Information security analyst jobs in Johnson City, TN

In this contingent resource assignment, candidate may: Participate in low to moderately complex initiatives and identify opportunity for process improvements within Information Security Analysis. Review and analyze basic or tactical Information Security Analysis assignments or challenges that require research, evaluation, and selection of alternatives, related to low-to-medium risk deliverables. Present recommendations for resolving low to moderately complex situations and exercise some independent judgment while developing understanding of function, policies, procedures, and compliance requirements. Provide information to client personnel in Information Security Analysis. Required Qualifications: 2 plus years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education. Desired Qualifications: Hands-on experience with IAM Tools (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Experience with authentication standards (LDAP, SAML, OAuth, Open ID, SCIM). Experience with security compliance frameworks (ISO, NIST, SOX, PCI) Ability to interact with various layers of leadership Ability to prioritize work, meet deadlines, and achieve deliverables Strong organizational, multi-tasking, and prioritizing skills Customer service focus with the ability to respond to requests in a timely manner Intermediate Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills Pay Range: $40- $45 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.

ABOUT THE ROLE Individual is able to work without assistance; provides leadership for others; able to manage highly complex work efforts; may have advanced education; has extensive industry experience. The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related projects for the agency. Coordinates response to information security incidents. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with Commonwealth IT Security policies, standards, and guidelines. Conducts campus-wide data classification assessment and security audits and manages remediation plans. Collaborates with IT management, Internal Audit, and VITA to manage security vulnerabilities. Creates, manages and maintains user security awareness. Conducts security research and keeps abreast of latest security issues. Prepares IT security documentation, including department policies and procedures, agency notifications, Web content, and alerts.

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

We are currently seeking a Cybersecurity Engineer to become part of the Federal Strategic Cyber group. Location: Arlington, VA. This is a full-time, working on-site role. The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges. About the Role Support the Security Standards & Baselines (SSB) section within the Technology, Innovation, and Engineering (TIE) Office. Identify and provide solutions to enhance and/or streamline processes and automate work flow. Need to have a strong technical background and expertise in various areas of cybersecurity. Promote awareness of security issues among management and ensure sound security principles are reflected in organizations' visions and goals. Communicate complex security concepts to both technical and non-technical stakeholders, including senior management. Possess strong problem-solving and decision-making abilities to guide the organization in making informed security decisions. Perform extensive research and documentation of security threat vectors. Provide guidance and coaching to team members. Create bulletins, alerts, and/or advisories related to published or developmental standards and/or security principal documents. Ensure that rigorous application of information security/information assurance policies, principles, and practices are implemented in the delivery of all IT services. Evaluate a wide array of existing, new, modified, and/or emerging technologies and develop recommended security configuration baselines documents that implement Departmental policy, technical security solutions, and industry best practices in alignment with Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) as much as possible. Respond to various technical and policy questions from a wide range of customers/users with guidance and clarifications. Promote awareness of cybersecurity standards and principles among the customer stakeholders, coworkers, and the Department users. Collaborate with fellow team members and various internal and external stakeholders to share information and knowledge to establish and maintain a productive line of communication. Streamline processes to improve efficiency of Mission goals. Manage information and updates in SharePoint repositories. Keep awareness of items involving fellow team members to provide back up support and coverage as needed. Qualifications: Bachelor's degree and a minimum of 5 years' of relevant experience. An additional 4 years of experience will be considered in lieu of degree/education. Either possess or obtain prior to start date ONE of the following certifications: CAP, CASP+ CE, CCISO, CCNA-Security, CISM, CISSP (or Associate), CISSP (or Associate), CND, CSSLP, CySA+, GICSP, GSEC, GSLC, Security+ CE, SSCP, PPDA, Agile IC, SNOW App Dev. Experience with DISA STIG - Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG). Experience developing and executing research plans. Experience working with Windows Server on an enterprise level. Experience managing Active Directory in a multi-domain environment. Experience working with server/application virtualization on an enterprise. Demonstrated excellence in business acumen, team orientation and strong customer service skills. U.S. citizenship required. Active Secret security clearance. Ability to obtain a final Top Secret security clearance. Highly Desired: Experience with process automation. Technical writing skills. Engineering/maintaining database infrastructure including SQL and Oracle experience. Active Directory Federation Services (ADFS), Azure, Active Directory experience. Experience developing and managing virtualized IT systems. Networking technologies experience. Configuration and/or administrating enterprise mobile device deployments experience. Experience working with Red Hat Enterprise Linux servers on an enterprise level. For any questions regarding this job announcement or the status of your application, please contact our Director of Recruiting, Mr. Brian Jennings, via email at ********************.

