Security architect jobs in Hawaii

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **To foster collaboration and team synergy, this position follows a hybrid model. Employees within a 50-mile radius of our Pittsburgh, Buffalo, or Camp Hill locations will be required to work from the office on Tuesdays, Wednesdays, and Thursdays.** Execute a process to develop a security architecture that processes information of various levels of sensitivity. The security architecture must be compliant with existing enterprise technical security control requirements models. Produce gap analysis documentation to identify any gaps between specific technical security requirements and the architecture of the system and provide detailed technical recommendations on appropriate mitigation measures. Advise and consult clients responsible for the architecture, design, implementation, and deployment of technical security controls on appropriate application of existing security services to solve their problems or enable new business opportunities. Research and evaluate new security technologies to be used as point solutions to gaps where the project is unable to take advantage of or needing greater functionality than reusable enterprise security services. The security architecture work will include network security, network defense, operating system security identity, authentication and authorization, data protection, application security, activity audit and monitoring, mobile computing security, and partner/vendor access to corporate systems/data. **ESSENTIAL RESPONSIBILITIES** + Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. + Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. + Plan security systems by evaluating network and security technologies. + Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures. + Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. + May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training. + Support assurance compliance to required standards, procedures, guidelines and processes. + Other duties as assigned or requested. **REQUIRED EDUCATION** + Bachelor's degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree **PREFERRED EDUCATION** + Master's degree in Computer Science, Information Security or related field **EXPERIENCE** **_Minimum:_** + 5 - 7 years' experience architecting solutions + 5 - 7 years' experience in Information Security + Experience communicating with business partners **_Preferred:_** + 7 - 10 years' experience architecting solutions **SKILLS** + Business communication skills, both written and verbal and able to solve unconventional problems + Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge + Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts + In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them + Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures + Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL + Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.) + Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security **REQUIRED LICENSURE** None **PREFERRED LICENSURE** Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc. **TRAVEL REQUIREMENT:** 0%- 25% **LANGUAGE REQUIREMENT (** **_other than English_** **)?** None **PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS** ( _The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship._ **_Position Type:_** Office-Based **_Office-Based Positions_** An employee in this position works in an office environment. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. Teaches/Trains others regularly Occasionally Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Never Physical Work Site Required Yes **_Most On-The-Road Positions_** An employee in this position may work in a home or company office environment but is also frequently driving to and from various locations to perform the work off-site. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. **_Non-Office-Based Positions_** An employee in this position is frequently required to move throughout the workplace, sit, stand and walk, use hands and fingers to hold objects, tools or controls, possess fine motor skills (e.g., to write and operate a computer or to steer transportation equipment), possess gross motor skills (e.g., to carry items), reach with hands and arms, climb stairs and ladders, balance, stoop, kneel crouch and crawl, communicate effectively, and talk and hear. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. The employee must be able to work in a busy environment where decisions often must be made quickly, must attend work on a regular and reliable basis, must adhere to all workplace policies, and may be called upon to work outside regular business hours. This work occurs in a [example: warehouse, hospital or provider's office or mailroom]. Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **ADDITIONAL INFORMATION** **Changes Approved By:** Kathleen Thompson **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies_ As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. **Pay Range Minimum:** $78,900.00 **Pay Range Maximum:** $147,500.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272809

Job Description Senior Cyber Security Architect The Senior Security Architect designs and drives the secure architecture of DataHouse platforms and client solutions across cloud and hybrid environments. This role leads threat modeling, control selection, and reference architectures aligned to ISO/IEC 27001, NIST, and HIPAA, partners with engineering to embed security in delivery pipelines, and advises public-sector and healthcare clients on compliance-aligned architectures. You'll be a senior individual contributor with broad influence-mentoring engineers, shaping standards, and participating in architecture reviews and program governance. *This position requires the candidate to be based in Hawaii and able to work on-site in Honolulu as needed. Primary Responsibilities and Duties Architecture & Design: Define secure reference architectures (network, identity, data, application, and cloud) for AWS/Azure; champion zero-trust and least-privilege patterns. Risk Management: Identify, assess, and mitigate security risks to protect company assets, data, and systems from external and internal threats. Security Strategy Development: Develop and implement comprehensive security strategies and roadmaps that include key policies, procedures, and practices to safeguard the company's information technology infrastructure. Security Compliance: Ensure that security architecture meets regulatory requirements and compliance standards, such as GDPR, HIPAA, or industry-specific regulations. Governance & Compliance: Translate ISO/IEC 27001, NIST (CSF/800-53/171), and HIPAA into practical architectures, patterns, and evidence requirements; support internal audits and renewals. Advisory & Reviews: Sit on internal and client architecture review boards; support