Information security analyst jobs in Leesburg, VA

We are seeking multiple mid-level (5 years minimum) Cyber Defense Incident Responders that are available to work the midnight shift (11pm-7:30am) in a Security Operations Center. Clearance Requirements: Top Secret w/SCI Location: Washington, D.C. Job Description: Coordinate incident response functions. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Basic Qualifications- To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: Bachelor's degree or higher 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have,one of the following certifications: CERT Certified Computer Security Incident Handler (CSIH), ECC Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Information Security Fundamentals (GISF), or ISC2 Certified Information System Security Professional (CISSP). Strong written and verbal communication skills. Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). Knowledge of system administration, network, and operating system hardening techniques. Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Demonstrated ability to interact effectively with senior management and leadership. Ability to design incident response for cloud service models. Knowledge of incident categories, incident responses, and timelines for responses. Knowledge of incident response and handling methodologies. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) Desired Skills Experience identifying, capturing, containing, and reporting malware. Skill in preserving evidence integrity according to standard operating procedures or national standards. Strong securing network communications experience. Recognizing and categorizing types of vulnerabilities and associated attacks. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Experience performing damage assessments. Skill in using security event correlation tools and design incident response for cloud service models.

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

Microsoft Sentinel Security Engineer Clearance: Public Trust Job Type: Full-Time | Company: EastBay Systems About EastBay Systems (Formerly DANASTAR) EastBay Systems is a government IT and cybersecurity consulting firm that has been delivering innovative and secure technology solutions to federal agencies since 2007. We specialize in Cybersecurity Program Management, GRC (Governance, Risk, and Compliance), SOC Support, and Secure Software Development. Our mission is to protect and enhance federal systems through advanced tools, proven frameworks, and expert teams. Position Summary We are seeking a skilled Microsoft Sentinel Security Engineer to support the implementation, configuration, and optimization of security operations using Microsoft Sentinel. The ideal candidate will be responsible for designing advanced detection logic, integrating data sources, building analytic rules, and automating threat responses. This role plays a vital part in EastBay Systems' mission to secure our clients' cloud and hybrid environments against emerging cyber threats. Key Responsibilities Deploy, configure, and manage Microsoft Sentinel for enterprise security monitoring Integrate Azure-native and third-party log sources and data connectors into Sentinel Develop and fine-tune analytic rules, workbooks, dashboards, hunting queries, and custom KQL queries Build and automate playbooks using Azure Logic Apps for security orchestration and response (SOAR) Analyze security alerts and provide recommendations for rule improvements Support threat hunting, incident response, and post-incident analysis within Sentinel Collaborate with SOC analysts, engineers, and compliance teams to ensure alignment with security policies and NIST/DoD frameworks Stay current with Microsoft security technologies, industry trends, and threat intelligence Required Qualifications Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or a related field 5+ years of experience in cybersecurity, including 2+ years working with Microsoft Sentinel Proficiency with Kusto Query Language (KQL) for writing detection and hunting queries Hands-on experience with Azure Monitor, Azure Log Analytics, and Microsoft Defender XDR tools Familiarity with threat intelligence and behavioral analysis concepts Experience designing and maintaining SIEM alert rules and integrating with ticketing systems Excellent verbal and written communication skills Preferred Certifications Microsoft Certified: Security Operations Analyst Associate Microsoft Certified: Azure Security Engineer Associate (AZ-500) CISSP, Security+, or GIAC certifications Familiarity with NIST 800-53, RMF, and FedRAMP environments a plus Why Join EastBay Systems? Mission-driven work protecting government and critical infrastructure systems Competitive salary and full benefits package (medical, dental, vision) 401(k) Hybrid work options and generous PTO Opportunities for career growth Apply Now Submit your resume via email us at Jobs@eastbaysystems.com.

