary Range: $130,000 - $140,000 annually . Who We Are RCG is a fast-growing federal contracting firm proudly Certified as a Great Place to Work. We are committed to fostering a culture of innovation, inclusion, and excellence. At RCG, we deliver technology and mission support services that help government agencies succeed. We are currently seeking a Deputy Information Assurance Engineer / Deputy Information Systems Security Officer (Deputy ISSO) to support our federal government customer in Suitland, MD. This position is fully on-site and supports mission-critical systems within the JPSS/LCCS program. Please note: Due to the secure nature of this government agency, all candidates must be U.S. Citizens and able to successfully pass the required background investigation. The Opportunity This role is ideal for a senior Information Assurance professional who will serve as a Deputy ISSO and team lead, supporting authorization, compliance, and continuous monitoring activities for NOAA JPSS/LCCS systems. The Deputy ISSO will provide leadership to junior ISSOs, maintain system ATOs, and collaborate closely with multiple technical and operational teams to ensure a strong and compliant security posture. The successful candidate will play a key leadership role across A&A, POA&M management, Continuous Monitoring, change control, and incident response activities. What You'll Do Deputy ISSO / Team Lead Responsibilities Serve as Deputy ISSO Team Lead, advising, mentoring, and training junior ISSOs on security and compliance activities. Provide guidance on RMF, FISMA, and program-level security processes. JPSS/LCCS A-ISSO Responsibilities Maintain and support ATO packages for NOAA 5042 and NOAA 5065-1 systems. Lead Assessment & Authorization (A&A) documentation reviews, updates, and Security Control Assessment (SCA) activities. Work closely with OMS, LGSS, FVTS, MSC, and GP Security teams to maintain and improve overall program security posture. Lead weekly cross-contract POA&M and security operations management meetings. Participate in and vote during Mission Change Control Boards (CCBs) for system modifications. Lead JPSS/LCCS Continuous Monitoring working group meetings. Serve as Chair of the program SSID documentation review board. Assist in incident response activities, working directly with operational and cybersecurity teams. Maintain strong working relationships with Federal clients, including System Owners, ISSOs, Flight, and Operations personnel. Required Qualifications Active Secret clearance (REQUIRED). Bachelor's degree in a relevant technical field. Minimum 8 years of experience in Information Assurance, Information Security, or ISSO-related roles. Demonstrated experience supporting RMF, FISMA, ATO, and Continuous Monitoring activities. Proven leadership experience mentoring or leading junior security staff. Strong ability to collaborate across multiple technical, operational, and security teams. Excellent written and verbal communication skills. Certifications (Required) CISSP Physical Demands The physical demands described here are representative of those required to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. EEO Statement RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on race, color, religion, sex, sexual orientation/gender identity, or national origin.

Job Description Who is Saliense? Saliense is a growing Management and Technology Consulting Solutions provider based out of Mclean, VA. We work to solve our client's toughest challenges within the Defense, Civilian, Financial, and Healthcare industries. Our diverse employees support vital missions for government and commercial customers. For more information, visit ***************** Why Saliense? In addition to providing a fun, energetic environment that promotes innovation and personal growth, we offer excellent compensation packages with plenty of opportunities for advancement. We pay 100% of the premiums for employee Healthcare, including medical, dental, and vision. We offer a 401K match, and all company contributions are 100% vested immediately. Since we believe in work-life balance so much, we offer 20 days of paid leave per year. Use it as you need it or use it all at once and go travel for a month! We are proud to offer parental leave. There are many more - connect with us to get a preview of the full benefits package. Saliense has a new opportunity for an Information Security Analyst to support the U.S. Marshals in Arlington, VA. This is a hybrid position that requires 2 days onsite every other week in Arlington, VA. Information Security Analyst must have experience (i.e., a minimum of one (1) year) within federal information systems security policy and implementation. At a minimum, a core set of knowledge of federal information system security policy, industry best practices, security control assessments, Plan of Action and Milestones (POA&M) management, system authorizations, configuration management, and system analysis. Responsibilities: Develop and execute test plans of the OMB Circular A-123 internal control assessments. Develop and execute test plans of the FISMA internal control assessments. Determine, gather, examine, and analyze artifacts related to OMB Circular A-123 security control assessments and remediation verification. Determine, gather, examine, and analyze artifacts related to FISMA security control assessments and remediation verification. Document all assessment activities and results in sufficient detail to enable external review of all assessment