Information Security Engineer Part Time jobs

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as an Information Security point of contact supporting the Card line of business. Leverage strong technical acumen and be security SME reviewing architecture, providing risk mitigation solutions and driving overall risk management. Work closely with engineers, product managers, and other cross-functional partners to help break down complexity and organizational silos Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of Security concepts At least 5 years of experience performing security risk assessments and security architecture reviews At least 5 years of experience with architecture, software design, networking, and cloud infrastructure At least 3 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 6+ years of experience with architecture, software design, networking, and cloud infrastructure 6+ years of experience with Application Security, Threat Modeling, Penetration Testing, or Vulnerability Management 6+ years of experience in securing a public cloud environment and building software utilizing public cloud 6+ years of experience with Cloud patch management practices such as system rehydration or image management 1+ years of experience in PCI, SOC2, or ISO27001 1+ years of experience utilizing Agile methodologies 1+ years of experience with integrating SaaS products into an Enterprise Environment 1+ years of experience with securing Container services 1+ years of experience with Splunk-Fu and Enterprise Monitoring 1+ years of experience with Offensive or Defensive Security techniques 1+ years of experience in a Financial services industry 1+ years of experience in a regulated environment AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical San Jose, CA: $245,900 - $280,600 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Capital One is looking for a Cyber Security Analyst to join our Log Management team. This team is responsible for enabling comprehensive cyber monitoring. We ensure standard log events are generated across Capital One so our threat defenders have the right visibility for investigations and alerts. We achieve our mission by setting security logging strategy & requirements and influencing enterprise technology teams to deliver. Responsibilities: Lead and communicate the enterprise security logging strategy in partnership with engineering and architecture teams, Cyber Operations teams (ex. Cyber Security Operations Center, Hunt, Insider Threat), and other stakeholders. Establish technical best practices for security logging (event generation, delivery, storage) and minimum requirements across our infrastructure (cloud, network, databases), host & endpoints (workstations, servers) and applications. Conduct gap analyses of security logs, help Cyber Operations teams prioritize, and influence engineering teams to close logging gaps. Maintain close ties with Cyber Operations teams, ensuring the right events are captured and logged. Drive enterprise teams to adhere to logging requirements in terms of standard schemas, design, log transportation deployments, and log validation. Review and assess security logging as delivered versus requirements and standards. Track compliance and escalate non-compliance of logging standards to executive leadership. Participate in execution and oversight of critical team processes, ensuring playbooks are adhered to consistently. About You: You have strong assessment and analytical skills in the security logging domain You have strong judgment skills understanding security policies and Cyber Operations teams requirements. You have experience with logging requirements or implementation across infrastructure (cloud, network, databases), host & endpoints (workstations, servers) or applications. You understand security logging & monitoring needs for a Cyber Operations team at a tactical level and have experience in hands on technical design and implementation of logging. You have experience implementing high-visibility and high-impact enterprise cybersecurity projects with cross-functional teams including planning, development and management of technical requirements, design, validation, and non-compliance escalation. You have the ability to foster collaborative, open, working relationships with technology groups and other stakeholders, sharing customer and engineering benefits for security logging to gain buy-in. You have experience delivering security logging projects and programs across a technology environment, setting logging strategy with architects, developers, and data experts. You have passion and expertise in one or more of the following areas: security operations, security log analysis, cloud security, network security, application security, and host & endpoint security. Basic Qualifications: High School Diploma, GED or equivalent certification At least 3 years of experience working in cybersecurity or information technology At least 2 years of experience working in a Security Operations Center (SOC) Preferred Qualifications: Bachelor's Degree in Information Technology, Cyber Security or Computer Science 4+ years of experience administering or investigating Mac OS or Linux OS 4+ years of experience working with SIEM Security Tools 4+ years of experience working within JIRA One or more of the following certifications CISSP, CISM, CCSP, Security+, CEH, SANS, GIAC 503 or 504, or AWS Security At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. Chicago, IL: $144,200 - $164,600 for Prin Assoc, Cyber Technical McLean, VA: $158,600 - $181,000 for Prin Assoc, Cyber Technical New York, NY: $173,000 - $197,400 for Prin Assoc, Cyber Technical Richmond, VA: $144,200 - $164,600 for Prin Assoc, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Full Part/Time: Full time Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber Security Job Qualifications: Skills: Cybersecurity, Event Security, Insider Threat, Security Audit, Splunk Administration Certifications: None Experience: 6 + years of related experience US Citizenship Required: Yes Job Description: Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT * Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. * Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. * Identify acceptable use policy infractions. * Review event logs to determine events of interest. * Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). * Prepare case evidence and incident reports. * Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: * Bachelor's Degree and 6+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. * DoD Approved Baseline 8140/8570 IAT level III (CASP, CISSP, CISA, or CCNP) certification is required prior to start date. * DoD Approved Baseline 8140/8570 CSSP Auditor (CEH, CySA, CISA, Cloud+, or CHFI) certification is required prior to start date. * Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph * Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems * Friday and Saturday Night Shift work required. * Willing to work a holiday supporting your assigned shift. Location: 100% On Customer Site * Bolling AFB, Washington D.C. * Reston, VA * Colorado Springs, CO * Riverdale, MD * Pearl Harbor, HI * Tampa is available for part time weekend only support GDIT IS YOUR PLACE: * 401K with company match * Comprehensive health and wellness packages * Internal mobility team dedicated to helping you own your career * Professional growth opportunities including paid education and certifications * Cutting-edge technology you can learn from * Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $119,000.00 - $161,000.00. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA DC Washington Additional Work Locations: USA CO Colorado Springs, USA HI Pearl Harbor, USA MD Riverdale, USA VA Reston Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber Security Job Qualifications: Skills: Cybersecurity, Event Security, Insider Threat, Security Audit, Splunk Administration Certifications: None Experience: 6 + years of related experience US Citizenship Required: Yes Job Description: Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT * Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. * Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. * Identify acceptable use policy infractions. * Review event logs to determine events of interest. * Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). * Prepare case evidence and incident reports. * Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: * Bachelor's Degree and 6+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. * DoD Approved Baseline 8140/8570 IAT level III (CASP, CISSP, CISA, or CCNP) certification is required prior to start date. * DoD Approved Baseline 8140/8570 CSSP Auditor (CEH, CySA, CISA, Cloud+, or CHFI) certification is required prior to start date. * Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph * Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems * Friday and Saturday Night Shift work required. * Willing to work a holiday supporting your assigned shift. Location: 100% On Customer Site * Bolling AFB, Washington D.C. * Reston, VA * Colorado Springs, CO * Riverdale, MD * Pearl Harbor, HI * Tampa is available for part time weekend only support GDIT IS YOUR PLACE: * 401K with company match * Comprehensive health and wellness packages * Internal mobility team dedicated to helping you own your career * Professional growth opportunities including paid education and certifications * Cutting-edge technology you can learn from * Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $119,000.00 - $161,000.00. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA DC Washington Additional Work Locations: USA CO Colorado Springs, USA HI Pearl Harbor, USA MD Riverdale, USA VA Reston Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

We are seeking a highly skilled Senior Cybersecurity Analyst / Information Security Manager with expertise in IT security, risk management, and policy development. The ideal candidate will have a minimum of five (5) years of experience implementing security measures to protect the confidentiality, integrity, and availability of information systems and data, along with at least two (2) years of supervisory experience in a cybersecurity or IT security role. This individual will be responsible for developing, monitoring, and testing cybersecurity plans and controls using government-approved tools and methodologies while ensuring compliance with federal cybersecurity policies and frameworks. Contingent upon contract award **Responsibilities** + Plan, coordinate, and implement security measures to safeguard information systems and data. + Supervise cybersecurity personnel and oversee daily security operations. + Develop, monitor, and conduct testing of cybersecurity plans and controls using government-approved tools and methodologies. + Document test results, risk assessments, and residual risk reports, and provide recommendations for corrective actions. + Ensure compliance with cybersecurity policies and best practices, including National Institute of Standards and Technology (NIST) Special Publications. + Demonstrate expertise in Security Assessment and Authorization (SA&A), including NIST 800-37, NIST 800-53, CNSSI standards, and other federal cybersecurity requirements. + Develop and maintain EHSS Security Policies, including the EHSS Privacy Plan, EHSS Configuration Management Plan, and other security-related documentation. + Create and maintainbaseline documentation and oversee policy development and reviews for EHSS security programs. + Implement and support Incident Response, Vulnerability Management, and Plan of Action and Milestone (POA&M) management. + Apply expertise in Zero Trust Architecture, cloud security requirements, security assessments, and Continuous Diagnostics and Mitigation (CDM)/Continuous Monitoring. **Qualifications** + Bachelor's degree in Information Technology, Cybersecurity, Information Assurance, or a related field from an accredited university or college. + Minimum of five (5) years of experience in IT security, risk management, and policy development. + Minimum of two (2) years of supervisory experience in a cybersecurity or IT security role. + Proficiency in NIST frameworks, risk assessments, security controls, and federal cybersecurity policies. + Must be knowledgeable in Incident Response practices, vulnerability management, Plan of Action and Milestone management, Zero Trust Architecture, cloud requirements and assessments Continuous Diagnostics Mitigations/Continuous Monitoring, Etc. + Strong understanding of Security Assessment and Authorization (SA&A) processes and federal security compliance requirements. + Top Secret clearance **Required Certifications:** + GIAC Information Security Professional (GISP), ISC2 Certified Information Systems Security Professional, CISSP or equivalent. **Job ID** 2025-15866 **Work Type** On-Site **Pay Range** $150,000 -$190,000 **Benefits** Regular - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. Paid Time Off (PTO) is offered to regular full-time and part-time employees. **Company Description** **Work Where it Matters** Compass Point, an Akima company, is not just another federal IT contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At Compass Point, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. **For our shareholders** , Compass Point provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. **For our government customers** , Compass Point delivers a broad range of skilled IT services, including data-centric services, software development, IT infrastructure modernization, managed IT services, and more. **As a Compass Point employee** , you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options. We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at ******************** or ************ (information about job applications status is not available at this contact information).

