Information security analyst jobs in Harrisonburg, VA - 2,209 jobs

A leading technology firm is seeking a Cyber Machine Learning Engineer to build and improve machine learning models for detecting cyber threats. The ideal candidate has significant experience in cyber threat hunting and proficiency in Python and MLOps practices. This position offers a competitive compensation range of $99,000 to $225,000 annually, along with comprehensive benefits including health, life, and professional development opportunities. The job supports flexible work arrangements. #J-18808-Ljbffr

A healthcare technology firm located in Maryland is seeking a Senior Security Engineer I to enhance security capabilities within cloud-native environments. The candidate will design and implement security solutions, lead incident response efforts, and collaborate with various teams to strengthen security posture. Applicants should have a degree in Computer Science or related field, extensive experience in security engineering, and proficiency in scripting languages like Python and Bash. This role offers a supportive workplace that values diversity and innovation. #J-18808-Ljbffr

Conviso Inc is looking for ISSO Officer for onsite Job. This role comes with benefits, 401K & some accrued PTO. The Ideal must have hands-on technical and analytical experience supporting the RMF lifecycle, cybersecurity monitoring, continuous authorization, and security control assessments. Are you open to new opportunities & could this be of interest? On Site Job at 3 locations - Albuquerque NM, Las Vegas NV, Germantown MD Active Top-Secret Clearance Required Title: Information System Security Officer (ISSO) Minimum 3 years as an ISSO Required Skills: ISSO personnel must understand and interpret data from security tools and apply NIST frameworks with precision. Capabilities include: Proficiency in NIST SP 800-37, 800-53, 800-60, FIPS 199, CNSSI 1253. Ability to perform risk assessments, system categorization, and control selection. Experience with eGRC tools (e.g., Archer) for documentation, continuous monitoring, and POA&M management. Responsibilities: Prepare: Support enterprise, mission, and system-level RMF readiness, establish tailored baselines, identify assets, assess risks, and determine system placement in the enterprise architecture. Categorize Information Systems: Perform FIPS 199 categorization, develop SSP subsections, register systems, and ensure early engagement with developers to integrate cybersecurity impact analysis. Select Security Controls: Document, implement, and validate selected controls, incorporating security architecture, privacy requirements, and common control inheritance. Assessment: Develop assessment plans, test controls, produce SARs, document findings, and support POA&M development. Data Calls: Provide timely and accurate evidence and responses using approved tools. Internal & External Assessments: Support audits, collaborate with internal and external partners, and perform self-assessments. Program-Level Documentation Support: Maintain program policies, adjudicate comments, and assess the impact of federal directives and legislation.

Job Summary:Responsible for reducing the impact of information security incidents and system compromises. They do so by assisting with security monitoring, incident / event investigation and analysis, roleplay through tabletop events and "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, participating with security and data privacy assessment as well as providing recommendation for endpoints, servers, and network infrastructure. They are responsible for the understanding and identification of indicators of compromise (IoC) as well as helping understand evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy. Job Responsibilities:• Perform security incident investigations and reporting according to the Incident Response Plan (IRP).• Perform industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.• Contribute to network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended.• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.• Assist and support user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.• Participate in any breach analysis activities to help discover root cause.• Participate in disaster and business continuity recovery planning as well as plan execution should an event occur.• Analyze and provide security model planning input for cloud (SaaS) access and monitoring. Including protection recommendations associated with IT architecture for cloud and hybridized computing.• Provide support for compliance activities for SOX, PCI, CPNI, and data privacy regulations around PII, PHI, and financial data.• Actively participate in red team / blue team engagements led by more senior team members or by select management approved security partners.• Participate in threat modeling activities with more senior team members or with select management approved security partners. Qualification Requirements:• Education: Bachelor's degree in Computer Science, Network Administration, Cybersecurity, or a related field required; Master's degree preferred; relevant certifications and professional experience may be considered in lieu of formal education.• Experience Level: 5-7 years of Software Development, Network Administration, or Cyber Security experience is required.• Experience in securing applications (front end / back end, SaaS), servers, or networks is required. • Experience in the event log monitoring of computer systems is required.• Experience with industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) as well as experience with PII, PHI, CPNI, and PCI data handling requirements is required.• Experience in information security or data privacy investigative work is required.• 2-3 years of Splunk or SIEM experience is preferred.• Experience with SOX compliance is preferred.• Experience with mobile device management (MDM) is preferred. Job Skills & Knowledge:• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.• Ability to develop and analyze processes.• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.• Ability to identify detailed information risk and to apply governance compliance concepts and principles.• Must have excellent verbal and written skills.• Must be able to work effectively in a team environment.• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.• Ability to develop security policies, procedures, standards, and guidelines.• Capability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate. Knowledge of:• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions.• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.)• Applicable knowledge of Information Technology, security and data privacy fundamentals, and networking. Certifications:• CompTIA Network+ and Security+ certifications required, or equivalent certifications demonstrating foundational knowledge in networking and security. Candidates with substantial hands-on experience may be considered in lieu of formal certification.• Computer Hacking Forensic Investigator (CHFI) or Certified Ethical Hacker (CEH) Certifications preferred.