processes, activities, results, and conclusions. Provide recommendations and guidance for corrective action of all non-compliant security controls. Provide security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current. Provide support for verifying compliance with the Federal Information System Modernization Action (FISMA) as part of both internal and external control assessments/audits across all accredited agency information technology systems. Provides technical evaluations of customer systems and assists with making security improvements. Conducts security product evaluations, and recommends products, technologies, and upgrades to improve the customer's security posture. Required Experience: Must have a minimum of one (1) year of federal information systems security experience. Minimum Educational Requirements: BS/BA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology-related discipline. ***Saliense Consulting LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Tactibit Technologies provides innovative information technology, cybersecurity, and cloud support services to the Federal Government. We support some of the nation's most critical and demanding projects including satellite operations, critical infrastructure, and search and rescue. We are a diverse team of hands-on professionals dedicated to solving problems and developing innovative solutions in support of our customers' critical missions. Our success is dependent on our inclusive, collaborative environment with a shared commitment to excellence in everything we do. About the Information Security Compliance Specialist position We are looking for a talented cybersecurity professional to join our team in Suitland, MD. You will provide information security support for NOAA's satellite operations missions. You will help develop and maintain effective security and risk management programs on complex government information systems. As an Information Security Compliance Specialist, you will be expected to document security control implementations, maintain a variety of security documents, and monitor the effectiveness of the overall security program. We expect you to have a passion for cybersecurity and attention to detail. You should have a desire to work with satellite data and products for the public and government. Besides, you should be able to perform well working in a team, along with system administrators, engineers and scientists. This position is located at a government facility in Suitland, MD. The position is eligible for a flexible work arrangement. Information Security Compliance Specialist responsibilities are: Provide overall cybersecurity program support to the Information System Security Officer (ISSO) and System Owner (SO) Provide security documentation support including documenting the implementation details of security controls in System Security Plans Identify and recommend technical or policy changes to improve security Plan, coordinate, and review technical artifacts to demonstrate the effectiveness of security controls Support security control assessments, penetration tests, and similar testing efforts by coordinating with stakeholders, communicating project plans, and providing guidance to technical and non-technical staff Write and maintain core security documentation including System Security Plans and Contingency Plans Plan, manage, and oversee Plans of Actions and Milestone (POA&Ms) Coordinate security efforts and improvements with stakeholders including system administrators and operations teams Monitor and report on vulnerability management program effectiveness including vulnerability scanning and patch management Coordinate responses to data calls, audits, and other external requests Coordinate security assessment efforts including Security Controls Assessments (SCAs), penetration testing, and risk assessments Plan, manage, and coordinate annual system assessment and authorization activities, to include continuous monitoring Information Security Compliance Specialist requirements are: 3+ years of cybersecurity experience Experience with Federal government environments and concepts including NIST Risk Management Framework, NIST SP 800-53 security controls, and DISA Security Technical Implementation Guides (STIGs) Strong problem solving skills and ability to work under pressure Strong written and verbal communication skills Ability to understand and explain complex security concepts and requirements to a variety of technical and non-technical personnel BS degree in Computer Science, Cybersecurity, or other related area Must be a US Citizen and eligible to obtain a security clearance Desired Qualifications are: Experience with government security assessment and management tools such as CSAM Experience with the NIST Risk Management Framework Experience with issue tracking and configuration management systems and processes Industry certifications such as CISSP, GIAC certifications, Security+, and others Experience with vulnerability management tools including Tenable Nessus Experience with continuous monitoring and log management tools including ArcSight, BigFix, ePolicy Orchestrator, and similar tools Active Secret security clearance