Our government client is looking for an experienced IT Security Analyst on a hybrid 6+ months renewable contract role in Richmond, VA. - IT Security Analyst | HYBRID W2 RATE - $65/hr - $70/hr Job description: Individual is able to work without assistance; provides leadership for others; able to manage highly complex work efforts; may have advanced education; has extensive industry experience. The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related projects for the agency. Coordinates response to information security incidents. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with Commonwealth IT Security policies, standards, and guidelines. Conducts campus-wide data classification assessment and security audits and manages remediation plans. Collaborates with IT management, Internal Audit, and VITA to manage security vulnerabilities. Creates, manages and maintains user security awareness. Conducts security research and keeps abreast of latest security issues. Prepares IT security documentation, including department policies and procedures, agency notifications, Web content, and alerts. Required/Desired Experience: 12 Years of Individual must have experience working without assistance; providing leadership for others; managing highly complex work efforts. Required 7 Years of Individual must have experience in the IT Security or related field. Required About Vector: Vector Consulting, Inc., (Headquartered in Atlanta) is an IT Talent Acquisition Solutions firm committed to delivering results. Since our founding in 1990, we have been partnering with our customers, understanding their business, and developing solutions with a commitment to quality, reliability and value. Our continuing growth has been and continues to be built around successful relationships that are based on our organization's operating philosophy and commitment to ** People, Partnerships, Purpose and Performance - THE VECTOR WAY ************************ “Celebrating 30 years of service.”