**Req ID:** 35347 **Intermediate Cyber Defense Incident Responder** **Washington DC** **Part-time - Weekends** Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level! Chenega Systems (CS) provides federal agencies empowered solutions in Cybersecurity and Data Visualization. Our Subject Matter Experts offer decades of experience working in the federal marketplace and the data visualization environment. The **Intermediate Cyber Defense Incident Responder** is responsible for investigating, analyzing, and responding to cyber incidents within the network environment or enclave. **Responsibilities** + Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. + Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. + Coordinate incident response functions. + Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, and Security Focus) to maintain the currency of cyber defense threat conditions and determine which security issues may impact the enterprise. + Perform cyber defense trend analysis and reporting. + Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. + Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. + Write and publish after-action reviews. + Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies. + Other duties as assigned. **Qualifications** + Bachelor's degree in Cybersecurity or a related discipline + 5+ years of experience in incident response and/or breach response. Additional years of experience may be used in lieu of a degree. + CompTIA PenTest+, CompTIA CySA+, EC-Council CEH or equivalent certification + Must be US citizen with the ability to obtain Top Secret Clearance + Must be able to pass a Criminal and Financial Background Check prior to start **Knowledge, Skills, and Abilities:** + Knowledge of business continuity and disaster recovery continuity of operations plans. + Skill in preserving evidence integrity according to standard operating procedures or national standards. + Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. + Knowledge of cyber defense and information security policies, procedures, and regulations. + Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). + Knowledge of incident categories, incident responses, and timelines for responses. + Knowledge of incident response and handling methodologies. + Skill in performing damage assessments. + Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth). + Skill in securing network communications. + Skill in using security event correlation tools. + Knowledge of network services and protocol interactions that provide network communications. + Knowledge of the OSI model and underlying network protocols (e.g., TCP/IP). + Knowledge of cloud service models and how those models can limit incident response. + Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. + Knowledge of system administration, network, and operating system hardening techniques. + Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). + Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state-sponsored, and nation-sponsored). + Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). + Knowledge of malware analysis concepts and methodologies. + Skill in identifying, capturing, containing, and reporting malware. + Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). + Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. + Skill in recognizing and categorizing types of vulnerabilities and associated attacks. **How you'll grow** At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers. **Benefits** At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits. Learn more about what working at Chenega MIOS can mean for you. **Chenega MIOS's culture** Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives. **Corporate citizenship** Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Chenega's impact on the world. Chenega MIOS News- ***************************** **Tips from your Talent Acquisition Team** We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links: Chenega MIOS web site - ******************* Glassdoor - ********************************************************************************* LinkedIn - ***************************************** Facebook - ************************************* \#Chenega Systems, LLC Chenega Corporation and family of companies is an EOE. Equal Opportunity Employer/Veterans/Disabled Native preference under PL 93-638. We participate in the E-Verify Employment Verification Program

At MAG, we provide and enable real-time situational awareness to help our customers make the world smaller and safer. We are laser focused on serving our customers by providing technical expertise, operational excellence, and flawless execution. Our success is due entirely to the high caliber of employees we recruit, hire, and retain. At MAG, we look for individuals who thrive in a high-performance environment where challenges are the norm and success is expected. We are looking for a Jr Information System Officer (ISO) to join our team to support the Navy Cyber Warfare DevGru (NCWDG). Your role would be to provide Cybersecurity support as an Information Systems Officer (ISO) ensuring the confidentiality, integrity, availability, authentication, and non-repudiation of information systems operating in a classified environment. ****Must be a US Citizen**** **_***Requires a current Top Secret security clearance. A CI Polygraph will be required within 6 months.***_** **Essential Duties and Responsibilities** **Essential Duties and Responsibilities** include the following. Other duties may be assigned. + Monitor the Command's information systems. + Ensure that all servers, switches, routers, crypto, fiber connections, attached leased circuits and distant end hardware are all fully secure and following proper operations through security scans and implementation of security controls as directed, + Monitor user accounts ensuring correct permissions are assigned for level of access. + Validate in hold accounts of detaching personnel from the Command. + Provide information assurance guidance and oversight for all Command networks and stand-alone systems, + Develop formal Information System Security, education and training, and awareness program coordinating with the Command Information Security Systems Manager (ISSM) and keeping the customer informed on all issues, + Coordinate Information Security inspections to include an incident response action should they be discovered, + Maintain liaison with high level professionals in other Commands/activities, intelligence agencies, and Contractor facilities to identify and define current and