* Leidos Life Hub provides access to discount offers or cashback rewards with over 400 Australian and International retailers. * Due to the nature of the role, you must be an Australian Citizen and hold either a NV-1 or NV-2 Security Clearance Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here ******************************************************* Do Work That Matters Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets. Your New Role and Responsibilities Leidos Australia is expanding our 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere. We seek Cyber Security Analysts to work on a rotating shift roster (typically 12-hour shifts) onsite at HMAS Harman in Canberra. The roles and responsibilities extend to: * Monitor and Analyse Security Events: Continuously monitor networks and endpoints for security alerts, threats, and intrusions using SIEM tools, IDS/IPS, and endpoint protection systems. * Incident Response and Management: Triage, investigate, and manage security incidents end-to-end, including escalation and reporting as required. * Threat and Vulnerability Management: Assess emerging threats and vulnerabilities, develop custom detection signatures, and implement measures to mitigate risks. * Security Tool Administration and Process Improvement: Maintain and support security tools, review and improve operational processes, and ensure the health of deployed security systems. * Stakeholder Communication and Reporting: Collaborate with internal teams and stakeholders, produce reports, and contribute to the development of SOC tactics, techniques, and procedures. What You'll Bring to Make an Impact * Technical Cyber Security Knowledge: Working knowledge of industry and government cybersecurity frameworks, SIEM tools, IDS/IPS, and endpoint security solutions. * Analytical and Problem-Solving Skills: Ability to identify, analyse, and resolve complex security issues with a proactive and self-starting approach. * Incident Response Expertise: Experience in detecting, responding to, and mitigating cyber threats using adversary TTPs and IOCs. * Communication and Stakeholder Management: Strong verbal and written communication skills for incident reporting and stakeholder engagement. * Adaptability and Continuous Learning: Willingness to rapidly upskill, work in a 24/7 rotating shift environment, and stay updated on evolving cyber threats. Don't worry if you don't tick all the boxes - if you meet most of them, we encourage you to submit your application. We're most interested in your strengths, what you want to learn and how far you want to go. Diverse Team Members, Shared Values and a Common Purpose Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase - Chief Executive, Leidos Australia. Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups. Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community. Next Steps * To apply for this role, follow the links or apply via our Careers page. * Recruitment process - 1 virtual interview and/or 1 face-to-face & background checks. * Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1. * We are committed to making our recruitment process accessible to all candidates. Please get in touch with our Careers team ************************ if you'd like to discuss any additional support during your application or throughout the recruitment process. If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

**Req ID:** RQ210351 **Type of Requisition:** Regular **Clearance Level Must Be Able to Obtain:** Top Secret SCI + Polygraph **Public Trust/Other Required:** None **Job Family:** Cyber and IT Risk Management **Skills:** Case Management,Cybersecurity,Incident Analysis,Security Incident Response **Experience:** 7 + years of related experience **US Citizenship Required:** Yes **Job Description:** Own your career as a Security Incident Analyst (SIA) at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. The Security Incident Analyst (SIA) is responsible for the mitigation of security incidents on DIA information systems. The SIA investigates incidents involving information technology (IT) assets and DIA personnel to the DIA Computer Network Defense Center (DCNDC) and Information Systems Security Managers (ISSM) for situational awareness and tracking purposes. SIA then manages, coordinates, and reports mitigation actions in order to sanitize agency assets prior to resolving cases. HOW A SECURITY INCIDENT ANALYST WILL MAKE AN IMPACT + Manage network computer and system security incidents relating to data spills, misclassifications, unauthorized software downloads, system misconfigurations, cross-domain violations, etc. + Perform incident investigation and analysis to research and gather information for mitigation coordination. + Utilize cyber and case management tools. + Prepare case evidence and incident reports. + Provide training and guidance to less-experienced technical staff members, and customer education to network users. + Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: + Bachelor's Degree and 7+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. + DoD Approved Baseline 8570 IAT level III (CASP, CISSP, CISA, etc.) certification is required prior to start date. + DoD Approved Baseline 8570 CSSP Auditor (CEH, CySA, CISA, etc.) certification is required prior to start date. + Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph. + Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems. Location: On Customer Site + Bolling AFB, Washington D.C. + Reston, VA + Colorado Springs, CO + Norfolk, VA + Riverdale, MD + Charlottesville, VA + Pearl Harbor, HI GDIT IS YOUR PLACE: + 401K with company match + Comprehensive health and wellness packages + Internal mobility team dedicated to helping you own your career + Professional growth opportunities including paid education and certifications + Cutting-edge technology you can learn from + Rest and recharge with paid vacation and holidays The likely salary range for this position is $127,500 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events at ******************** Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