In cybersecurity, we help keep our diverse environment from design, merchandizing, supply chain, eCommerce, and enterprise secure in a dynamic space. The IT Security team is looking for a passionate cybersecurity leader who wants to make an impact in multiple environments. Family Dollar is looking for a detailed and results oriented Security Engineering Manager leader who will be responsible for overseeing and managing the security of its information systems and data. This person will lead a team of cybersecurity professionals and work closely with other departments to protect the organization's digital assets, data and systems from cyber threats and breaches. This role is critical to the strategic and tactical success of Family Dollar's cybersecurity program. As the leader of this team, you will be responsible for providing strategic and operational direction of our security engineering solutions and cybersecurity tool stack. Under the direction of Director, Cybersecurity, the Security Engineering Manager takes a lead role in ensuring the security of all protected information collected, used, maintained, or released by Family Dollar. This role plays a vital role in ensuring the confidentiality, integrity and availability of our data. It is a critical role in the face of an ever-evolving landscape of cyber threats and attacks. Principal Duties and Responsibilities Partnering with teams across the organization to influence security by design to help drive overall direction of our technical security solutions. Accountable for end-to-end life cycle of our security tool portfolio (e.g., Firewalls, IDS/IPS, WAF, IAM, DLP, SIEM, Proxy, DDoS, Antimalware, Cloud network infrastructure technologies) Ensuring the hardening of our infrastructure (e.g., authentication, MFA, perimeter edge.) Driving standards and expectations of secure practices across the organization such as data security, defense-in-depth, SASE, Zero Trust etc. Collaborating with senior leadership to assess and understand strategic initiatives to ensure IT Security support. Act as a subject matter expert to provide advisory guidance to other teams. Interface and influence leaders at varying levels and roles within the company to drive security ownership. Keeping up to date with the security landscape to ensure our teams are providing strong defenses. Strong decision-making, problem-solving abilities, and leadership abilities to manage multiple, often conflicting priorities to successful completion. Demonstrate commitment to high standards of ethics and values, regulatory compliance, and business integrity. Excellent management skills to drive the personal development of the team and individuals. Maintain all security tools and technology. In charge of security systems, such as firewalls, data protection controls, patching. Ensures that project/department milestones/goals are met and adhering to approved budgets. Has full authority for personnel actions. Evaluates risks and improves Family Dollar's security positioning through process improvement, policy, automation, and the continuous evolution of capabilities. Implements processes to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts. Schedules regular testing of effectiveness and efficiency of controls within area of ownership. Remains current on best practices and technological advancements and acts as the technical resource for information security. Minimum Requirements/Qualifications 5+ years of experience in cybersecurity. 2+ years as a security leader of a team (e.g., Incident Response, Engineering team). 5+ years' experience leveraging and implementing cybersecurity frameworks such as, MITRE ATTACK, MITRE D3FEND, OWASP Top 10, CIS Controls, NIST CSF, NIST 800-53, etc. 10+ years of advanced IT skills with high level of information security experience and expertise. Knowledge of securing network technologies, client, and server operating systems. Ability to develop and maintain security baselines based on best practices and industry standards. Experience responding to, analyzing, problem solving, and communicating information security incidents. 6+ years of planning and managing security projects. Excellent interpersonal, communication, and presentation skills, including formal report writing experience. Understanding of common security standards and regulations relating to a retail environment (e.g., PCI DSS, NIST CSF, ISO2700x, etc.) Team leadership and management. Foster a culture of security awareness and compliance within the organization. Ability to work in agile and waterfall frameworks as needed 1-3 years as a technical leader / supervisor with strong analytical and problem-solving skills identifying risks and championing that change. 5+ years of experience interfacing with varying levels of leadership and roles within a company, influencing security change. Minimum of 5 years' experience with modern security tool stacks Network security tools (e.g., WAF, Proxies, IDS/IPS, VPN, Taps, Firewalls) Endpoint security tools (e.g., AV, EDR, Application Control, PKI) Security Operations tools (e.g., SIEM) Authentication and authorization tools (e.g., PAM, SSO, SAML, IAM, MFA) Data Security tools (e.g., eDiscovery, DSPM) Cloud (e.g., CSPM) and other implications of cybersecurity Strong knowledge of cybersecurity concepts Secure protection and detection techniques Application security Vulnerability management Exploitation techniques Incident response Data privacy and encryption Endpoint platforms (Windows, Linux & Mac, iOS/Android) Desired Qualifications Bachelors in Information Technology or other four-year related degree