Chief Information Security Officer (CISO) The Chief Information Security Officer is a senior executive responsible for defining and overseeing the enterprise-wide vision, strategy, and execution of information security programs that safeguard all organizational data and technology. Reporting directly to the CEO and/or Board of Directors, the CISO plays a pivotal role in managing security risk across both the Academic/Research and Clinical/Patient Care operations of the integrated university and hospital system. Position Details Salary: $250-2750k Type: Full-time, direct hire Location: Washington DC, onsite 3 days a week Strategic Direction & Executive Leadership Build and execute a long-term cybersecurity vision that supports the institution's academic initiatives, research priorities, and clinical mission. Lead and develop the security department, offering coaching, structure, and direction to cybersecurity personnel and partner teams. Establish the organization's security policies, governance models, and standards to ensure consistent risk management practices. Oversee financial planning for cybersecurity, including technology investments, service contracts, and budget management. Risk Oversight & Regulatory Alignment Supervise all risk assessments, compliance reviews, and internal/external audits, ensuring timely closure of any identified risks. Maintain adherence to all regulatory requirements applicable to both sectors: Hospital/Clinical: HIPAA/HITECH, CMS guidelines, and relevant state-level data protection rules. University/Research: FERPA, NIST SP 800-171 for research compliance, and PCI DSS for payment and donation processing. Direct the institution's incident management program-coordinating preparation, testing, and response efforts during cybersecurity events affecting either environment. Operational Security Management Lead the selection, deployment, and ongoing support of cybersecurity technologies (e.g., SIEM tools, firewalls, intrusion detection systems, endpoint protection). Oversee vulnerability assessments, penetration testing initiatives, and continuous monitoring activities. Work closely with IT, engineering, research teams, and clinical technology leaders to incorporate secure design principles into all systems and projects. Communication, Influence & Education Act as the organization's primary authority on cybersecurity matters for executives, trustees, faculty, students, clinicians, and administrative teams. Create and oversee training and awareness programs tailored to the specific needs of academic users, researchers handling sensitive data, and clinical professionals. Provide routine briefings to senior leadership and the Board on emerging risks, ongoing initiatives, and the overall security posture. Required Qualifications Education: Bachelor's degree in Computer Science, Information Systems, or a related technical field (Master's preferred). Professional Background: At least 10 years of progressive cybersecurity experience. Minimum 5 years serving in a senior leadership capacity (e.g., CISO, Security Executive, VP of Cybersecurity). Dual-sector experience: Strong understanding of both healthcare and higher-education cybersecurity and regulatory environments. Certifications: One or more required-CISSP, CISM, or equivalent. Key Skills & Core Competencies Advanced knowledge of enterprise security design, network and cloud protection strategies, and modern risk evaluation techniques. Strong familiarity with frameworks such as NIST Cybersecurity Framework, ISO 27001, and the MITRE ATT&CK model. Outstanding leadership presence with the ability to collaborate, influence, and guide diverse groups across a complex institution. Demonstrated success in leading security incident response efforts and handling high-pressure situations. Proven ability to implement practical, scalable security practices in environments balancing open research culture with rigorous patient data protection requirements.

Veteran Owned Firm Seeking a Junior Information Systems Security Officer (ISSO) for an Onsite role in Washington, DC My name is Stephen Hrutka, and I am the owner of a Veteran Owned management consulting firm in Washington, DC focused on Technical/Cleared Recruiting for the DoD and IC. HRUCKUS helps other Veteran-Owned businesses recruit for positions across the VA, SBA, HHS, DARPA, and other cutting-edge R&D related defense agencies. We seek to fill a Junior Information Systems Security Officer (ISSO) position in Washington, DC. The ideal candidate is a DMV resident who holds active TS/SCI clearance with CI-Poly eligibility, a minimum of 3 years of ISSO experience, at least 5 years in a computer science or cybersecurity-related role, hands-on familiarity with tools such as Nessus or NMAP, and a core certification such as CISSP, GISP, or CASP. If you're interested, I'd be glad to provide more details about the role and further discuss your qualifications. Thanks, Stephen M Hrutka Principal Consultant HRUCKUS LLC Executive Summary: HRUCKUS is looking for an experienced Jr. ISSO for an onsite role in Washington, DC. The program provides support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a federal customer. The contract's support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Key Responsibilities: Services to support IS Security performed by the Information System Security Officer (ISSO) at a minimum, shall consist of the following activities: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS Provide liaison support between the system owner and other IS security personnel Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis Conduct required IS vulnerability scans according to risk assessment parameters. Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs) Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO) Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an agency's IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR Provide baseline security controls to the system owner, contingent upon the IS's security categorization, type of information processed, and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems' impact levels and ISs' authorization boundary Ensure that new entities are created in the GRC application with the security categorization of agency ISs Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS Perform an independent review of the System Security Plan (SSP) and make approval decisions Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number Advise the agency Authorizing Official of IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official Ensure the removal and retirement of agency ISs being decommissioned, in coordination with the SO, ISSO, and ISSR. Required Qualifications: Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility At least 3 years serving as an Information Systems Security Officer (ISSO) at a cleared facility Minimum of 5 years of work experience in a computer science or cybersecurity-related field Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP WeblInspect, Network Mapper (NMAP), and/or similar applications. Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level I proficiency Preferred Education: A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline. Details: Job Title: Jr. Information Systems Security Officer (ISSO) Location: Washington, DC 20535 Clearance Requirement: Active Top-Secret Clearance w/ SCI and a CI-Polygraph eligibility Assignment Type: Full-time, Onsite Salary Range: $70,000 - $95,000 per year with benefits: Competitive salary for well-qualified applicants Relocation assistance available for highly qualified candidates 401(k) plan Annual performance bonus Certification and advanced degree attainment bonuses Student Loan / Tuition reimbursement Health Care Insurance (medical, dental, vision) Up to four weeks of paid vacation 11 Federal Holidays, and 3 Floating Holidays Team bonding events

Title: Cybersecurity Engineer Duration: 6 months (Conversion if hybrid /for remote -extension) Responsibilities: Build, deploy, and manage enterprise security platforms (SIEM, SOAR, EDR, Vulnerability Mgmt). Conduct security design reviews, audits, and control assessments. Automate processes using Python, Go, Terraform, Ansible, or CloudFormation. Configure, harden, and maintain Linux and AWS systems. Support emerging security technology evaluation and implementation. Must Have Skills: 5+ yrs in cybersecurity engineering, building and maintaining enterprise security tools. 5+ yrs scripting (Python, Go, or similar). 3+ yrs automation tools (Terraform, Ansible, CloudFormation). 5+ yrs Linux system engineering and network security experience. Hands-on AWS cloud security expertise. Nice to Have: Experience with Brinqa, Groovy, and vulnerability management platforms. Certifications: CISSP, Splunk Admin, AWS Architect. Experience in media/entertainment or large-scale global networks.