future technologies to support intelligence requirements, + Create system security plans, plan of action and milestones, security action plan, personnel training, and help maintain policies for all Command networks supporting the ISSM in all missions, + Monitor information security inspections to include incident response actions as well as ensuring corrective measures have been taken **Requirements** **Minimum Requirements** **Knowledge and Skills:** + Proficient knowledge of Host Based Security Systems (HBSS) and the Assured Compliance Assessment Solution (ACAS) + Experience with the use fo the DoD/DISA Vulnerability Management System (VMS) and Electronic Enterprise Mission Assurance Support Service (eMASS) + Experience performing vulnerability/risk assessment analysis to support Assessment & Authorization (A&A). + Understanding and hands on experience in RMF processes and activities to obtain and maintain system ATO. + Advanced written and verbal communication skills. + Instruction (CNSSI) 1253 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG). + Demonstrated experience with Intelligence Community Directive (ICD) 705, DoDD 5205.07, and DOD 5205.07-M Volumes 1-4. + Ability to create IA related acquisition documents. **Minimum years of experience:** + Up to two (2) years of Information Assurance/Cybersecurity (IA/CS) experience is required. + Qualified candidates will have experience with Risk Management Framework (RMF), + Up to two (2) years of experience with security controls and implementation delineated in Committee of National Security Systems **Education:** + BS in Computer Science, Information Systems Management, or related area of study. **Desired Requirements** + Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs. + Experience with risk analysis and assessment determinatiions + Experience with Xacta. + Current CI polygraph. **Other Qualifications** + Current active TS/SCI DoD Security Clearance + Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DOD 8570.01-M. (i.e., CISSP, JSSEP, Sec+CE, GSNA, GSLC or CISM) + This position is 100% in Government spaces; no telework authorized + Must be a US Citizen **Special Note** The position is contingent upon candidate's ability to meet physical and medical requirements as needed by the position; including compliance with all applicable federal, state, and local jurisdictional requirements. **Benefits and Compensation** At MAG Aerospace, we value your contributions providing our employees with a robust Total Rewards package that supports your total well-being. Full-time and part-time employees working at least 30 hours a week on a regular basis are eligible to participate in MAG's Total Rewards programs. Our offerings include health, life, disability, financial, and retirement benefits as well as paid leave, professional development, and tuition assistance. Individuals that do not meet the threshold are only eligible for select offerings not inclusive of health benefits. We encourage you to learn more about our Total Rewards Program by visiting the Resource page on our Careers site: ********************************** Salary at MAG Aerospace is determined by various factors including but not limited to location, the particular combination of education, knowledge, skills, competencies, and experience as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $120000 to $130000 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of MAG's total compensation package for employees. **Need help finding the right job?** We can recommend jobs specifically for you! **Job Locations** _MD-Ft. Meade_ **ID** _2025-7587_ **Work Region** _CONUS_ **Type** _Regular Full-Time_ **Clearance** _Top Secret/SCI_

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Cloud Security Engineer, Senior Key Role: Define, communicate, and implement cybersecurity architecture and administration processes for cloud environments across multiple network domains. Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to ensure design, implementation, verification, and continuous monitoring of cloud solutions across multiple domains. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents for Amazon Web Services (AWS) operating within Cloud environments in alignment with existing RMF packages. Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO) on multiple networks. Evaluate enhancements to Cloud environments against RMF controls and DoD Security Technical Implementation Guidance (STIG) requirements. Support data capture and configuration within tools to enable achievement of the organization's Assessment and Authorization (A&A) objectives. Work without considerable direction. Mentor and supervise team members, as needed. Basic Qualifications: 5+ years of experience with securing computer systems, performing DoD authorization activities, and writing security plans 5+ years of experience with secure IT architecture, computing hardware, and software Experience working with Cloud technologies, including AWS or Azure, such as Infrastructure as a Service Experience with developing Body of Evidence for DoD Risk Management Framework (RMF) Experience with scripts and Bash to provide automated scanning or monitoring solutions Experience with supporting security reviews of software and system releases within a DevSecOps framework supporting recurring path-to-production software and system release activities Experience with terminology, processes, and regulations of IT system A&A for the RMF Top Secret clearance HS diploma or GED Ability to obtain DoD Directive 8570 or 8140 Series IAT Level II Certification within 90 days of hire Additional Qualifications: Experience with planning, implementing, and managing continuous monitoring solutions and working within an Agile-based project management framework Experience working with Cloud technologies, including AWS, Azure, or Infrastructure as a Service Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration Experience with the Army, DoD, or Intelligence Community (IC) Information Assurance (IA), or Information Systems Experience in Information System Security Engineer (ISSE) or Information System Security Officer (ISSO) roles Experience with developing Body of Evidence artifacts for Certification and Accreditation (C&A) of systems under frameworks, including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-Series, DoD Risk Management Framework (RMF), and Intelligence Community Directive (ICD) 503 Knowledge of terminology and federal regulations related to specification, development, acquisition, and maintenance of IT systems