executive-level guidance to SLED and healthcare clients. Collaborate with Leadership: Work closely with senior leadership, including the CTO, and other department heads, to ensure security strategies align with business priorities and technology initiatives. Incident Readiness: Partner with SecOps to refine detection logic, playbooks, and tabletop exercises; ensure architectures support rapid containment and recovery. Mentorship & Standards: Coach engineers; author standards, patterns, and runbooks; lead brown-bags and security awareness sessions for delivery teams. Vendor Management: Work with external vendors to evaluate and select security tools, technologies, and services to enhance the company's security posture. Specific Responsibilities and Duties Develop and implement frameworks for the secure design and deployment of cloud services, network infrastructure, and enterprise applications. Lead the evaluation and integration of new security technologies and methodologies to enhance the company's security infrastructure. Collaborate with the IT department to ensure security controls are integrated into all software development and systems engineering processes. Define and enforce standards and best practices for secure software development, network security, data protection, and vulnerability management. Implement and continually improve the organization's Information Security Management System (ISMS) to maintain ongoing ISO 27001 certification. Advise client leadership teams on IT governance, budget planning, security roadmaps, and risk management programs. Ensure security practices address requirements specific to healthcare, government, and other regulated industries. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 6+ years of experience in information security, with at least 2 years in a senior security architecture role or similar management position. Proven experience in designing and implementing security architectures for large, complex systems across multiple platforms (cloud, on-premise, hybrid). Expert knowledge of security frameworks, such as NIST, CIS, ISO 27001, comparable ISMS frameworks, and experience with industry compliance standards. Strong understanding of network security, encryption technologies, access controls, threat modeling, and risk management. Experience with public sector and healthcare IT security requirements preferred. Experience with cloud security, including public cloud platforms such as AWS, Azure, or Google Cloud. Leadership and team management experience, with the ability to mentor and inspire a security team. Excellent problem-solving and analytical skills, with the ability to design secure systems and mitigate risks proactively. Proven track record delivering security services to external clients, including executive advisory and program governance. Strong ability to communicate risk and security strategy to executives, boards, and non-technical stakeholders. Certified Information Systems Security Professional (CISSP) or other relevant certifications (e.g., Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM)) is preferred. AWS/Azure security certifications preferred.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer you** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Pearl Harbor, HI, USA Full-time FLSA Status: Exempt Clearance Requirement: Secret Compensation: USD110556 - USD113805 - yearly ** Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. **Job Description** **Join SOSi and Shape the Future of Secure Networks in the Pacific!** SOSi is seeking a **Secret-cleared Senior Information Systems Security Officer (ISSO)** to join our elite team at **Hickam AFB, Hawaii** . We design and deliver **secure, resilient, and innovative network infrastructures** that power **USINDOPACOM's mission** and connect **5,000+ customers across the Pacific theater** . As part of our team, you'll tackle **complex cybersecurity challenges** , architect **unique solutions** , and help deploy a **private cloud platform** that empowers the warfighter. If you're ready to make an impact with cutting-edge technology and ensure the health and security of enterprise systems spanning hundreds of embedded devices, this is your opportunity to lead from the front. **Principal Duties:** + Assist the ISSM in developing and maintaining a formal information system (IS) security program and policies for their assigned area of responsibility. + Provide technical and procedural IS Security advice to engineering team and senior management regarding the RMF process. + Establish and maintain computer systems and networks for classified processing, responsible for administration, maintenance, and security auditing. + Develop and oversee operational information systems security implementation policy and guidelines. + Maintain a repository using eMASS with all security authorizations for IS under their purview. + Coordinate IS security inspections, tests, and reviews. + Ensure proper measures are taken when an IS incident or vulnerability is discovered. + Ensure development and implementation of an effective IS security education, training, and awareness program. + Ensure Configuration Management policies and procedures for authorizing the use of hardware/software on an IS are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate AO prior to the addition, change or modification. + Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. + Manage, maintain, and execute the information security continuous monitoring plan. + Ensure records are maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AO/DAO. + Assess changes to the system, its environment, and operational needs that could affect the security authorization. **Qualifications** **Minimum Requirements** + Active Secret DoD security clearance. + Bachelor's degree in a related field plus 4 years of related experience. + DoD 8570 IAT-II compliant (Security+ CE, CCNA, CND, CySA+, GICSP, GSEC, or SSCP). + Knowledge of NSA's Commercial Solution for Classified (CSfC) solution and Cross Domain Solutions (CDS). + Thorough understanding of NIST Publication 800-53r5, Risk Management Framework, Executive Order 14028, and OMB Mandate M-22-09. + Prior experience with eMASS. + Strong communication skills and ability to coordinate tasks across functional groups. **Preferred Qualifications** + Master's degree in Information Technology or related discipline + Recent experience supporting system authorizations. **Additional Information** **Work Environment:** + Working conditions are normal for an office environment. + Fast paced, deadline-oriented environment. + May require periods of non-traditional working hours including consecutive nights or weekends. + Target Salary Range: $110,556 to $136,257. **Working at SOSi:** All interested individuals will receive consideration and will not be discriminated against for any reason. SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.