RMF / Security Assessment (TS/SCI w/CI Poly) C4CD-S LCAT = Information Security Analyst, Journeyman ============================================================================== Securicon is seeking an Information Security Analyst with a desire to be an integral part of unprecedented times as they work within the DoD to build high-value relationships and experience with a team focused on service, excellence, and overcoming unique wicked challenges via teamwork. You will also have the opportunity to grow your knowledge throughout your time with Securicon through training and working alongside subject matter experts on a daily basis. The opportunities are only as limited as you want them to be! If you want the opportunity to learn from professionals from various backgrounds and experience levels and absorb the vast amount of knowledge there is in the DoD, Securicon is where you want to be! What You'll Be Doing: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services. Develop and design security solutions to maintain confidentiality, integrity, and availability of information throughout the enterprise. Identify, plan, and document improvements to security controls. Develop and document recommendations and courses of action (COAs) to solve complex cybersecurity problems. Develop and interpret cybersecurity requirements and assist in the formulation of cybersecurity/IT budgets. Plan and schedule the installation of new or modified security hardware, operating systems, and software applications. Ensure the assessment and implementation of identified computer and network environment fixes as part of the Cybersecurity Vulnerability Management program. Guide the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program. Maintain the appropriate operational security posture for an information system. Manage the security of the information system through Certification & Accreditation (C&A). Support the information system owner for the completion of security related responsibilities. Review System Security Plans (SSP) and solutions. Recommend security mechanism implementations. Evaluate and document the effectiveness of solutions implemented to provide the "CIA Triad". Required Skills and Qualifications: Active TS/SCI with CI polygraph. Minimum of a Bachelor's Degree in a technical or business discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline. Active DoD 8570 IAM Level II Security Certification (CGRC, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP) Minimum 5 years related experience. Must know Risk Management Framework (RMF). Preferred/Desired Skills: Experience with DoD Cybersecurity Policies. Experience with Xacta Solutions (Xacta 360). Knowledge of Enterprise Mission Assurance Support Service (eMASS). Exposure to AWS (Amazon Web Services), ACAS (Security scanning software), vCenter, WSUS (Windows Server Update Service), and/or STIGs/IAVA. A problem solver who can get in, be given a project, and use engineering skills to determine a solution. Able to build systems from the ground up - network architecture/systems engineering. Location: Columbia, MD (Customer Site - CANX)

Information Security Analyst, Information Assurance/RMF Active Secret Required Hybrid schedule CISSP, CAP, or CISM certification required Nationwide IT Services, NIS, is seeking an Information Security Analyst/Information Assurance/RMF for the following potential opportunity. Core Responsibilities: Support the execution of the full cybersecurity and RMF lifecycle for DoD and Federal systems, with emphasis on security control implementation, assessment, authorization, and continuous monitoring activities. Perform vulnerability scanning and compliance validation, including, but not limited to, ACAS scanning, STIG assessments, SCAP validation, and configuration compliance checks. Analyze vulnerability scan results, identify false positives, assess risk severity, and support remediation planning in coordination with engineering and operations teams. Track, document, and manage remediation activities and Plans of Action and Milestones (POA&Ms) through closure, ensuring alignment with mandated timelines and risk tolerance. Support RMF authorization activities, including initial ATOs, ATO renewals, significant change packages, and continuous authorization (cATO) efforts. Support and execute Information Security Continuous Monitoring (ISCM) activities, including vulnerability trend analysis, control effectiveness validation, configuration drift monitoring, and security posture reporting. Support the implementation and monitoring of Zero Trust security principles at a system level, including identity awareness, least privilege access, and continuous validation of users, devices, and workloads. Prepare, review, and maintain cybersecurity and authorization artifacts in eMASS, including, but not limited to: System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Control implementation narratives and supporting evidence packages Conduct security control assessments and support independent verification and validation activities. Assist with the implementation and maintenance of security controls aligned with NIST SP 800-53 and DoD cybersecurity requirements. Coordinate with system owners, cybersecurity engineers, and program leadership to communicate security findings, risks, and remediation status. Support cybersecurity audits, inspections, and Cyber Operational Readiness Assessments (CORA), ensuring accurate documentation and evidence traceability. Assist in maintaining compliance with applicable cybersecurity policies, including FISMA, DoD RMF, DoD Zero Trust guidance, and the DoD Cloud Computing Security Requirements Guide (CC SRG). Qualifications: Active Secret clearance required. Five or more years of experience in information security, information assurance, or cybersecurity