Immediate need for a talented Cloud Security Engineer.This is a 12+ Months contract opportunity with long-term potential and is located in Richmond, VA USA (Onsite) Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95757 Pay Range: $80 - $84/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Wiz Platform Deployment & Ownership CSPM, CWPP, CI/CD Integration & Remediation Alerting, Monitoring & Incident Response Integration Remediation, Ownership & Continuous Improvement Cloud Security Engineering & Architecture playbook creation. Leadership, Strategy & Governance Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing. Lead efforts related to designing, planning, enhancing, and testing all Cloud cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies. Analyze information to determine, recommend, and plan the use of new Cloud information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions. Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner. Creation of CI/CD automation leveraging Terraform for Cloud Security Services and Modules Leads teams or projects with moderate resource requirements, risk, and complexity. Key Requirements and Technology Experience: Key Skills; Cloud Security, AWS/Azure/GCP, Wiz platform Bachelor's degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security Previous experience in leading complex IT projects 10+ years Cloud Security experience 6+ years securing AWS/Azure/GCP Deep expertise in Wiz platform Strong experience with CSPM, CWPP, CI/CD security Strong automation and scripting background Experience in Global 100 or Fortune 50 environments Wiz Architect/Practitioner certifications AWS/Azure/GCP security certifications Banking or financial services experience. Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.) Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.) Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s) Our client is a leading Banking Industry , and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING! This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below. “Beware of scams. S3 never asks for money during its onboarding process.” Job Title: Information Security Engineer- Automation (Cisco ISE) Location: Charlotte, NC 28262/ Raleigh, NC 27607 Onsite Work Contract Length: 24+ Months Pay: 75-80 an hr on W2 About the Role We are seeking a highly motivated Information Security Engineer to design and implement automation solutions that streamline and enhance management of the Cisco Identity Services Engine (ISE) platform. This role is ideal for a proactive, self-directed engineer who thrives in complex environments and enjoys building scalable, secure automation that reduces manual effort and improves operational efficiency. You will play a key role in developing automation workflows, integrating systems via APIs, and collaborating with cross-functional teams to translate business and security requirements into reliable, maintainable solutions. Key Responsibilities Design, develop, and implement automation workflows to support Cisco ISE configuration, policy updates, and operational tasks Build and maintain Python-based automation scripts and Ansible playbooks aligned with business and security requirements Develop application and system integrations using RESTful and/or SOAP APIs, including authentication mechanisms (OAuth, JWT), data transformation, and error handling Create secure, scalable API integrations with internal systems and third-party services Utilize API testing tools such as Postman and Swagger to validate functionality, performance, and security compliance Integrate automation solutions with external platforms (e.g., HashiCorp Vault) for secure credential and secrets management Develop custom tooling to simplify administrative processes and reduce manual day-to-day operational tasks Collaborate with internal stakeholders to gather requirements and deliver scalable automation solutions Document automation architecture, workflows, and usage guidelines to support maintainability and knowledge transfer Troubleshoot, optimize, and enhance automation scripts for reliability, scalability, and performance Required Qualifications Strong experience managing network infrastructure as code Advanced Python development skills Proven experience building Ansible playbooks based on business and operational requirements Hands-on experience creating and maintaining technical documentation (automation architecture, READMEs, runbooks) Ability to work independently, adapt to evolving requirements, and navigate complex or ambiguous processes with minimal supervision Nice-to-Have Qualifications Experience with Cisco Identity Services Engine (ISE) Background in network engineering or network security Work Location & Schedule This is a hybrid role requiring 3 full days per week onsite (8 hours per day) at one of the following locations:

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Data Intelligence LLC is seeking an experienced Senior Security Systems Engineer to support one of our premier Navy customers in Dahlgren, VA. This role provides advanced cybersecurity engineering and systems security support to U.S. Navy tactical and strategic weapons programs. The successful candidate will lead efforts related to Assessment & Authorization (A&A), Risk Management Framework (RMF) implementation, vulnerability management, and secure systems design for complex afloat and shore-based systems. This position is fully on-site in Dahlgren, VA. This position is contingent upon winning contract award. Key Responsibilities Lead cybersecurity engineering and systems security integration for U.S. Navy programs, with specific focus on tactical combat and Submarine-Launched Ballistic Missile (SLBM) systems. Perform system security engineering in accordance with DoD, DON, and NIST cybersecurity policies, standards, and best practices. Execute the full lifecycle of the Systems Engineering Technical Review (SETR) process, including design, review, and validation activities. Conduct and support Assessment and Authorization (A&A) activities under RMF, ensuring systems achieve and maintain Authorization to Operate (ATO). Manage vulnerability analysis and remediation for critical Navy systems and applications. Develop and maintain System Security Plans (SSPs), Cybersecurity Strategy and Evaluation (CSSE) documentation, and related artifacts. Design and evaluate secure network architectures and system boundaries, incorporating cybersecurity technologies such as: Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS) Routers, Switches, and Cross-Domain Solutions (CDS) Host-Based Security Systems (HBSS) Provide cybersecurity guidance for Platform IT (PIT) systems, supporting both land-based and afloat/tactical environments. Contribute to cybersecurity test planning, Model-Based Systems Engineering (MBSE) integration, and secure software/hardware development. Collaborate with multidisciplinary engineering teams and Navy program offices to ensure compliance with DoD cyber and safety standards. Deliver concise technical presentations and reports to senior leadership and stakeholders. Required Skills/Experience SLBM Programs: Minimum 7 years of direct experience with Submarine-Launched Ballistic Missile (SLBM) systems; OR Other Navy Programs: At least 5 years of program-specific security engineering experience with Navy afloat/tactical combat systems (e.g., Aegis, SSDS, Zumwalt); OR General Experience: 10+ years of general security engineering experience supporting DoD systems. Minimum 5 years of engineering experience on Aegis, SSDS, Zumwalt, or other Navy tactical combat systems (for at least six senior positions on this contract). Demonstrated experience in: Cybersecurity engineering and risk management DoD/Navy Assessment & Authorization (A&A) Vulnerability management across complex networked systems Proven understanding of DoD Cybersecurity policies, RMF, and Platform IT (PIT) implementation. Experience with the SSP Validator Handbook (for SLBM programs). Familiarity with combat weapons systems and afloat/tactical environments. Hands-on experience designing and assessing secure network architectures, cyber boundaries, and defense-in-depth strategies. Experience with cyber testing, test analysis, and secure computing system development. Strong written and verbal communication skills with the ability to brief senior leadership. Certifications (Required) IAT II, IAM II, or higher (e.g., Security+, CASP+, CISSP, or equivalent) NQV certification (desired, if applicable) Security Clearance Active Top Secret Clearance required; eligibility for higher-level access may be necessary based on program needs. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Title: Application Security Engineer Clearance Required: Public Trust Position Type: Full-Time About the company: At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high performance effective softwares, with impactful organizational design and organizational dynamics for software delivery. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies Job Summary: We are seeking an Application Security Engineer to support the modernization of a large-scale enterprise software development platform. This role focuses on securing CI/CD pipelines, enforcing DevSecOps best practices, and implementing automated security testing throughout the SDLC. The engineer will work closely with development and platform engineering teams to embed security into reusable templates, GitHub Actions, and deployment workflows, ensuring applications are built and deployed securely across environments. Key Responsibilities: Using GitHub Advanced security, review security findings of the organization. Review, validate, and approve request to remediate security findings. Review, validate, and approve request to dismiss security findings. Collaborate with Federal POC and FDIC security team to create and implement application security processes and standards. Identify gaps and design solutions to improve application security at the FDIC. Provide guidance to FDIC developers in regard to remediating findings when needed. Required Skills: Bachelor's degree in Computer Science, Engineering, Information Technology, or related field, or equivalent professional experience. Proficiency in at least one or two major enterprise languages (e.g., Java, .Net, C#, JavaScript) to effectively review code and understand development context. Experience integrating security tools (SAST/DAST/SCA) into CI/CD pipelines to automate vulnerability scanning. Proficient in conducting and interpreting results from SAST (Static Analysis Security Testing) DAST (Dynamic Analysis Security Testing) Manual Code Review for security flaws Deep understanding of the OWASP Top 10 and other common application security attack vectors (e.g., injection, XSS, broken access control). Knowledge of security considerations for large, complex enterprise architectures, which may include Cloud Security (AWS, Azure, or GCP), API security, and microservices.