Ability to work independently and as an integrated member of a project team and communicate both verbally and in writing TS/SCI clearance Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $75,600.00 to $172,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. EEO Commitment We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Lead Software Engineer - Security Engineering At Services within Mastercard, we are building out the APT Platform, a next generation development platform blending industry-leading analytics, advanced software architecture, and the latest web technologies to help our customers make data-driven business decisions. With a growing need to keep our platform secure, our Security Engineering team seeking a Lead Software Engineer experienced in implementing security tools and technologies in the on-premise or cloud datacenter. As a Lead Engineer, you will bring engineering expertise and leadership to a growing team of highly motivated and innovating engineers. Enjoy large scale infrastructure challenges? Come solve them with us. What you will be doing: * Help set the technical vision of the team as we work towards designing and developing Security Engineering practices. * Design, develop, and deliver simple, (re)usable, service enabled, maintainable, and scalable security solutions that meet business requirements in adherence with respective standards, processes and best practices. * Proactively identify and prioritize cross-application synergy, system enhancements, and automation of manual processes. * Contribute to the overall strategy and manage complex issues within functional area of expertise. * Research and perform PoC's (Proof of Concept) on current and upcoming technologies and application appropriate frameworks to improve security and development practices. * Perform quality inspections and walkthroughs throughout the SDLC including requirements review, architecture review, design review, code review and security review to ensure compliance with respective standards * Leverage security experience and knowledge to develop the security culture and maintain effective working relationships with a variety of internal stakeholders, including business owners, end-users, customers, project managers, engineers, and senior management * Coach junior level employees on software development and security best practices * Work on a mix of legacy and greenfield projects to enable and support full-stack modernization. Who you are: * Experienced working with F5 BIG-IP ASM, HashiCorp Vault, SAST, DSAT and SCA tools, etc. * Expertise coding in languages like Python, C#, Java, or Go. * Able to lead projects with multiple teammates and provide thoughtful technical mentorship to help grow their careers. * Able to independently research, evaluate and decide on both short-term and long-range solutions. * Skilled at breaking down problems, organizing work, and delivering against technical requirements. * Able to communicate to peers and stakeholders with impact, eloquence, and authenticity. * Experience with Azure Cloud, Chef, and Jenkins CI/CD for infrastructure management, automation, and deployment pipelines. * Proficient in using Splunk for log management, monitoring, and security event analysis. Location Requirement: This is a hybrid position based in Mastercard's Arlington, Virginia Tech Hub. This role is not eligible for Mastercard's work authorization sponsorship. As such, candidates must be eligible to work in the United States, now as well as in the future, without employer sponsorship. #LI-TE1 Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: * Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed; * Report any suspected information security violation or breach, and * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more. Pay Ranges Arlington, Virginia: $159,000 - $254,000 USD

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for the Privileged Access and Secrets Management teams supporting Enterprise Identity and Access Management Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of Security concepts At least 5 years of experience performing security risk assessments and security architecture reviews At least 5 years of experience with architecture, software design, networking, and cloud infrastructure At least 4 years of experience with cloud security engineering At least 4 years of experience in securing a public cloud environment Preferred Qualifications: Bachelor's Degree Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing and/or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and/or Defensive Security techniques Experience in a regulated environment At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

The Opportunity: Cyber threats are evolving, and perimeter security and automated protection aren't enough-it's time to go threat hunting. We need your help in detecting advanced cyber threats supporting out commercial clients. Instead of letting the attackers come to us, let's go find them. We're looking for an experienced Threat Hunter who can think like a cyber attacker to figure out how to circumvent security measures. You'll Identify, analyze, and report on threats or hidden events within the client's enterprise and cloud environments using offensive and defensive tradecraft and information collected from a variety of sources to protect data, systems, and networks. You'll apply advanced consulting skills or extensive technical expertise, including full industry knowledge, to develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members. Join us. The world can't wait. You Have: * 3+ years of experience with cybersecurity offensive or defensive technical operations * Experience with content development and analytics within technologies such as EDR or SIEM * Experience with Advanced Persistent Threat (APT) hunting, pen testing, digital forensics, or incident response * Experience with common threat hunting solutions, tools, or techniques used to analyze malware, extract indicators, and create signatures * Experience with endpoint telemetry, Carbon Black, FireEye HX, Falcon, Tanium, Defender, and Endgame * Experience with MITRE ATT&CK framework or the Cyber Kill Chain, and how it is applied in threat detection * Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams * Ability to analyze complex data sets and determine meaningful insights for security monitoring * HS diploma or GED Nice If You Have: * Experience in log management platforms, including Splunk, Google SecOps, MS Sentinel, or similar technologies * Experience monitoring, analyzing, and