GCI embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry. At GCI, we solve the hard problems. As a Data Exploiter, a typical day will include the following duties: A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination. Able to identify, triage and exploit data collections. REQUIRED QUALIFICATIONS * Experience conducting network traffic analysis. * Prepare a range of tailored products that embody and explain findings * Ability to sift through large amounts of unstructured data for key data points (i.e., metadata and artifacts). * Demonstrated knowledge of incident response, containment, and mitigation * Knowledge of common cyber-attack methods. * Demonstrated experience conducting detailed log analysis and system monitoring to understand system status, detect system breaches, and identify other system anomalies. * Demonstrated experience performing vulnerability identification, risk analysis, and remediation. * Ability to triage, review, identify, and correlate items of interest from numerous all source datasets. * Ability to evaluate worldwide security events to assess system impact and/or risk (e.g., zero day exploits, hardware failures, and/or cyber-attacks). * Ability to identify and document information that can fill critical gaps. * Create new methodologies / algorithms for data analysis and correlation. * Create entity / object profiles and derived data sets that enable future opportunities and analytical efforts. * Experience with technical collection abilities. DESIRED QUALIFICATIONS * Experience with scripting to exploit large data sets * Strong understanding of VPNs, VLANs, and TCP/IP. * Experience with Linux operating systems. * Experience with OS hardening using tools such as CIS-CAT. * Ability to work independently with minimal supervision. * Experience with navigating an enterprise security accreditation process. * Demonstrated experience and understanding of network monitoring tools (e.g Splunk, WSUS, Snare, Wireshark, and Solarwinds). * Technical targeting experience. * Russian Language skills or demonstrated knowledge of the EE AOR REQUIRED EDUCATION AND EXPERIENCE * Bachelor's degree in Computer Science, Information Technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience. KEY RESPONSIBILITIES * Provide data exploitation support to the customer. * Assist with attribution efforts related to cyber activity. * Use a variety of tools and methods to extract information of foreign intelligence, counterintelligence and targeting value from digital data. * Create a range of products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs. * Work with a team to analyze existing software applications and tools, and recommend new technologies and methodologies to improve team performance. * Write and update technical documentation such as user manuals, system documentation, training materials, processes and procedures. * Collaborate cross-functionally with data scientists, engineers, developers, targeters, and analysts. * Provide recommendations for continuous improvement. * Work alongside other team members to sustain and advance our organization's capabilities. Salary Range $134,596-$224,764 * A candidate must be a US Citizen and requires an active/current TS/SCI with Polygraph clearance. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

SierTeK proudly serves our clients by providing expertise in the Program Management, Information Technology, and Administrative Support domains. Founded in 2007 as a minority and service-disabled veteran-owned company, we serve as prime- and subcontractor for a multitude of Federal Department of Defense contracts. By focusing on continual improvement, our services remain at the forefront of our industry, and we pride ourselves on delivering our services with the highest degree of integrity. SierTeK Ltd. is seeking a Visual Imagery Intrusion Detection System (VIIDS) to support an opportunity at Joint Base Andrews, MD. POSITION OVERVIEW SECTION The employee shall provide Tiers 2 and 3 support to install, configure, administer, manage, maintain/update and provide VIIDS support and repairs required to keep listed critical VIIDS systems and components fully operational. The employee shall ensure the VIIDS as a whole and all hardware and software components meet or exceed all applicable Government standards and regulations. The employee shall ensure all listed VIIDS, and components are kept updated to meet or exceed all industry standards and are fully functional. The employee shall maintain and keep current any relevant Government documentation on a SharePoint site or similar web/application-based tracking tool (on premise) for all VIIDS. Essential Job Functions Provide onsite emergency support to resolve any issues within 1 hour of notification by the Government to include outside normal duty hours. The Government will determine what constitutes an emergency on a case-by-case basis. Prepare and maintain project planning documentation, create, and maintain network maps/diagrams (static and active/dynamic which are maintained/updated continuously), and presentation material. Acceptable Formats are Adobe Acrobat and Visio. The employee shall provide these materials to the Government within three (3) business days of the request and follow all required document classification requirements. The employee shall provide a written monthly status report on the VIIDS repair and maintenance activities in a mutually agreed upon format. Minimum Position Requirements * 3+ years of experience in network design and administration and possess Cisco or equivalent certification, e.g., CCNA, CCNP. Individual(s) shall have advanced understanding of server maintenance and operation. * Honeywell Vindicator Intrusion Detection System, Access Control, and Vindicator Command and Control certification and maintain active certification with Honeywell. Certification shall be maintained for the duration of the task order. * Top Secret with capability of being upgraded to Yankee White SierTeK is an equal opportunity employer. Employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, gender identity and sexual orientation. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, and training. If you need assistance or accommodation due to a disability, you may contact us at 1+************.