Employment Type: Full-Time Strategies SteerBridge Strategies is a CVE-Verified, Service-Disabled Veteran-Owned Small Business (SDVOSB) delivering a broad spectrum of professional services to the U.S. Government and private sector. Backed by decades of hands-on experience in federal acquisition and procurement, we deliver agile, best-in-class commercial solutions that drive mission success. Our strength lies in our people-especially the veterans whose leadership, discipline, and dedication shape everything we do. At SteerBridge, we don't just hire talent-we empower it. We cultivate meaningful career paths for those who have served and for those who share our commitment to excellence, innovation, and service. Position Overview SteerBridge Strategies is seeking a highly accomplished Security Architect to support our Modern Disability Claims (MDC) initiative-a transformative effort to modernize claims processing systems for the Department of Veterans Affairs (VA). This mission-critical project enhances the security, reliability, and operational efficiency of systems entrusted with sensitive Veteran information. As the Security Architect, you will serve as a strategic and technical authority, guiding cybersecurity architecture across cloud and hybrid environments, ensuring compliance with federal and VA mandates, and fortifying the systems that safeguard the data of those who have served our nation. This is a rare opportunity to apply your expertise at scale while shaping the future of secure digital services for millions of Veterans. Key Responsibilities Architect secure, scalable, and resilient solutions across cloud and hybrid infrastructures supporting VA claims systems. Partner with engineering, infrastructure, and compliance teams to embed secure design principles throughout the system lifecycle. Develop, maintain, and continuously refine System Security Plans (SSPs); lead all phases of the ATO process. Interpret and apply NIST 800-53, NIST 800-171, FedRAMP High, and VA-specific cybersecurity requirements across system and data environments. Lead full RMF lifecycle activities-from system categorization through continuous monitoring and ongoing authorization. Conduct comprehensive risk assessments, gap analyses, and vulnerability remediation planning. Oversee the creation of cyber policies, technical documentation, audit-ready control evidence, and security reporting. Coordinate and participate in security audits, penetration tests, incident response actions, and forensic investigations. Serve as a subject matter expert in data protection, encryption technologies, identity/access controls, and secure SDLC best practices. Collaborate with ISSOs, ISSEs, and federal security teams to ensure seamless security alignment and compliance. Required Qualifications U.S. Citizenship required Bachelor's or Master's degree in Cybersecurity, Information Systems, or a related field Active Secret clearance or ability to obtain one 10+ years of cybersecurity architecture experience in federal or large enterprise environments Deep expertise in NIST 800-171, NIST 800-53, FedRAMP, and federal cybersecurity frameworks Proven experience developing ATO packages and leading security authorization activities Strong background in system hardening, network security, encryption protocols, and secure SDLC Experience architecting secure solutions in AWS, Azure, and/or GCP environments Exceptional written and verbal communication skills with the ability to produce audit-ready documentation Experience coordinating with ISSOs, ISSEs, federal security teams, and cross-functional engineering groups Preferred Qualifications Certifications such as CISSP, CAP, CISM, or equivalent Cloud architecture experience or cloud-related certifications Familiarity with VA security requirements, VAEC, and Veteran-focused IT systems Hands-on experience designing solutions to FedRAMP High baselines Benefits Health Insurance Dental Insurance Vision Insurance Life Insurance 401(k) Retirement Plan with Company Matching Paid Time Off (PTO) Paid Federal Holidays A competitive salary commensurate with experience will be offered. Equal Opportunity Commitment SteerBridge Strategies is proud to be an Equal Opportunity Employer. We are committed to fostering a diverse and inclusive workplace where all qualified applicants and employees are treated with respect and dignity-regardless of race, color, gender, age, religion, national origin, ancestry, disability, veteran status, genetic information, sexual orientation, or any other characteristic protected by law. We also provide reasonable accommodations for individuals with disabilities. If you require assistance during the application process, please reach out so we can support your needs.

MANTECH is seeking a motivated, career and customer-oriented Information System Security Engineer (ISSE) to join our team in Chantilly, VA. Responsibilities include but are not limited to: Maintaining, updating, and configuring logging/auditing tools across Sponsor networks and ensuring all network defense capabilities are kept current, patched, and securely configured Designing, testing, and integrating new security products as directed. Beta testing new capabilities when directed, and conducting software testing as required Maintaining a robust library of documentation, to include network diagrams for cyber defense capabilities and sensors, and making documentation available to all personnel with appropriate need-to-know Providing engineering support for all primary systems, such as network-based intrusion detection/prevention Maintaining, updating, and conducting routine vulnerability scanning across all Sponsor networks Ensuring all parts of the infrastructure are in compliance with patching/hardening requirements. Maintaining system baselines and configuration management items, including security event monitoring policies. Analyzing data flows into, out of, and across Sponsor networks to identify and rectify any security gaps Minimum Qualifications: Bachelor's degree and at least 3 years of experience with Risk Management Framework, JSIG, or similar security frameworks Department of Defense (DoD) 8570 Compliant, IAT Level III within 6 months of hire date Experience with Splunk continuous monitoring Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel, and industry partners. Strong Analytical and Critical Thinking Skills, Interpersonal and People Skills, Leadership Skills, Listening Skills, Multi-Tasking Ability, Communication Skills, Organizational Skills, and Presentation Skills. Preferred Qualifications: Experience with STIGs, EvaluateSTIG, ACAS, NESSUS, and other vulnerability compliance verification tools. Experience with scripting languages (PowerShell), application development (Java, Perl, Python, .NET), databases and analytical tools Experience with security and operational related use cases is desired Clearance Requirements: Must have an active DoD TS/SCI with the ability to obtain a polygraph. Physical Requirements: The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentation

Cyber Security Engineer (Remote) Client: PCAOB - Public Company Accounting Oversight Board Employment Type: Contract Sponsorship: Not Available We're seeking a Cyber Security Engineer (Contractor) to join PCAOB's Security Operations team within the Office of Technology. You'll help monitor and respond to cyber threats, perform incident analysis, and support core security operations that protect PCAOB's technology environment. Key Responsibilities: Monitor security events and triage potential threats or anomalies. Participate in incident response, forensics, and data investigations. Support e-discovery and escalation processes to the Cyber Security team. Collaborate with internal teams to maintain cyber hygiene and compliance. Ensure operational continuity during closures or critical events. Preferred Qualifications: 3+ years' experience in a Security Operations Center (SOC) role. Expertise in endpoint protection, IDS/IPS, firewalls, SIEMs, and log analysis. Familiar with HTTP/TCP/IP analysis, vulnerability assessments, and encryption. Understanding of Linux, Windows, and cloud environments (Azure preferred). Knowledge of email security, CASB, VPN, and malware defense tools. Excellent analytical, communication, and problem-solving skills.

Company - Our client is a nationally recognized cybersecurity solutions provider partnering with some of the most prestigious names in financial services and beyond. They deliver cutting-edge cloud and network security transformations with a proven track record of large-scale deployments across Fortune 500 enterprises. This opportunity supports one of the largest and most security-conscious financial organizations in the U.S. Job Title - SASE Security Engineer (Netskope Focus) Location - Tysons, Virginia (Hybrid - onsite 3 days per week) Role Type - 6-Month Contract (1,040 hours) Must Have Skills: 5+ years of hands-on experience in security engineering roles, with at least 3+ years specifically focused on enterprise-scale SASE/SSE deployments Deep expertise in Netskope Security Cloud (SWG, CASB, ZTNA) or similar SASE platforms such as Zscaler or Prisma Access Proven success in migrating from legacy firewalls (Check Point, Cisco, etc.) to Zero Trust, cloud-delivered SASE architectures Strong grasp of networking principles across OSI layers 1-7, SD-WAN, and NGFW policy optimization Experience integrating Netskope with IdP platforms (Ping/Azure AD) and EDR tools to enable contextual access control Responsibilities and Job Details: Own the design, deployment, and operationalization of the global SASE environment using Netskope as the core SSE solution Define and engineer Zero Trust Network Access (ZTNA) policies tailored by user group and application sensitivity Lead legacy policy migration, replacing traditional firewall rules with a tag-oriented unified security policy aligned with Zero Trust principles Optimize SSL inspection by minimizing unnecessary exclusions and improving visibility into encrypted traffic Clean up and harden legacy firewall rule sets, eliminating redundancies and reducing overly permissive access Oversee full lifecycle deployment of Netskope modules including SWG, CASB, ZTNA, RBI, and DLP Ensure seamless integration with enterprise IdPs and EDR solutions to support adaptive, real-time access decisions Serve as Tier 3 technical escalation for Netskope-related issues across Windows and mac OS endpoints Lead Zero Trust transformation efforts across the enterprise security stack Document architecture, design decisions, and configuration standards to support long-term maintainability Work onsite in Tysons, VA three days per week Must commit to this engagement exclusively with no overlapping contracts