operations, with experience supporting RMF-based programs. Hands-on experience performing vulnerability scanning and compliance assessments using tools such as ACAS, STIG Viewer, and SCAP Compliance Checker. Experience supporting RMF documentation and authorization packages, including SSPs, SARs, and POA&Ms. Working knowledge of NIST SP 800-53, NIST RMF, and DoD cybersecurity policies. Experience using eMASS to support RMF lifecycle activities and track authorization artifacts. Familiarity with cloud security concepts and environments such as AWS GovCloud or Microsoft Azure Government. One or more cybersecurity certifications required, including CISSP, CCSP, CISM, and CASP+ ( Renamed SecurityX) Preferred Qualification: Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or a related field. About Nationwide IT Services NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers, leveraging technology, people, and industry best practices to implement innovative solutions through our trusted employees and team members. Our benefits package includes medical, dental, and vision insurance, life and disability insurance, 401(k) plan with employer match, paid holidays, PTO (sick/vacation), commuter benefits, employee assistance program (EAP), and educational reimbursement, along with Pet Insurance. Nationwide IT Services, Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race, color, religion, sex, national origin, sexual orientation, gender identity, genetics, disability, or protected veteran status. for the following potential opportunity. Core Responsibilities: Support the execution of the full cybersecurity and RMF lifecycle for DoD and Federal systems, with emphasis on security control implementation, assessment, authorization, and continuous monitoring activities. Perform vulnerability scanning and compliance validation, including, but not limited to, ACAS scanning, STIG assessments, SCAP validation, and configuration compliance checks. Analyze vulnerability scan results, identify false positives, assess risk severity, and support remediation planning in coordination with engineering and operations teams. Track, document, and manage remediation activities and Plans of Action and Milestones (POA&Ms) through closure, ensuring alignment with mandated timelines and risk tolerance. Support RMF authorization activities, including initial ATOs, ATO renewals, significant change packages, and continuous authorization (cATO) efforts. Support and execute Information Security Continuous Monitoring (ISCM) activities, including vulnerability trend analysis, control effectiveness validation, configuration drift monitoring, and security posture reporting. Support the implementation and monitoring of Zero Trust security principles at a system level, including identity awareness, least privilege access, and continuous validation of users, devices, and workloads. Prepare, review, and maintain cybersecurity and authorization artifacts in eMASS, including, but not limited to: System Security Plans (SSPs) Security Assessment Reports (SARs) Plans of Action and Milestones (POA&Ms) Control implementation narratives and supporting evidence packages Conduct security control assessments and support independent verification and validation activities. Assist with the implementation and maintenance of security controls aligned with NIST SP 800-53 and DoD cybersecurity requirements. Coordinate with system owners, cybersecurity engineers, and program leadership to communicate security findings, risks, and remediation status. Support cybersecurity audits, inspections, and Cyber Operational Readiness Assessments (CORA), ensuring accurate documentation and evidence traceability. Assist in maintaining compliance with applicable cybersecurity policies, including FISMA, DoD RMF, DoD Zero Trust guidance, and the DoD Cloud Computing Security Requirements Guide (CC SRG). Qualifications: Active Secret clearance required. Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or a related field. Five or more years of experience in information security, information assurance, or cybersecurity operations, with experience supporting RMF-based programs. Hands-on experience performing vulnerability scanning and compliance assessments using tools such as ACAS, STIG Viewer, and SCAP Compliance Checker. Experience supporting RMF documentation and authorization packages, including SSPs, SARs, and POA&Ms. Working knowledge of NIST SP 800-53, NIST RMF, and DoD cybersecurity policies. Experience using eMASS to support RMF lifecycle activities and track authorization artifacts. Familiarity with cloud security concepts and environments such as AWS GovCloud or Microsoft Azure Government. One or more cybersecurity certifications required, including CISSP, CCSP, CISM, and CASP+ ( Renamed SecurityX) About Nationwide IT Services NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers, leveraging technology, people, and industry best practices to implement innovative solutions through our trusted employees and team members. Our benefits package includes medical, dental, and vision insurance, life and disability insurance, 401(k) plan with employer match, paid holidays, PTO (sick/vacation), commuter benefits, employee assistance program (EAP), and educational reimbursement, along with Pet Insurance. Nationwide IT Services, Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race, color, religion, sex, national origin, sexual orientation, gender identity, genetics, disability, or protected veteran status.