Key Role: Define, communicate, and implement cybersecurity architecture and administration processes for Amazon Web Services (AWS) and Microsoft Azure cloud environments across multiple network domains. Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to design, implement, verify, and continuously monitor cloud solutions across multiple domains. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents for Cloud environments in alignment with existing RMF packages. Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO) on multiple networks. Evaluate enhancements to Cloud environments against RMF controls and DoD Security Technical Implementation Guidance (STIG) requirements. Support data capture and configuration within tools to enable achievement of the organization's Assessment and Authorization (A&A) objectives. Work without considerable direction. Mentor and supervise team members, as needed. Basic Qualifications: 4+ years of experience securing computer systems, performing DoD authorization activities, developing a body of evidence for RMF, and writing security plans 4+ years of hands-on experience with secure IT architecture and computing hardware and software Experience working with Cloud technologies, including AWS, Azure, or Infrastructure as a Service Experience with Microsoft Sentinel and Defender for incident monitoring and endpoint security Experience with scripts and PowerShell, and Bash to provide automated scanning or monitoring solutions Experience supporting security reviews of software and system releases within a DevSecOps framework, supporting recurring path-to-production software and system release activities Experience with terminology, processes, and regulations of IT system A&A for the RMF Top Secret clearance HS diploma or GED Ability to obtain DoD Directive 8570 or 8140 Series IAT Level II Certification within 90 days of hire date Additional Qualifications: Experience assessing and authorizing network connections between on-premise and cloud Experience in planning, implementing, and managing continuous monitoring solutions and working within an Agile-based project management framework Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration Experience with code management tools such as GIT or GitLab in a team setting Experience with the Army, DoD, or Intelligence Community (IC) Information Assurance (IA) or Information Systems Experience in Information System Security Engineer (ISSE) or Information System Security Officer (ISSO) roles Knowledge of terminology and federal regulations related to the specification, development, acquisition, and maintenance of IT systems Ability to work independently and as an integrated member of a project team Possession of excellent verbal and written communication skills TS/SCI clearance Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Job Description CADRE is relied upon for delivering superior insight and leadership to solve the nation's most critical national security challenges in the most demanding environments. is located in Northern Virginia with flexible core hours. The Network Analyst (NA) will be responsible for daily substantive work to the Senior Management Team. The NA will also be a member of multidisciplinary teams. The Network Analysis team is composed of Network Analysts covering three distinct areas of industry and a candidate is likely to be a subject matter expert in only one or two areas: Telecom and data transport and switching engineering in support of traditional telcos Data center network engineering in support of intra- and inter-data center transport. Network architect or cellular network engineering for 3G, 4G, and/or 5G to include core network (EPC and 5G) and radio network engineering Duties: This Network Analyst performs the following core functions: Coordinate with the customer's other multidisciplinary teams to provide timely and accurate network analysis regarding the logical and physical routes of key telecommunications networks within a designated area Work with appropriate members and organizations to evaluate the role and value of potential network operations Display a mastery of relevant network operations, principles and best practices across various projects Employ their mastery creatively to support the multidisciplinary teams in providing direct mapping and graphics inputs into the customer's modeling tool as well as in modeling briefings Display subject matter expertise on complex projects Perform other duties as assigned at the direction of Project Management Required Qualifications: Ability to obtain and maintain a TS/SCI with poly Bachelor's degree preferred, in a STEM discipline (e.g. Computer Science, Cyber Security, Engineering, Mathematics, or Statistics). Other degrees are acceptable with a strong analytic and technical acumen. No degree + fourteen (14) years relevant experience Associate's degree and twelve (12) years relevant experience. Bachelor's degree and ten (10) years relevant experience. Minimum of 10 years (current) of commercial/industry experience in one of the following roles: Facility engineer or network planner (TDM and/or Data) Large scale networking engineering across multiple packet fabrics, such as google B4 Core network engineer, or radio network engineer with experience in 3G, 4G and/or 5G engineering OR equivalent NSA experience. Strong understanding of network technologies, protocols, systems and equipment to include one or more of the following: SONET/SDH, OTN, MSAN, MSPP, MPLS/IP-MPLS, VoIP, IP Multimedia Services (IMS), DWDM, ROADM, Software Defined Networks (SDN) WAN and LAN, multi fabric networks, mesh networks, Session Border Controllers, fabric management, radio access network, front haul, back haul, BGP, OSPF, ISIS, SIP, 5G/LT/LAN interworking, VoLTE, SRVCC, DRVCC, ETSI MANO, OSS/BSS Experience in commercial/industrial telecommunications networks, providing physical and logical network routes to answer strategic requirements. Working knowledge of Network Management Systems (NMS) in the network and or Network Function Virtualization and SDN Working knowledge of one or more of the following: Public Switched Telephone Network (PSTN) Data networks (IP, MPLS, traffic engineering, OpenFlow) Dedicated/Private communications networks both traditional voice and VOIP VOIP networks, softswitches, SBCs Fiber optic cable, characteristics, engineering, installation and maintenance RF related technologies such as cellular technologies, microwave, millimeter wave and VSAT Gigabit-capable Passive Optical Network (GPON) technology Strong analytical skills Ability to work with large volumes of data Computer and database skills Desired Qualifications: Active TS/SCI with poly with most recent BI/Polygraph dates within the last five years Foreign language capability is not required but is considered a plus Job Posted by ApplicantPro