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

This is a 3 month contract opportunity with a leading global organization based in Atlanta, GA. There is potential to extend. Candidates have the opportunity to work from home 2 days per week! Successful candidates have a high level of initiative and thrive in a fast paced, enterprise environment. REQUIRED SKILLS: Associate's or Bachelor's degree in Information Technology, Business Administration, Supply Chain Management, or a related field. 1-3 years of experience (internships or part-time roles acceptable) in IT operations, procurement, inventory control, or asset lifecycle management. Basic understanding of IT hardware and software lifecycles, including procurement, deployment, maintenance, and retirement. PREFERRED SKILLS: CompTIA A+ or IT Fundamentals+ (for hardware/software foundations). ITIL Foundation certification. ServiceNow Certified System Administrator (CSA) or basic platform training. SAM/HAM practitioner courses from IAITAM (CHAMP, CSAM) or equivalent. Must be authorized to work in the US. Sponsorships are not available. Details

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Security & Access Control Management, Identity & Access management and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for Platform Messaging Services Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Data Security, Vulnerability Management, Network Architecture and Design, API security, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Work with line of business to identify risks with new and existing vendor relationships Develop strategic objectives curated towards the line of business to support Cyber initiatives About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cyber security or information technology At least 5 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews At least 5 years of experience with software design, networking, or cloud infrastructure Preferred Qualifications: Bachelor's Degree 7+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Santcore Technologies is seeking a HashiCorp Vault (Enterprise) Specialist for one of our major clients in the secure financial services domain at Culpeper, VA (Hybrid - Onsite 2 days/week required). We are looking for a hands-on security engineer with deep experience in Vault Enterprise, Terraform, Ansible, and RHEL hardening. The selected consultant will work in a high-security environment and contribute to secure automation, platform integrations, and infrastructure hardening. Key Responsibilities Deploy, configure, and maintain HashiCorp Vault Enterprise clusters (including HA architectures). Monitor Vault performance, troubleshoot complex issues, and implement security hardening best practices. Integrate Vault with enterprise systems, authentication methods, and automation pipelines. Develop and maintain Terraform modules for secure infrastructure provisioning. Troubleshoot, monitor, and harden RHEL environments, including SELinux policy management. Build and maintain Ansible roles, playbooks, and automation workflows (including AWX/Ansible Tower). Assist internal teams with Vault onboarding, usage support, and operational readiness. Participate in on-call rotation as required. Maintain at least 2 days/week onsite presence in Culpeper, VA. Required Skills (Must-Have) 3+ years of experience in security engineering, platform security, or security automation. 3+ years hands-on experience managing HashiCorp Vault Enterprise, including: HA deployments Monitoring & debugging Hardening and best practices Secret engines, auth methods, integrations Strong hands-on experience with: Terraform (module development) Red Hat Enterprise Linux (troubleshooting, monitoring, hardening) Ansible (roles, playbooks, AWX/Ansible Tower) Preferred Skills Go development (particularly for custom Vault plugin development) Jenkins (automation pipelines) Splunk (dashboards, alerts, queries) ELK Stack (integration, dashboards, queries) SELinux (policy development and troubleshooting) Nice-to-Have Certifications HashiCorp Certified: Vault Associate HashiCorp Vault Operations Professional Terraform Associate Red Hat Certifications Soft Skills Analytical problem-solving and strong troubleshooting mindset Ability to work cross-functionally within security, cloud, and DevOps teams Strong documentation and communication skills Detail-oriented and committed to enterprise security best practices Adaptability in dynamic and fast-paced technical environments

Title: Information Security and Technology Specialist State Role Title: Info Technology Specialist II Hiring Range: $58,000 - $65,000 Pay Band: 5 Recruitment Type: General Public - G Job Duties ABOUT THE ORGANIZATION The Southwest Virginia Higher Education Center (A Great Place, Doing Great Things, Because of Great People!) is seeking applicants to fill an Information Security & Technology Specialist position. This is a full-time/salaried position with benefits. Examples of benefits provided include paid time off that includes 13 holidays, annual leave, sick and personal leave. Other leave may be available based on eligibility and includes parental leave, military leave, civil and work related leave, and school assistance and volunteer service leave. Membership in the Virginia Retirement System, access to medical, dental, vision and hearing insurance, along with prescription drug coverage. An employee assistance program is available, as are flexible spending accounts, premium rewards, and wellness programs. Group life and optional life insurance is also available. The Center also offers an educational assistance program that provides assistance for college/university tuition once program eligibility requirements are met. Employment may also qualify the employee to receive student loan forgiveness through the Public Service Loan Forgiveness Program. Additional benefit information is available at ********************************************** ABOUT THE POSITION This position provides audio/visual support for classrooms, conferences, and events based on the Center's event calendar. The specialist delivers end-user support for staff, tenants, and customers, including troubleshooting computer, network, and AV issues. The role also includes providing basic network support. This position serves as the Center's Information Security Officer (ISO) representative to the Virginia Information Technologies Agency (VITA). The Information Security Officer is responsible for developing and managing the agency's IT security program, and ensuring compliance with associated standards, regulations, and guidelines promulgated by the Virginia IT Agency (VITA). Specifically, this position will be responsible for but not limited to developing and managing agency level information security policies, reviewing business impact analyses, risk assessments, and security audits. The incumbent will develop a process to respond to information security incidents, and responding to security incidents as needed; and coordinating information security awareness training. The incumbent must possess strong technical, problem-solving, and communication skills, with working knowledge of network systems, computer operations, and audio/visual technologies. This position serves as a key point of contact for technology and security support within the Center. Minimum Qualifications * Considerable experience in information technology, audio/visual systems, networking, and information security is required to demonstrate competency in the duties of the position. Additional Considerations * Extensive experience in information technology, audio/visual systems, networking, and information security is desired. * Certified as an Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP) or a GIAC Security Essentials Certification (GSEC) upon hire or must obtain one of the above noted certifications within 12 months of hire. * A work history demonstrating extensive experience performing information security activities; or an equivalent combination of education and experience is preferred. Special Instructions You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position. You may apply for this position at jobs.virginia.gov. AMERICORPS, PEACE CORPS, AND OTHER NATIONAL SERVICE ALUMNI ARE ENCOURAGED TO APPLY. More information is also available at **************************** "The Southwest Virginia Higher Education Center is dedicated to recruiting, supporting, and maintaining a competent and diverse work force" Equal Opportunity Employer Contact Information Name: Taris Harmon Phone: ************ Email: ****************************** In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at ************. Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.