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

ISSO Industry: Government Contracting Our client is seeking a talented ISSO to join their team. This position will support the Assistant Secretary for Administration (ASA) under guidance from the CIO's Information System Security Manager (ISSM). The candidate will ensure a portfolio of 4 systems are in compliance with applicable NIST standards, and provide standard ISSO services. The candidate will also work closely with the other ISSOs supporting the client customers to provide leadership and mentoring and ensure consistent delivery of ISSO services. ISSO Key Responsibilities: · Ensure applicable cybersecurity policies are implemented for systems and information system-related physical security also under purview. · Maintain operational security posture consistent with current security policy. · Report actual or suspected computer-security incidents to DOT CSIRC within time frames established by DOT Incident Response policy for incident types in accordance with US-CERT. · Distribute cybersecurity notices and advisories to appropriate personnel and that vendor-issued security patches are expeditiously installed. · Serve as primary security to system owners, common control providers, and users. · Serve as focal point for cybersecurity incident reporting and subsequent resolution. · Assisting ISSM in reviewing contracts for information systems under the Component's control to ensure that cybersecurity is appropriately addressed in contract language. · Ensure all security-related SDLC documentation meets all identified security needs. · Maintain Security Assessment and Authorization (SA&A) documentation for information systems under purview according to DoT Cybersecurity Policy and Compendium. · Ensure selection of NIST SP 800-53 baseline security controls are appropriate for system based on FIPS 199 security categorization, NIST SP 800-53 guidance, and supplemental DOT policy specified in DoT Cybersecurity Compendium. · Assist System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in POA&Ms IAW DoT policy and procedures. · Track all security education and awareness training conducted for personnel and contractors, as required by DoT Cybersecurity Policy and Compendium. · Provide security advice to AO and System Owner on all matters (technical and otherwise) involving security of the information system. · Ensure required updates are performed to key documents in accordance with NIST SP 800-37 for continuous monitoring. · Identify changes to systems that may impact security controls, perform security impact assessment of proposed changes, report any change in risk posture, and provide recommendations for risk mitigation. · Ensure proper backup procedures exist for assigned information systems and that procedures are performed and tested in accordance with System Security Plan. · Assist System Owner and ISSM to ensure external connections to/from DoT information systems and networks are provided by an approved DoT Trusted Internet Connection Access Provider (TICAP) or DoT-approved Managed TIC Provider Service (MTIPS). · Ensure audit logs are captured, maintained, and analyzed as required by NIST SP 800- 53 and any supplemental Departmental Cybersecurity Policy and the Compendium. · Ensure DoT enterprise information security management system (CSAM or its successors) accurately contains required information system inventory, categorization, POA&Ms and other security metrics required by DoT CIO through this policy. · Complete mandatory annual specialized information security training. ISSO Required Skills:8+ years of experience in IT Security Certified Information Systems Security Professional (CISSP) certification. Understanding of NIST 800.53 and its applicability to IT Systems. Expertise with Risk Management Framework, FEDRAMP and FISMA. Understanding authentication in the cloud environment. Experience with continuous monitoring of a cloud system Experience working on assessments with third party assessments organization (3PAO) AWS/Azure associate certified ISSO Compensation and benefits: $120,000 Company-supported medical, dental, vision, life, STD, and LTD insurance Benefits include 10 federal holidays and PTO. 401(k) with company matching Flexible Spending Accounts for commuter, medical, and dependent care expenses Tuition Assistance

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. The Role This position is a senior role implementing Managed Security Services (MSS) in a Federal Security Operations Center (FedSOC) environment. The SOC function is to provide customers with constant monitoring, protection, prevention, and detection services as well as reporting and incident analysis based on events collected from multiple sources. This position will be responsible for providing technical expertise to design and implement DDoS Mitigation for Lumen Federal Customers. This position will provide subject matter expertise to DoD customers on worldwide DDoS threats and issue posture and assessment reports This Lead Information Security Engineer position operates in a supportive role implementing security, technology, and innovation in the Federal Security Operation Center (FedSOC) environment. The Security Operations Center operates 24x7x365. This role performs security event management functions - monitoring, detection, triage of security events and alerts in associated monitoring systems. Facilitates the ingress, implementation, and egress of advanced client trouble / change requests for the Lumen managed DDoS product. The Lead Information Security Engineer is expected to perform as technical lead, including basic managerial duties, escalation support and on-call. Provides mentoring, training, and escalation support for Junior Engineer SOC personnel. The Main Responsibilities Subject Matter Expert on DDoS attacks, mitigation and threat analysis. DDoS worldwide intelligence collection, analysis, reporting and dissemination. Threat Feed research, recommendation, implementation and Administration. Interface with DDoS service vendors. Expertise in DDoS attack tools and countermeasures. Perform complex changes within the managed security environment. Manage and resolve customer service faults, outage, and impairment events. Monitor, triage, and respond to alerts for client security events. Investigation and resolution of impairment scenarios on Managed DDoS Security products. Research and implement customer generated change requests for Managed DDoS Security products. Generate incident cases and escalate to Operation Engineering and IPNOC teams in accordance with time and severity-based SLA's. Performs tasks associated with the installation, turn up and maintenance of Lumen security infrastructure. Present as technical expert delivering solutions to clients, internal business, and third-party vendors. Develop enhancements to existing solutions, promote creation of new tools, processes, and applications Directly support, train and mentor tier I and II colleagues Possess exceptional customer service skills Multi-task during events Communicate effectively with managers, customers, and vendors Maintain solid working relationships, including collaborative technical activities with peers Strong written and verbal communication skills Analytical and problem-solving skills Attention to detail with good organizational capabilities Prioritize with good time management skills Demonstrate collaboration/cooperation with other Service Assurance teams outside of the SOC (IP/Ethernet, Transport, etc.) Regularly observed communication with peers and other functional SOC teams on selected collaboration platforms (Teams, Email, phone, etc.) Work within multiple ticketing platforms and accept/update/close tickets in order received. If not previously approved, candidate must be willing to submit for a T/S clearance with SCI What We Look For in a Candidate Qualifications & Skills: Required (education/experience/skills/competencies): Candidate must be a US Citizen with an active TOP SECRET clearance Preferred: 5-7 years in a Security Operations environment. Experience with Cyber Threat Intelligence and interface with intelligence community. Experience with writing reports and making presentations to customers. Certifications In specific security technologies such as Fortinet, Arbor, Radware, Palo Alto, Cisco or Checkpoint. Demonstrated understanding of Denial-of-Service concepts and attack vectors, and mitigation options. Demonstrated proficiency in routing and networking skills, including the ability to: Troubleshoot BGP and BGP community strings Review and analyze packet captures Trace customers or attack traffic through our global backbone Understand and be able to modify policies/prefix lists on multiple router platforms Troubleshoot GRE Tunnels issues Stay abreast of new attack vectors and interface with customers, other SOC engineers, and Ops Engineering regarding new vectors and mitigation techniques. Expert level knowledge and skills of at least one programming language (python preferred) Security industry certifications (examples): CISSP CRISC CISM Security+ CCNA ACIA CCNA CEH ITIL Foundations Compensation This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors Location Based Pay Ranges: $114,082 - $152,109 in these states: VA Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: Benefits Bonus Structure #LI-FP1 Onsite What to Expect Next Requisition #: 340274 Background Screening If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page. Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. Disclaimer The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. Application Deadline 12/06/2025