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security and Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for Capital One's Enterprise Data organization Coordinate and execute proactive Information Security consulting to the business and technology teams covering API Security, File Transfer, Data Security, Infrastructure Security, Resiliency, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures, and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED, or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of Security concepts At least 5 years of experience performing security risk assessments and security architecture reviews At least 5 years of experience with architecture, software design, networking, and cloud infrastructure At least 3 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 6+ years of experience with Software Security Architecture, Application Security, Threat Modeling, Penetration Testing, or Vulnerability Management 6+ years of experience in securing a public cloud environment and building software utilizing public cloud 6+ years of experience with Cloud patch management practices such as system rehydration or image management 1+ years of experience utilizing Agile methodologies 1+ years of experience with API Security 1+ years of experience with File Transfer systems 1+ years of experience with data ecosystems, applications, privacy, and compliance 1+ years of experience with integrating SaaS products into an Enterprise Environment 1+ years of experience with securing Container services 1+ years of experience with Splunk-Fu and Enterprise Monitoring 1+ years of experience with Offensive or Defensive Security techniques 1+ years of Financial services industry experience Experience in a regulated environment AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $229,900 - $262,400 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Job Summary:Responsible for reducing the impact of information security incidents and system compromises. They do so by assisting with security monitoring, incident / event investigation and analysis, roleplay through tabletop events and "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, participating with security and data privacy assessment as well as providing recommendation for endpoints, servers, and network infrastructure. They are responsible for the understanding and identification of indicators of compromise (IoC) as well as helping understand evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy. Job Responsibilities:• Perform security incident investigations and reporting according to the Incident Response Plan (IRP).• Perform industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.• Contribute to network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended.• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.• Assist and support user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.• Participate in any breach analysis activities to help discover root cause.• Participate in disaster and business continuity recovery planning as well as plan execution should an event occur.• Analyze and provide security model planning input for cloud (SaaS) access and monitoring. Including protection recommendations associated with IT architecture for cloud and hybridized computing.• Provide support for compliance activities for SOX, PCI, CPNI, and data privacy regulations around PII, PHI, and financial data.• Actively participate in red team / blue team engagements led by more senior team members or by select management approved security partners.• Participate in threat modeling activities with more senior team members or with select management approved security partners. Qualification Requirements:• Education: Bachelor's degree in Computer Science, Network Administration, Cybersecurity, or a related field required; Master's degree preferred; relevant certifications and professional experience may be considered in lieu of formal education.• Experience Level: 5-7 years of Software Development, Network Administration, or Cyber Security experience is required.• Experience in securing applications (front end / back end, SaaS), servers, or networks is required. • Experience in the event log monitoring of computer systems is required.• Experience with industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) as well as experience with PII, PHI, CPNI, and PCI data handling requirements is required.• Experience in information security or data privacy investigative work is required.• 2-3 years of Splunk or SIEM experience is preferred.• Experience with SOX compliance is preferred.• Experience with mobile device management (MDM) is preferred. Job Skills & Knowledge:• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.• Ability to develop and analyze processes.• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.• Ability to identify detailed information risk and to apply governance compliance concepts and principles.• Must have excellent verbal and written skills.• Must be able to work effectively in a team environment.• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.• Ability to develop security policies, procedures, standards, and guidelines.• Capability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate. Knowledge of:• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions.• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.)• Applicable knowledge of Information Technology, security and data privacy fundamentals, and networking. Certifications:• CompTIA Network+ and Security+ certifications required, or equivalent certifications demonstrating foundational knowledge in networking and security. Candidates with substantial hands-on experience may be considered in lieu of formal certification.• Computer Hacking Forensic Investigator (CHFI) or Certified Ethical Hacker (CEH) Certifications preferred.