responding to security alerts from various security tools such as SIEM, EDR, and IDS/IPS * Experience performing investigations of security incidents to determine root cause, impact, and appropriate remediation actions * Experience developing, maintaining, and optimizing detection rules, use cases, and playbooks to improve detection coverage and accuracy * Experience with scripting, REST APIs, and forensic tools, including FTK and Encase * Knowledge of Cloud platforms such as Azure, AWS, or GCP, and operating systems such as Windows or Linux * Bachelor's degree in Mathematics, Engineering, Science, or a related field * CISSP, CompTIA Security, GIAC, GCFA or SANS 508 Certification, and GCFA GCFE, GREM, GNFA, GSNA, CISA, OSCP, or similar Certifications Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $75,600.00 to $172,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. * If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. * If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

**Req ID:** RQ193895 **Type of Requisition:** Regular **Clearance Level Must Be Able to Obtain:** Top Secret SCI + Polygraph **Public Trust/Other Required:** None **Job Family:** Cyber Security **Skills:** Cybersecurity,Event Security,Insider Threat,Security Audit,Splunk Administration **Experience:** 6 + years of related experience **US Citizenship Required:** Yes **Job Description:** Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT + Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. + Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. + Identify acceptable use policy infractions. + Review event logs to determine events of interest. + Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). + Prepare case evidence and incident reports. + Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: + Bachelor's Degree and 6+years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. + DoD Approved Baseline 8140/8570 IAT level III (CASP, CISSP, CISA, or CCNP) certification is required prior to start date. + DoD Approved Baseline 8140/8570 CSSP Auditor (CEH, CySA, CISA, Cloud+, or CHFI) certification is required prior to start date. + Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph + Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems + Friday and Saturday Night Shift work required. + Willing to work a holiday supporting your assigned shift. Location: 100% On Customer Site + Bolling AFB, Washington D.C. + Reston, VA + Colorado Springs, CO + Riverdale, MD + Pearl Harbor, HI + Tampa is available for part time weekend only support GDIT IS YOUR PLACE: + 401K with company match + Comprehensive health and wellness packages + Internal mobility team dedicated to helping you own your career + Professional growth opportunities including paid education and certifications + Cutting-edge technology you can learn from + Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $119,000.00 - $161,000.00. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber Security Job Qualifications: Skills: Cybersecurity, Event Security, Insider Threat, Security Audit, Splunk Administration Certifications: None Experience: 6 + years of related experience US Citizenship Required: Yes Job Description: Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT * Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. * Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. * Identify acceptable use policy infractions. * Review event logs to determine events of interest. * Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). * Prepare case evidence and incident reports. * Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: * Bachelor's Degree and 6+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. * DoD Approved Baseline 8140/8570 IAT level III (CASP, CISSP, CISA, or CCNP) certification is required prior to start date. * DoD Approved Baseline 8140/8570 CSSP Auditor (CEH, CySA, CISA, Cloud+, or CHFI) certification is required prior to start date. * Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph * Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems * Friday and Saturday Night Shift work required. * Willing to work a holiday supporting your assigned shift. Location: 100% On Customer Site * Bolling AFB, Washington D.C. * Reston, VA * Colorado Springs, CO * Riverdale, MD * Pearl Harbor, HI * Tampa is available for part time weekend only support GDIT IS YOUR PLACE: * 401K with company match * Comprehensive health and wellness packages * Internal mobility team dedicated to helping you own your career * Professional growth opportunities including paid education and certifications * Cutting-edge technology you can learn from * Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $119,000.00 - $161,000.00. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA DC Washington Additional Work Locations: USA CO Colorado Springs, USA HI Pearl Harbor, USA MD Riverdale, USA VA Reston Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for the Commercial line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 4 years of experience working in cybersecurity or information technology At least 1 years of experience providing guidance and oversight of Security concepts At least 1 years of experience performing security risk assessments and security architecture reviews At least 1 years of experience with architecture, software design, networking, and cloud infrastructure Preferred Qualifications: Bachelor's Degree 1+ year of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling and risk assessments Experience with Penetration Testing and/or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and/or Defensive Security techniques Experience in a regulated environment 1+ year of experience with Artificial Intelligence or Machine Learning security 1+ year of experience with model governance and lifecycle management GIAC Machine Learning Engineer Certification At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $193,400 - $220,700 for Manager, Cyber Technical New York, NY: $211,000 - $240,800 for Manager, Cyber Technical Plano, TX: $175,800 - $200,700 for Manager, Cyber Technical Richmond, VA: $175,800 - $200,700 for Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Lead Software Engineer - Security Engineering At Services within Mastercard, we are building out the APT Platform, a next generation development platform blending industry-leading analytics, advanced software architecture, and the latest web technologies to help our customers make data-driven business decisions. With a growing need to keep our platform