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret SCI + Polygraph Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: IT Infrastructure and Operations Job Qualifications: Skills: Analytical Thinking, Documentations, Log Analysis, Open Source Intelligence Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets and collections. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic monitoring, and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination. KEY RESPONSIBILITIES Track and monitor cyber actors, their activities, and infrastructure to identify potential threats and vulnerabilities. Utilize industry-standard commercial and open-source tools for threat intelligence gathering and analysis. Conduct proactive threat hunting to uncover malicious activity, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs). Chain cyber threat events across multiple data sources to build coherent threat narratives and timelines. Analyze network traffic, logs, and endpoints to identify malicious behaviors and anomalous activities. Develop actionable intelligence reports and briefings for both technical and non-technical stakeholders. Collaborate with incident response, SOC, and other security teams to correlate findings and provide context. Maintain an understanding of emerging cyber threats and trends, adjusting hunting techniques accordingly. Communicate threat findings and intelligence through clear, concise briefings and visualizations EDUCATION AND EXPERIENCE Bachelor's degree in computer science, information technology, or other related discipline, or equivalent combination of education, technical certifications, training, and work/military experience. REQUIRED QUALIFICATIONS Strong knowledge of common cyber attack methodologies (e.g., MITRE ATT&CK, kill chain models). Strong knowledge of TCP/IP communications. Proficiency with commercial and open-source threat intelligence tools, such as: SIEM (e.g., Splunk, Elastic Stack) Network traffic analysis tools (e.g., Zeek, Suricata, Wireshark) Threat intelligence platforms (e.g., ThreatConnect, Anomali) OSINT tools (e.g., Maltego, Shodan, Censys) Endpoint detection and response (EDR) tools (e.g., CrowdStrike, Carbon Black) Malware analysis tools (e.g., VirusTotal, Hybrid Analysis) Strong analytical skills to identify patterns, anomalies, and relationships between cyber threat events. Ability to articulate complex technical findings in clear, accessible briefings and reports. Strong written and verbal communication skills, with an emphasis on briefing senior leadership and non-technical stakeholders. Experience in creating threat intelligence reports and providing actionable recommendations. DESIRED QUALIFICATIONS Understanding of malware behaviors and basic reverse engineering concepts. Experience with automated threat hunting and scripting (e.g., Python, PowerShell). Familiarity with cloud environments (e.g., AWS, Azure) and associated cyber threats. Experience in a Security Operations Center (SOC) or Incident Response role. Experience extracting information of foreign intelligence, counterintelligence and targeting value from digital data. Experience producing products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs. GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. ● Growth: AI-powered career tool that identifies career steps and learning opportunities ● Support: An internal mobility team focused on helping you achieve your career goals ● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off ● Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore an enterprise IT career at GDIT and you'll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward. The likely salary range for this position is $136,000 - $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Onsite Work Location: USA VA Chantilly Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Tyto Athene is searching for a **Incident Detection Analyst** to support our customer in Washington, DC. **Responsibilities:** + Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs. + Conduct Incident Triage to prioritize newly identified security incidents for follow-on action. Identify all relevant data sources for initial collection to determine prioritization and resource application based on the criticality of the incident. Conduct immediate actions to evaluate and contain threats as necessary in accordance with the Judiciary Security Operations Center Incident Response Plan (JSOCIRP), Incident Response Operations Guide, and any other published SOC operations guides and manuals. Please see SLA SOC3. + Perform deep dive analysis (manual and automated) of malicious links and files. + Ensure efficient configuration and content tuning of shared SOC security tools to eliminate or significantly reduce false alert events. + Provide Executive Summary in accordance to IDT Operations Guide. + Provide 5W briefing slides for each event for leadership briefing. + Provide on demand time/trend/event based metric reports for SOC management. + Provide clear and actionable event notifications to customers. Notifications to customers will be clear and provide sufficient detail for a mid-level system or network administrator to understand what has occurred and what needs to take place to remediate the event. + Coordinate and provide direct support to local incident responders at the circuit, local court unit and program office levels. Provide notifications, guidance and end to end incident response support to local incident responders to ensure the appropriate actions are properly taken to detect, contain, eradicate and recover from identified security incidents. Coordinate with various other SOC teams to leverage the appropriate resources to enable local incident responders. Participate in course of action (COA) development and execution as necessary. + Document all communications and actions taken in response to assigned incidents in the SOC ticketing system. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through the Contractor management as necessary. + Directly support the Judiciary Special Tactics and Active Response (JSTAR) team and provide incident response support for critical security incidents as they arise. + Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors shall track all notifications in the SOC ticketing system and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the JSOCIRP escalation and reporting procedures. + Continuously review and update the Incident Handlers (IH) Guide and provide recommendations to annual updates for the JSOCIRP. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption. + Incident Responders must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework for the role of Cyber Defense Incident Responder **Qualifications** **Required:** + 6 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs; + Ability to communicate clearly both orally and in writing. + Working experience with Splunk SIEM. + At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments **Education/Certifications:** + Bachelor's degree in information systems, Computer Science or related field is preferred. // Splunk Fundamentals I & II certification. **Clearance:** + Public Trust **Hours of Operation/Shift:** + Monday-Friday 3PM EST - 1130PM EST **About Tyto Athene** **Compensation:** + Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. **Benefits:** + Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave. Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide. At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto? Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law. Submit a Referral (******************************************************************************************************************************* **Location** _US-DC-Washington_ **ID** _2025-1522_ **Category** _Cybersecurity_ **Position Type** _Full-Time_