* Develop your leadership potential within the cyber domain as a shift lead * Mentor your fellow team members in technical and professional skill * Build and shape security tooling to defend critical national security infrastructure * Challenge yourself by sinking your teeth into some wicked problem sets * Help build the team culture that you have always wanted to work in * Leidos Life Hub provides access to discount offers or cashback rewards with over 400 Australian and International retailers. * Due to the nature of the role, you must be an Australian Citizen and hold either a NV-1 or NV-2 Security Clearance Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here ******************************************************* Do Work That Matters Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets. Your New Role and Responsibilities Leidos Australia is expanding our 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere. We seek an experienced Senior Cyber Security Analyst to inspire, motivate, and mentor team members in achieving Defence mission outcomes. This permanent role requires the successful applicant to work on a rotating shift roster (typically 12-hour shifts) onsite at HMAS Harman in Canberra. The roles and responsibilities extend to: * Demonstrating leadership as the shift lead and within the broader team to meet mission and contractual outcomes * Working collaboratively with stakeholders to triage, manage and report on security incidents, * Actively building relationships with stakeholders. * Actively developing SOC tactics, techniques and procedures (TTPs) and security toolsets. * Develop custom signatures to Identify, Detect, Protect, Respond and Recover from adversaries' attacks. * Assist in threat hunt operations using known adversary TTPs and Indicators of Compromise (IOCs) to detect advanced threats. * Develop security operational documentation and Incident report writing * Undertake management Service Level Reporting in line with contractual requirements and emerging business needs on the security of the environment * Identify and evaluate new sources of intelligence and integrate numerous types of cyber security data sources into cyber threat analysis products. What You'll Bring to Make an Impact This role is suited to a Senior Cyber Security Analyst who holds: * Industry ICT Security qualifications such as CompTIA Sec+, CISSP, GIAC, GCIH etc. (are desired but not essential) * Tertiary education (Bachelor's degree in Engineering, Computer Science or equivalent) desired, but not essential (equivalent work experience highly preferred) * Current NV-1 or NV-2 Security Clearance Additionally, you would also be able to demonstrate experience in: * Developing, maintaining and monitoring SIEM (Splunk) apps, rulesets, dashboards and workflows * Intermediate to advanced Windows, Linux and Networking skills * Intermediate to advanced Incident Response professional skills * Trellix EPO, Tenable and Palo Alto platforms, or similar * Scripting and automation technologies To be successful in this role, you will need: * Self-starting individual with the right attitude, aptitude and zeal to identify, take ownership of and solve challenging problems * Interest in continual learning and development of the team and themselves * Be prepared to upskill yourself and the team to respond to adversaries rapidly * Strong communication and stakeholder management skills * Clear working understanding of industry and government cyber security frameworks Don't worry if you don't tick all the boxes - if you meet most of them, we encourage you to submit your application. We're most interested in your strengths, what you want to learn and how far you want to go. Diverse Team Members, Shared Values and a Common Purpose Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase - Chief Executive, Leidos Australia. Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups. Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community. Next Steps * To apply for this role, follow the links or apply via our Careers page. * Recruitment process - 1 virtual interview and/or 1 face-to-face & background checks. * Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1. * We are committed to making our recruitment process accessible to all candidates. Please get in touch with our Careers team ************************ if you'd like to discuss any additional support during your application or throughout the recruitment process. If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

GCI embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry. At GCI, we solve the hard problems. As a Data Exploiter, a typical day will include the following duties: A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination. Able to identify, triage and exploit data collections. REQUIRED QUALIFICATIONS Experience conducting network traffic analysis. Prepare a range of tailored products that embody and explain findings Ability to sift through large amounts of unstructured data for key data points (i.e., metadata and artifacts). Demonstrated knowledge of incident response, containment, and mitigation Knowledge of common cyber-attack methods. Demonstrated experience conducting detailed log analysis and system monitoring to understand system status, detect system breaches, and identify other system anomalies. Demonstrated experience performing vulnerability identification, risk analysis, and remediation. Ability to triage, review, identify, and correlate items of interest from numerous all source datasets. Ability to evaluate worldwide security events to assess system impact and/or risk (e.g., zero day exploits, hardware failures, and/or cyber-attacks). Ability to identify and document information that can fill critical gaps. Create new methodologies / algorithms for data analysis and correlation. Create entity / object profiles and derived data sets that enable future opportunities and analytical efforts. Experience with technical collection abilities. DESIRED QUALIFICATIONS Experience with scripting to exploit large data sets Strong understanding of VPNs, VLANs, and TCP/IP. Experience with Linux operating systems. Experience with OS hardening using tools such as CIS-CAT. Ability to work independently with minimal supervision. Experience with navigating an enterprise security accreditation process. Demonstrated experience and understanding of network monitoring tools (e.g Splunk, WSUS, Snare, Wireshark, and Solarwinds). Technical targeting experience. Russian Language skills or demonstrated knowledge of the EE AOR REQUIRED EDUCATION AND EXPERIENCE Bachelor's degree in Computer Science, Information Technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience. KEY RESPONSIBILITIES Provide data exploitation support to the customer. Assist with attribution efforts related to cyber activity. Use a variety of tools and methods to extract information of foreign intelligence, counterintelligence and targeting value from digital data. Create a range of products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs. Work with a team to analyze existing software applications and tools, and recommend new technologies and methodologies to improve team performance. Write and update technical documentation such as user manuals, system documentation, training materials, processes and procedures. Collaborate cross-functionally with data scientists, engineers, developers, targeters, and analysts. Provide recommendations for continuous improvement. Work alongside other team members to sustain and advance our organization's capabilities. Salary Range $134,596-$224,764 *A candidate must be a US Citizen and requires an active/current TS/SCI with Polygraph clearance. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Key Role: Define, communicate, and implement cybersecurity architecture and administration processes for Amazon Web Services (AWS) and Microsoft Azure cloud environments across multiple network domains. Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to design, implement, verify, and continuously monitor cloud solutions across multiple domains. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents for Cloud environments in alignment with existing RMF packages. Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO) on multiple networks. Evaluate enhancements to Cloud environments against RMF controls and DoD Security Technical Implementation Guidance (STIG) requirements. Support data capture and configuration within tools to enable achievement of the organization's Assessment and Authorization (A&A) objectives. Work without considerable direction. Mentor and supervise team members, as needed. Basic Qualifications: * 4+ years of experience securing computer systems, performing DoD authorization activities, developing a body of evidence for RMF, and writing security plans * 4+ years of hands-on experience with secure IT architecture and computing hardware and software * Experience working with Cloud technologies, including AWS, Azure, or Infrastructure as a Service * Experience with Microsoft Sentinel and Defender for incident monitoring and endpoint security * Experience with scripts and PowerShell, and Bash to provide automated scanning or monitoring solutions * Experience supporting security reviews of software and system releases within a DevSecOps framework, supporting recurring path-to-production software and system release activities * Experience with terminology, processes, and regulations of IT system A&A for the RMF * Top Secret clearance * HS diploma or GED * Ability to obtain DoD Directive 8570 or 8140 Series IAT Level II Certification within 90 days of hire date Additional Qualifications: * Experience assessing and authorizing network connections between on-premise and cloud * Experience in planning, implementing, and managing continuous monitoring solutions and working within an Agile-based project management framework * Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration * Experience with code management tools such as GIT or GitLab in a team setting * Experience with the Army, DoD, or Intelligence Community (IC) Information Assurance (IA) or Information Systems * Experience in Information System Security Engineer (ISSE) or Information System Security Officer (ISSO) roles * Knowledge of terminology and federal regulations related to the specification, development, acquisition, and maintenance of IT systems * Ability to work independently and as an integrated member of a project team * Possession of excellent verbal and written communication skills * TS/SCI clearance Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. * If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. * If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