secure, our Security Engineering team seeking a Lead Software Engineer experienced in implementing security tools and technologies in the on-premise or cloud datacenter. As a Lead Engineer, you will bring engineering expertise and leadership to a growing team of highly motivated and innovating engineers. Enjoy large scale infrastructure challenges? Come solve them with us. What you will be doing: - Help set the technical vision of the team as we work towards designing and developing Security Engineering practices. - Design, develop, and deliver simple, (re)usable, service enabled, maintainable, and scalable security solutions that meet business requirements in adherence with respective standards, processes and best practices. - Proactively identify and prioritize cross-application synergy, system enhancements, and automation of manual processes. - Contribute to the overall strategy and manage complex issues within functional area of expertise. - Research and perform PoC's (Proof of Concept) on current and upcoming technologies and application appropriate frameworks to improve security and development practices. - Perform quality inspections and walkthroughs throughout the SDLC including requirements review, architecture review, design review, code review and security review to ensure compliance with respective standards - Leverage security experience and knowledge to develop the security culture and maintain effective working relationships with a variety of internal stakeholders, including business owners, end-users, customers, project managers, engineers, and senior management - Coach junior level employees on software development and security best practices - Work on a mix of legacy and greenfield projects to enable and support full-stack modernization. Who you are: - Experienced working with F5 BIG-IP ASM, HashiCorp Vault, SAST, DSAT and SCA tools, etc. - Expertise coding in languages like Python, C#, Java, or Go. - Able to lead projects with multiple teammates and provide thoughtful technical mentorship to help grow their careers. - Able to independently research, evaluate and decide on both short-term and long-range solutions. - Skilled at breaking down problems, organizing work, and delivering against technical requirements. - Able to communicate to peers and stakeholders with impact, eloquence, and authenticity. - Experience with Azure Cloud, Chef, and Jenkins CI/CD for infrastructure management, automation, and deployment pipelines. - Proficient in using Splunk for log management, monitoring, and security event analysis. Location Requirement: This is a hybrid position based in Mastercard's Arlington, Virginia Tech Hub. This role is not eligible for Mastercard's work authorization sponsorship. As such, candidates must be eligible to work in the United States, now as well as in the future, without employer sponsorship. \#LI-TE1 Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more. **Pay Ranges** Arlington, Virginia: $159,000 - $254,000 USD

Center 1 (19052), United States of America, McLean, VirginiaDirector, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to lean into solutions or know when to pull in additional experts and or escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like generative AI security, cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOps, micro-segmentation, Customer Servicing platforms and technologies, PCI and other business and regulatory cybersecurity compliance frameworks. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Develop and communicate a technology first, risk-based and data-driven strategy and roadmap for our generative AI security Act as a central point of contact for your line of business to the rest of Capital One's Information Security and Risk Management Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Platform Security, Application Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, architecture solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Partner with enterprise cyber, tech and product security teams to provide technical and cybersecurity architectural leadership, where necessary to drive innovative solutions that help improve security Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: Bachelor's Degree At least 5 years of people leadership experience At least 7 years of experience in cybersecurity or information technology At least 5 years of experience performing security risk assessments and security architecture reviews Preferred Qualifications: 7+ years experience providing guidance and oversight of security concepts Master's Degree in Computer Science, Information Systems, or Engineering 5+ years experience in securing Generative AI platforms and applications 5+ years experience building software utilizing public cloud (AWS, GCP, Azure) 5+ years experience with cloud security strategy, architecture and engineering 2+ years experience securing customer servicing agents platforms 2+ years experience with Agile methodologies 2+ years experience with Application Security, Threat Modeling, Penetration Testing or Vulnerability Management 3+ years experience integrating SaaS products into an Enterprise Environment 2+ years experience with securing container services 2+ years of financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) 2+ years experience in Offensive or Defensive Security techniques 3+ years experience in cybersecurity, privacy, or technology industry standards (ISO 27001/27002, NIST CSF and 800 series, GLBA, GDPR, FFIEC, or PCI-DSS) At this time, Capital One will not sponsor a new applicant for employment authorization for this position. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