GCI embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry. At GCI, we solve the hard problems. As a Data Exploiter, a typical day will include the following duties: JOB DESCRIPTION A qualified Data Exploiter reviews, manipulates, triages, and analyzes large datasets. Candidate is responsible for supporting operational and analytical requirements. Activities include detailed log analysis, network traffic review and vulnerability risk assessment. The individual will be expected to conduct assessments of software tools and systems to identify vulnerabilities, and work with internal and external technical stakeholders to identify solutions to enrich analysis. Able to follow the entire targeting life cycle by engaging in data exploitation of requirements collection, data analysis, summary and documentation, and actionable information dissemination. KEY RESPONSIBILITIES Provide data exploitation and targeting support to the customer. Use a variety of tools and methods to extract information of foreign intelligence, counterintelligence and targeting value from digital data. Create a range of products that inform operations, drive targeting and collection, contribute to intelligence products, and support multiple customer needs. Work with a team to analyze existing software applications and tools, and recommend new technologies and methodologies to improve team performance. Write and update technical documentation such as user manuals, system documentation, training materials, processes and procedures, technical reports and targeting leads. Collaborate cross-functionally with data scientists, engineers, developers, targeters, and analysts. Analyze intrusion artifacts to identify mitigation approaches for potential network defense Provide recommendations for continuous improvement. Work alongside other team members to sustain and advance our organization's capabilities. EDUCATION AND EXPERIENCE Bachelor's degree in Computer Science, Information Technology, or other related discipline, or Equivalent combination of education, technical certifications, training, and work/military experience. REQUIRED QUALIFICATIONS Demonstrated experience conducting in-depth targeting research/analysis on priorities and diverse datasets Demonstrated experience and ability to communicate complex information and concepts to an audience of varying levels of technical experience. Demonstrated experience and ability to sort through, catalog and analyze multiple forms of data using an array of tools and methods to achieve objectives Demonstrated experience in utilizing technical targeting tools Experience reviewing and assessing network traffic and knowledge of the OSI Layers Ability to sift through large amounts of unstructured data for key data points (metadata and artifacts) Knowledge of incident response, containment, and mitigation Knowledge of common cyber-attack methods Demonstrated experience conducting detailed log analysis and system monitoring to understand system status, detect system breaches, and identify other system anomalies Demonstrated experience performing vulnerability identification, risk analysis, and remediation Ability to triage, review, identify, and correlate items of interest from numerous all source datasets Ability to evaluate worldwide security events to assess system impact and/or risk (e.g., zero day exploits, hardware failures, and/or cyber-attacks) Ability to sift through large amounts of unstructured data for key data points (i.e., metadata and artifacts) Identify and document information that can fill critical gaps Create new methodologies / algorithms for data analysis and correlation Create entity / object profiles and derived data sets that enable future opportunities and analytical efforts Prepare a range of tailored products that embody and explain findings Experience with technical collection abilities Must be eligible to obtain the required Security Clearance. DESIRED QUALIFICATIONS Python Scripting Strong understanding of VPNs, VLANs, and TCP/IP Understanding of Linux operating systems Ability to working independently with minimal supervision Experience conducting network traffic analysis Understanding of forensic tools and applications Salary Range $160,000-$200,000 Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Founded in 2007 and headquartered in Columbia, Maryland, Synergy ECP is a leading provider of cybersecurity, software and systems engineering and IT services to the U.S. intelligence and defense communities. The company leverages its expertise in data transport solutions, software and systems engineering, and other solutions to deliver critical and innovative capabilities to high-level decision makers that enhance our nation's security. In an ultra-competitive environment, Synergy ECP has thrived by adhering to our name, making sure excellence is displayed by our Employees, to our Customers and by Improving Performance (ECP). It's what sets us apart, enabling us to be an autonomous yet agile business that delivers huge results - showing we're ready to meet our customers' evolving demands. Synergy ECP has earned a client list that includes numerous Fortune 100 companies, in addition to multiple branches of the US government and military services. Synergy ECP is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected class. Requirements A Bachelor's degree and 5 years of relevant experience or a Master's degree plus 3 years of relevant experience or a Doctoral degree and 2 years of relevant experience. An Associate's degree plus 7 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science, Computer Engineering, Information Systems, or related discipline from an accredited college or university. CISSP, CEH, Sec+, Net+, GIAC, GREM, or CREA Certification is required. Relevant experience must be in malware analysis. Programming experience in C, C#, C++, Java, Perl, or Python is preferred. Analyze target digital network data to discover, analyze, and document malicious or unauthorized activity using information collected from a variety of SIGINT and computer network defense resources. Analyze metadata collected from tasked communications systems in order to identify, locate, and track targets, and to accurately report the intelligence gained from metadata analysis. Categorize traffic as benign, suspicious, or malicious activity; and document malicious tactics, techniques, and procedures (TTPs). Develop and implement mitigation strategies. Have a network and/or host-based focus.