CADRE is relied upon for delivering superior insight and leadership to solve the nation's most critical national security challenges in the most demanding environments. is located in Northern Virginia with flexible core hours. The Network Analyst (NA) will be responsible for daily substantive work to the Senior Management Team. The NA will also be a member of multidisciplinary teams. The Network Analysis team is composed of Network Analysts covering three distinct areas of industry and a candidate is likely to be a subject matter expert in only one or two areas: Telecom and data transport and switching engineering in support of traditional telcos Data center network engineering in support of intra- and inter-data center transport. Network architect or cellular network engineering for 3G, 4G, and/or 5G to include core network (EPC and 5G) and radio network engineering Duties: This Network Analyst performs the following core functions: Coordinate with the customer's other multidisciplinary teams to provide timely and accurate network analysis regarding the logical and physical routes of key telecommunications networks within a designated area Work with appropriate members and organizations to evaluate the role and value of potential network operations Display a mastery of relevant network operations, principles and best practices across various projects Employ their mastery creatively to support the multidisciplinary teams in providing direct mapping and graphics inputs into the customer's modeling tool as well as in modeling briefings Display subject matter expertise on complex projects Perform other duties as assigned at the direction of Project Management Required Qualifications: Ability to obtain and maintain a TS/SCI with poly Bachelor's degree preferred, in a STEM discipline (e.g. Computer Science, Cyber Security, Engineering, Mathematics, or Statistics). Other degrees are acceptable with a strong analytic and technical acumen. No degree + fourteen (14) years relevant experience Associate's degree and twelve (12) years relevant experience. Bachelor's degree and ten (10) years relevant experience. Minimum of 10 years (current) of commercial/industry experience in one of the following roles: Facility engineer or network planner (TDM and/or Data) Large scale networking engineering across multiple packet fabrics, such as google B4 Core network engineer, or radio network engineer with experience in 3G, 4G and/or 5G engineering OR equivalent NSA experience. Strong understanding of network technologies, protocols, systems and equipment to include one or more of the following: SONET/SDH, OTN, MSAN, MSPP, MPLS/IP-MPLS, VoIP, IP Multimedia Services (IMS), DWDM, ROADM, Software Defined Networks (SDN) WAN and LAN, multi fabric networks, mesh networks, Session Border Controllers, fabric management, radio access network, front haul, back haul, BGP, OSPF, ISIS, SIP, 5G/LT/LAN interworking, VoLTE, SRVCC, DRVCC, ETSI MANO, OSS/BSS Experience in commercial/industrial telecommunications networks, providing physical and logical network routes to answer strategic requirements. Working knowledge of Network Management Systems (NMS) in the network and or Network Function Virtualization and SDN Working knowledge of one or more of the following: Public Switched Telephone Network (PSTN) Data networks (IP, MPLS, traffic engineering, OpenFlow) Dedicated/Private communications networks both traditional voice and VOIP VOIP networks, softswitches, SBCs Fiber optic cable, characteristics, engineering, installation and maintenance RF related technologies such as cellular technologies, microwave, millimeter wave and VSAT Gigabit-capable Passive Optical Network (GPON) technology Strong analytical skills Ability to work with large volumes of data Computer and database skills Desired Qualifications: Active TS/SCI with poly with most recent BI/Polygraph dates within the last five years Foreign language capability is not required but is considered a plus