General information Requisition # R63174 Posting Date 09/10/2025 Security Clearance Required Secret Remote Type Onsite Time Type Full time Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we've been a trusted partner to the Department of Defense, delivering cutting-edge projects that make a real impact. Dive into exciting opportunities in Cybersecurity, IT, Data Analytics and more. Propel your career forward and be part of something extraordinary. Your journey starts now-protect and innovate with MANTECH! MANTECH seeks a motivated, career and customer-oriented Information Security Analyst to join our team in Belcamp, MD. This is an onsite position. The Information Security Analyst will work in support of the Army for the Network Modernization & Mission Network Technical Service Support program (NetMod). NetMod sets forth the work efforts required to provide product technical support services for systems and equipment being produced, fielded, modified or supported by PdM Network Modernization (NetMod) and PdM Mission Network of the Project Manager (PM) Tactical Network (TN) of the Program Executive Office for Command Control and Communications-Tactical (PEO C3T). This support may also include future systems and equipment that is acquired for the Army to maintain its technological advantage. Job responsibilities include but are not limited to: * Providing network environment and advanced level computing environment support. * Paying special attention to intrusion detection, finding and fixing unprotected vulnerabilities, and ensuring that remote access points are well secured. * Collecting data from a variety of Computer Network Defense (CND) tools (including data from approved information assurance (IA) tools to include intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within their environment. * Applying analytical skills to this data and all compliance with relevant non-technical controls, such as physical security and configuration management, to perform an audit function for the Agent of the Certification Authority (ACA) or other government Information Assurance (IA) Manager for mitigation of risks and reporting to include report generation for certification and accreditation packages or Certification of Networthiness efforts. * Conduct vulnerability assessments, risk analysis, and incident responses. * Actively monitoring network traffic for suspicious activity and potential security breaches. * Identify weaknesses in systems and applications to proactively address security risks. Minimum Qualifications: * Bachelor's degree in Science and 5+ years of relevant experience. * 3+ years in the Department of Defense performing information management related duties. * Must be Information Assurance (IA) Trained and Certified per the Defense Federal Acquisition Regulation Supplement. * Possess an understanding of network protocols and security principles. * Demonstrated experience in security tools and technologies (firewalls, intrusion detection/prevention systems, SIEM). * Experience with vulnerability scanning and penetration testing. * Possess analytical and problem-solving skills to identify and address security threats. Preferred Qualifications: * Basic understanding of programming * Experience with participating in simulated cyberattacks to identify vulnerabilities in systems and applications. * Experience updating and implementing complex security systems for an organization. Clearance Requirements: * Must be a US citizen and have a current/active Secret clearance. Physical Requirements: * Must be able to remain in a stationary position 50% of the time. * Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. * Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations. The projected compensation range for this position is $68,500.00-$114,100.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, MANTECH invests in its employees beyond just compensation. MANTECH's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, short-term and long-term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections. MANTECH International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation. If you need a reasonable accommodation to apply for a position with MANTECH, please email us at ******************* and provide your name and contact information.

Are you looking for your next challenge? Are you ready to work with a performance-based small company? At Zantech, we are a dynamic Woman Owned Small Business focused on providing complex, mission-focused solutions with a proven track record of outstanding customer performance and high employee satisfaction. We would love to talk with you regarding the next step in your career. Come join our team! Zantech is looking for a talented Information Security Analyst - SME to provide specialized cybersecurity expertise supporting risk management operations, conduct security assessments, implement continuous monitoring solutions, and develop training programs for an upcoming Hybrid role supporting USCIS based out of Camp Springs, MD. The SME will provide Continuous Process Improvement (CPI), Risk Management Operations Support, Continuous Monitoring and Internal Control Testing Support, Information Systems Security Officer (ISSO) Development, and Agile Security Services Surge Support. Responsibilities include, but will not be limited to: Conduct comprehensive security risk assessments and gap analyses Implement and maintain continuous monitoring solutions Perform security control testing and validation Develop and deliver specialized cybersecurity training programs Support incident response and vulnerability management activities Create security documentation and standard operating procedures Analyze security events and provide recommendations Support compliance audits and assessments Must be able to work in agile environment with competing priorities Expected to support multiple functional areas and cross-train May be required for surge support activities Required Experience or Knowledge of the following technologies/functions: 5+ years in information security, risk management, or cybersecurity operations Security risk assessment and analysis NIST frameworks (RMF, CSF, 800-53) implementation Vulnerability assessment and penetration testing Security Information and Event Management (SIEM) tools Incident response and forensics Security control implementation and testing Training development and delivery Required Certifications/Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field Preferred Certifications/Education: Master's degree in Cybersecurity or related field Industry-recognized security training program Required Security Clearance: US Citizenship and the ability to obtain and maintain an active Public Trust or higher clearance, per contract requirements. “Outstanding Performance…Always!” Our corporate motto represents our commitment to build long-term relationships with both our clients and our employees by providing the highest quality service in everything we do. We strive for excellence for our clients and for each other. We embrace the opportunity to hire individuals with new talents and fresh perspectives. Zantech offers competitive compensation, strong benefits, and a vacation package, as well as a fast-paced and exciting work environment. Come join our team!