CADRE is relied upon for delivering superior insight and leadership to solve the nation's most critical national security challenges in the most demanding environments. is located in Northern Virginia with flexible core hours. The Network Analyst (NA) will be responsible for daily substantive work to the Senior Management Team. The NA will also be a member of multidisciplinary teams. The Network Analysis team is composed of Network Analysts covering three distinct areas of industry and a candidate is likely to be a subject matter expert in only one or two areas: Telecom and data transport and switching engineering in support of traditional telcos Data center network engineering in support of intra- and inter-data center transport. Network architect or cellular network engineering for 3G, 4G, and/or 5G to include core network (EPC and 5G) and radio network engineering Duties: This Network Analyst performs the following core functions: Coordinate with the customer's other multidisciplinary teams to provide timely and accurate network analysis regarding the logical and physical routes of key telecommunications networks within a designated area Work with appropriate members and organizations to evaluate the role and value of potential network operations Display a mastery of relevant network operations, principles and best practices across various projects Employ their mastery creatively to support the multidisciplinary teams in providing direct mapping and graphics inputs into the customer's modeling tool as well as in modeling briefings Display subject matter expertise on complex projects Perform other duties as assigned at the direction of Project Management Required Qualifications: Ability to obtain and maintain a TS/SCI with poly Bachelor's degree preferred, in a STEM discipline (e.g. Computer Science, Cyber Security, Engineering, Mathematics, or Statistics). Other degrees are acceptable with a strong analytic and technical acumen. No degree + fourteen (14) years relevant experience Associate's degree and twelve (12) years relevant experience. Bachelor's degree and ten (10) years relevant experience. Minimum of 10 years (current) of commercial/industry experience in one of the following roles: Facility engineer or network planner (TDM and/or Data) Large scale networking engineering across multiple packet fabrics, such as google B4 Core network engineer, or radio network engineer with experience in 3G, 4G and/or 5G engineering OR equivalent NSA experience. Strong understanding of network technologies, protocols, systems and equipment to include one or more of the following: SONET/SDH, OTN, MSAN, MSPP, MPLS/IP-MPLS, VoIP, IP Multimedia Services (IMS), DWDM, ROADM, Software Defined Networks (SDN) WAN and LAN, multi fabric networks, mesh networks, Session Border Controllers, fabric management, radio access network, front haul, back haul, BGP, OSPF, ISIS, SIP, 5G/LT/LAN interworking, VoLTE, SRVCC, DRVCC, ETSI MANO, OSS/BSS Experience in commercial/industrial telecommunications networks, providing physical and logical network routes to answer strategic requirements. Working knowledge of Network Management Systems (NMS) in the network and or Network Function Virtualization and SDN Working knowledge of one or more of the following: Public Switched Telephone Network (PSTN) Data networks (IP, MPLS, traffic engineering, OpenFlow) Dedicated/Private communications networks both traditional voice and VOIP VOIP networks, softswitches, SBCs Fiber optic cable, characteristics, engineering, installation and maintenance RF related technologies such as cellular technologies, microwave, millimeter wave and VSAT Gigabit-capable Passive Optical Network (GPON) technology Strong analytical skills Ability to work with large volumes of data Computer and database skills Desired Qualifications: Active TS/SCI with poly with most recent BI/Polygraph dates within the last five years Foreign language capability is not required but is considered a plus

We're seeking a talented and motivated Network and Security Analyst to join our team. In this role, you will lead infrastructure upgrades and strengthen our IT security. This role is perfect for a senior-level professional ready to own key projects and grow into a future leadership role. Key Responsibilities Lead the setup and deployment of new office network infrastructure (firewalls, switches, Wi-Fi) Assess and improve existing IT systems and processes Coordinate with vendors for cabling, equipment, and installation Set up and recommend equipment for new hires Manage access control systems, surveillance integration, and UPS/power solutions Evaluate and improve domain/web infrastructure Ensure HIPAA and data privacy compliance in all IT operations Required Qualifications Bachelor's degree or equivalent with industry certifications (e.g., CCNA, Network+, Security+) 5-10+ years in IT infrastructure, networking, or systems analysis Hands-on experience with firewalls, structured cabling, wireless APs, UPS, and access control Familiar with HIPAA, PII, and cybersecurity best practices Experience with Microsoft 365, Power BI, and Asana (preferred) Preferred Qualifications Healthcare or regulated industry experience Why Join Vheda Health? At Vheda Health, we invest in our team's wellbeing with a comprehensive benefits package: Compensation: Competitive salary within the published range plus performance bonus and equity opportunities Healthcare: Comprehensive medical, dental, and vision coverage Financial Security: 401(k) retirement plan, voluntary life insurance, short and long-term disability Work-Life Balance: Unlimited paid time off and 11 paid company holidays Community: Engaging team events and activities throughout the year