The Opportunity: Cyber threats are evolving, and perimeter security and automated protection aren't enough-it's time to go threat hunting. We need your help in detecting advanced cyber threats supporting out commercial clients. Instead of letting the attackers come to us, let's go find them. We're looking for an experienced Threat Hunter who can think like a cyber attacker to figure out how to circumvent security measures. You'll Identify, analyze, and report on threats or hidden events within the client's enterprise and cloud environments using offensive and defensive tradecraft and information collected from a variety of sources to protect data, systems, and networks. You'll apply advanced consulting skills or extensive technical expertise, including full industry knowledge, to develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members. Join us. The world can't wait. You Have: 3+ years of experience with cybersecurity offensive or defensive technical operations Experience with content development and analytics within technologies such as EDR or SIEM Experience with Advanced Persistent Threat (APT) hunting, pen testing, digital forensics, or incident response Experience with common threat hunting solutions, tools, or techniques used to analyze malware, extract indicators, and create signatures Experience with endpoint telemetry, Carbon Black, FireEye HX, Falcon, Tanium, Defender, and Endgame Experience with MITRE ATT&CK framework or the Cyber Kill Chain, and how it is applied in threat detection Ability to profile and track malicious actors that pose a threat in coordination with threat intelligence support teams Ability to analyze complex data sets and determine meaningful insights for security monitoring HS diploma or GED Nice If You Have: Experience in log management platforms, including Splunk, Google SecOps, MS Sentinel, or similar technologies Experience monitoring, analyzing, and responding to security alerts from various security tools such as SIEM, EDR, and IDS/IPS Experience performing investigations of security incidents to determine root cause, impact, and appropriate remediation actions Experience developing, maintaining, and optimizing detection rules, use cases, and playbooks to improve detection coverage and accuracy Experience with scripting, REST APIs, and forensic tools, including FTK and Encase Knowledge of Cloud platforms such as Azure, AWS, or GCP, and operating systems such as Windows or Linux Bachelor's degree in Mathematics, Engineering, Science, or a related field CISSP, CompTIA Security, GIAC, GCFA or SANS 508 Certification, and GCFA GCFE, GREM, GNFA, GSNA, CISA, OSCP, or similar Certifications Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $75,600.00 to $172,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

**Req ID:** RQ193895 **Type of Requisition:** Regular **Clearance Level Must Be Able to Obtain:** Top Secret SCI + Polygraph **Public Trust/Other Required:** None **Job Family:** Cyber Security **Skills:** Cybersecurity,Event Security,Insider Threat,Security Audit,Splunk Administration **Experience:** 6 + years of related experience **US Citizenship Required:** Yes **Job Description:** Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT + Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. + Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. + Identify acceptable use policy infractions. + Review event logs to determine events of interest. + Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). + Prepare case evidence and incident reports. + Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: + Bachelor's Degree and 6+years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. + DoD Approved Baseline 8140/8570 IAT level III (CASP, CISSP, CISA, or CCNP) certification is required prior to start date. + DoD Approved Baseline 8140/8570 CSSP Auditor (CEH, CySA, CISA, Cloud+, or CHFI) certification is required prior to start date. + Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph + Preferred Skills: Splunk, Proofpoint, Fidelis, Solera, Windows, and Linux Operating Systems + Friday and Saturday Night Shift work required. + Willing to work a holiday supporting your assigned shift. Location: 100% On Customer Site + Bolling AFB, Washington D.C. + Reston, VA + Colorado Springs, CO + Riverdale, MD + Pearl Harbor, HI + Tampa is available for part time weekend only support GDIT IS YOUR PLACE: + 401K with company match + Comprehensive health and wellness packages + Internal mobility team dedicated to helping you own your career + Professional growth opportunities including paid education and certifications + Cutting-edge technology you can learn from + Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $119,000.00 - $161,000.00. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Center 1 (19052), United States of America, McLean, VirginiaDirector, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to lean into solutions or know when to pull in additional experts and or escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like generative AI security, cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOps, micro-segmentation, Customer Servicing platforms and technologies, PCI and other business and regulatory cybersecurity compliance frameworks. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Develop and communicate a technology first, risk-based and data-driven strategy and roadmap for our generative AI security Act as a central point of contact for your line of business to the rest of Capital One's Information Security and Risk Management Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Platform Security, Application Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, architecture solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Partner with enterprise cyber, tech and product security teams to provide technical and cybersecurity architectural leadership, where necessary to drive innovative solutions that help improve security Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: Bachelor's Degree At least 5 years of people leadership experience At least 7 years of experience in cybersecurity or information technology At least 5 years of experience performing security risk assessments and security architecture reviews Preferred Qualifications: 7+ years experience providing guidance and oversight of security concepts Master's Degree in Computer Science, Information Systems, or Engineering 5+ years experience in securing Generative AI platforms and applications 5+ years experience building software utilizing public cloud (AWS, GCP, Azure) 5+ years experience with cloud security strategy, architecture and engineering 2+ years experience securing customer servicing agents platforms 2+ years experience with Agile methodologies 2+ years experience with Application Security, Threat Modeling, Penetration Testing or Vulnerability Management 3+ years experience integrating SaaS products into an Enterprise Environment 2+ years experience with securing container services 2+ years of financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) 2+ years experience in Offensive or Defensive Security techniques 3+ years experience in cybersecurity, privacy, or technology industry standards (ISO 27001/27002, NIST CSF and 800 series, GLBA, GDPR, FFIEC, or PCI-DSS) At this time, Capital One will not sponsor a new applicant for employment authorization for this position. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).