Information Security Engineer Duration: 12 Months contract with potential to extend The Information Security Engineer will play a critical role in ensuring the security and integrity of information systems. This position requires a highly organized and detail-oriented individual with strong communication and leadership skills. The ideal candidate will have experience in technology, network technologies, and information security, as well as the ability to collaborate with cross-functional teams to implement effective security solutions. Responsibilities: Develop and implement information security solutions and controls in collaboration with Security Architecture, Principal Engineers, and Subject Matter Experts. Conduct in-depth research, compile data, and perform detailed analysis to support security initiatives. Lead meetings effectively and provide concise communications to higher-level and executive leadership. Translate requirements into actionable information for both executive-level and individual-level stakeholders. Manage initiatives, including detailed planning, process management, and documentation. Utilize tools such as MS Office (Word, Excel, PowerPoint) to support project management and reporting. Qualifications: Strong organizational, multi-tasking, and prioritizing skills. Excellent communication and presentation skills. Proven experience in technology, network technologies, and information security, including firewalls, intrusion detection, and endpoint security. Demonstrated ability to work with cross-functional teams to identify and implement security solutions. Experience in cybersecurity and technology project management. Strong leadership skills and the ability to manage complex initiatives. About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit ***************** At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to: Pay any fee to be considered for, submitted to, or selected for any opportunity. Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process. Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup. Pay Range: $55 - $60 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work. If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at ***************. To report any concerns, please email us at *******************

Senior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. As a Senior Manager, You will play a leading role in delivering product security advisory services for a fast moving project within a line of business portfolio, working closely with other professionals as required. You have the ability to lead complex problem solving in partnership with multiple stakeholders in a fast-paced environment, driving results with critical impact. You will work with the other Information security consultants, business, technology and risk partners to achieve time sensitive goals and objectives in a secure manner with a heavy forward lean on modern software and technology architectures. Responsibilities: Act as an Information Security point of contact for a business function within the Card line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Leverage strong technical acumen and be security SME reviewing architecture, providing risk mitigation solutions and driving overall risk management. Partner closely with engineers, product managers, and other cross-functional partners to help break down complexity and organizational silos to problem solve. Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have experience in securing large-scale e-commerce platforms, with deep understanding of payments systems, customer data protection across high transaction environments ensuring protection of user data across internal and partner ecosystems. You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of Security concepts At least 5 years of experience performing security risk assessments and security architecture reviews At least 5 years of experience with architecture, software design, networking, and cloud infrastructure At least 4 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 6+ years of experience Application Security, Threat Modeling, Penetration Testing, Vulnerability Management 4+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 2+ years experience in e-commerce industry 2+ years of experience building software utilizing public cloud (e.g. AWS, GCP, Azure) 1+ years of experience in security integration for Mergers and Acquisitions 1+ years of experience with Cloud patch management practices such as system rehydration and image management 1+ years of experience utilizing Agile methodologies 1+ years of experience with Software Security Architecture 1+ years of experience with Application Security 1+ years of experience with Threat Modeling 1+ years of experience with Penetration Testing and/or Vulnerability Management 1+ years of experience with integrating SaaS products into an Enterprise Environment 1+ years of experience with securing Container services 1+ years of experience with Splunk-Fu and Enterprise Monitoring experience 1+ years of experience in a Financial services industry experience 1+ years of experience with Offensive or Defensive Security techniques AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).