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with modern software, big data ecosystems, and cloud based technologies. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for the Enterprise Platforms line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Data Security, Web Security, and Mobile Security Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures, and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in development processes Escalate and manage cyber security risk Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats Deliver Cyber agenda and integration of Information Security within business objectives for the line of business area Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives You are able to tailor communications and analysis to the intended audience Basic Qualifications: High School Diploma, GED, or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 6 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing security risk assessments or security architecture reviews At least 5 years of experience with architecture, software design, networking, or cloud infrastructure At least 4 years of experience with cloud security engineering At least 2 years experience utilizing agile methodologies within DevOps environments Preferred Qualifications: Bachelor's Degree 8+ years of experience in cyber security or information technology 6+ years of experience in securing a public cloud environment 5+ years of experience securing Identity Applications 5+ years of experience with Threat Modeling AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Job Summary:Responsible for reducing the impact of information security incidents and system compromises. They do so by assisting with security monitoring, incident / event investigation and analysis, roleplay through tabletop events and "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, participating with security and data privacy assessment as well as providing recommendation for endpoints, servers, and network infrastructure. They are responsible for the understanding and identification of indicators of compromise (IoC) as well as helping understand evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy. Job Responsibilities:• Perform security incident investigations and reporting according to the Incident Response Plan (IRP).• Perform industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.• Contribute to network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended.• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.• Assist and support user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.• Participate in any breach analysis activities to help discover root cause.• Participate in disaster and business continuity recovery planning as well as plan execution should an event occur.• Analyze and provide security model planning input for cloud (SaaS) access and monitoring. Including protection recommendations associated with IT architecture for cloud and hybridized computing.• Provide support for compliance activities for SOX, PCI, CPNI, and data privacy regulations around PII, PHI, and financial data.• Actively participate in red team / blue team engagements led by more senior team members or by select management approved security partners.• Participate in threat modeling activities with more senior team members or with select management approved security partners. Qualification Requirements:• Education: Bachelor's degree in Computer Science, Network Administration, Cybersecurity, or a related field required; Master's degree preferred; relevant certifications and professional experience may be considered in lieu of formal education.• Experience Level: 5-7 years of Software Development, Network Administration, or Cyber Security experience is required.• Experience in securing applications (front end / back end, SaaS), servers, or networks is required. • Experience in the event log monitoring of computer systems is required.• Experience with industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) as well as experience with PII, PHI, CPNI, and PCI data handling requirements is required.• Experience in information security or data privacy investigative work is required.• 2-3 years of Splunk or SIEM experience is preferred.• Experience with SOX compliance is preferred.• Experience with mobile device management (MDM) is preferred. Job Skills & Knowledge:• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.• Ability to develop and analyze processes.• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.• Ability to identify detailed information risk and to apply governance compliance concepts and principles.• Must have excellent verbal and written skills.• Must be able to work effectively in a team environment.• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.• Ability to develop security policies, procedures, standards, and guidelines.• Capability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate. Knowledge of:• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions.• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.)• Applicable knowledge of Information Technology, security and data privacy fundamentals, and networking. Certifications:• CompTIA Network+ and Security+ certifications required, or equivalent certifications demonstrating foundational knowledge in networking and security. Candidates with substantial hands-on experience may be considered in lieu of formal certification.• Computer Hacking Forensic Investigator (CHFI) or Certified Ethical Hacker (CEH) Certifications preferred.

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with modern software, big data ecosystems, and cloud based technologies. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for the Enterprise Platforms line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Data Security, Web Security, and Mobile Security Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures, and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in development processes Escalate and manage cyber security risk Educate and influence executive leadership and associates to effectively leverage security capabilities and solutions to mitigate risks and emerging threats Deliver Cyber agenda and integration of Information Security within business objectives for the line of business area Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives You are able to tailor communications and analysis to the intended audience Basic Qualifications: High School Diploma, GED, or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 6 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing security risk assessments or security architecture reviews At least 5 years of experience with architecture, software design, networking, or cloud infrastructure At least 4 years of experience with cloud security engineering At least 2 years experience utilizing agile methodologies within DevOps environments Preferred Qualifications: Bachelor's Degree 8+ years of experience in cyber security or information technology 6+ years of experience in securing a public cloud environment 5+ years of experience securing Identity Applications 5+ years of experience with Threat Modeling AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).