TLA is seeking a detail-oriented and proactive Information System Security Analyst to join our IT department. This critical role involves safeguarding our organization's sensitive data and computer systems from evolving cyber threats. The analyst will be responsible for monitoring network activity, identifying vulnerabilities, responding to incidents, and ensuring compliance with security standards and regulations. The ideal candidate will have strong analytical skills and a passion for staying current with the latest IT security trends and technologies. Key Responsibilities: · Monitoring and Detection: Monitor the organization's networks and systems for security breaches and suspicious activity using Security Information and Event Management (SIEM) tools. · Vulnerability Management: Conduct regular vulnerability assessments and penetration tests to identify potential weaknesses in computer systems and applications. · Incident Response: Respond promptly to security incidents and breaches, investigate their root cause, contain the damage, and coordinate remediation efforts. · Policy and Compliance: Develop, implement, and maintain security policies, standards, and procedures to ensure compliance with relevant industry standards and regulations (e.g., NIST, ISO 27001, HIPAA, GDPR, PCI-DSS). · Security Measures: Install, configure, and maintain security software and tools, such as firewalls, data encryption programs, and antivirus systems. · Risk Assessment: Perform risk analyses of systems and applications to determine security requirements and recommend enhancements to management and senior IT staff. · Training and Awareness: Provide security awareness training and guidance to employees on best practices and new security procedures. · Documentation and Reporting: Prepare detailed reports of security assessments, incidents, and general security metrics for technical and non-technical audiences. Requirements TLA is seeking a detail-oriented and proactive Information System Security Analyst to join our IT department. This critical role involves safeguarding our organization's sensitive data and computer systems from evolving cyber threats. The analyst will be responsible for monitoring network activity, identifying vulnerabilities, responding to incidents, and ensuring compliance with security standards and regulations. The ideal candidate will have strong analytical skills and a passion for staying current with the latest IT security trends and technologies. Key Responsibilities: · Monitoring and Detection: Monitor the organization's networks and systems for security breaches and suspicious activity using Security Information and Event Management (SIEM) tools. · Vulnerability Management: Conduct regular vulnerability assessments and penetration tests to identify potential weaknesses in computer systems and applications. · Incident Response: Respond promptly to security incidents and breaches, investigate their root cause, contain the damage, and coordinate remediation efforts. · Policy and Compliance: Develop, implement, and maintain security policies, standards, and procedures to ensure compliance with relevant industry standards and regulations (e.g., NIST, ISO 27001, HIPAA, GDPR, PCI-DSS). · Security Measures: Install, configure, and maintain security software and tools, such as firewalls, data encryption programs, and antivirus systems. · Risk Assessment: Perform risk analyses of systems and applications to determine security requirements and recommend enhancements to management and senior IT staff. · Training and Awareness: Provide security awareness training and guidance to employees on best practices and new security procedures. · Documentation and Reporting: Prepare detailed reports of security assessments, incidents, and general security metrics for technical and non-technical audiences. Benefits At TLA, we build solutions that matter-supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers. We offer a competitive and comprehensive benefits package including: Competitive salary and performance bonuses Medical, dental, and vision coverage Paid time off and federal holidays 401(k) with company match Education and certification reimbursement Training and professional development opportunities Employee referral bonuses and team events TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.