SAIC is seeking qualified Cybersecurity Specialist (Information System Security Officer) for an Air Force TENCAP HOPE 2.0 contract at Joint Base Pearl Harbor Hickam, Hawaii. This position will support the delivery of local and distributed virtual and constructive training environments to US, allied, coalition military forces spanning the United States Indo-Pacific Command (USINDOPACOM) Area of Responsibility. The Cybersecurity Specialist will: + Perform network security monitoring and incident response. + Support the sustainment of the accredited cybersecurity posture of domain enclaves by actively tracking and maintaining each network's cyber-vulnerability level and system compliance with applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Report any deviations or shortfalls to the Information System Security Manager (ISSM) for action. + Support and assist with the STIG/SRG checklist process, tracking automated compliance scans and manual STIG checklists based on DISA releases. Validate results and track/report compliance of configuration changes based on CYBERCOM tasking orders or other DoW short-notice threat response notifications. + Maintain lists of active hosts on different networks and the corresponding basic inventory listings of software used to determine STIGs and/or SRGs that need to be applied. + Assist in researching configuration updates/changes and apply a "patch-and-test" approach to determine if a particular configuration update/change will have a detrimental effect on the processes and mission to decide on application in the operational environment. + Provide comprehensive cybersecurity support in support of Modeling and Simulation / Live, Virtual, and Constructive (M&S/LVC) information technology systems. + Provide comprehensive support to scan and remediate networks. + Provide comprehensive support to security monitoring and detection of unauthorized access. + Develop and execute Government approved security policies, plans, and procedures, implement data network security measures, operate and monitor network intrusion detection and forensic systems, conduct IS security incident handling, support Continuity of Operations Plan/Disaster Recovery (COOP/DR) plans, and perform certification of IS and networks. Provide technical support for Plan of Action and Mitigation process and remediation activities. + Provide comprehensive support to obtaining and maintaining Authority to Operate (ATO) accreditation for networks and systems. + Provide other related support including but not limited to: + Review system artifacts and documents for accuracy. + Conduct facility visits to observe the actual processes related to each Information Assurance (IA) control (technical, personnel, operational, or management). + Report security findings and issues associated with the RMF process to the appropriate Cybersecurity POCs. + Support and coordinate necessary documentation submissions for network and system Interconnection Security Agreements (ISAs), Authority to Connect (ATC), or other security agreements for both persistent and event-based interconnections. + Participate in meetings with system Information Assurance Security Officers (IASOs), Program Managers (PMs), Information System Security Managers (ISSMs) and their representatives, and other cybersecurity representatives of unit driven events or initiatives. During these meetings present issues and recommendations. Provide meeting reports that outline the discussion topics, problem areas, action items, and resolution recommendations. + Support system administration personnel with other related functions to include but not limited to implementation and sustainment of cybersecurity best practices in accordance with DoW and DISA directives to maximize confidentiality, integrity, and availability of the networks and training mission. + For scheduled and unscheduled cybersecurity posture audits, report observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of audits, identifying trends and recommendations to reduce vulnerabilities and maintain or improve system security posture. **Qualifications** **Required Experience and Qualifications:** + Bachelor's and nine (9) or relevant years of experience in lieu of degree. Must be a US Citizen, possess an active SECRET security clearance and be eligible to obtain a TS/SCI. + ISSO / ISSM Certifications, Education, or Training at the Intermediate or Advanced level, as specified in DoDM 8140.03 Cyberspace Workforce Qualification and Management Program and DoD Cyber Workforce Framework 722. Accepted certifications are: GMON, SecurityX/CASP+, CCISO, CCSP, CGRC/CAP, CISSO, Cloud+, GCSA, GSEC, Security+, SSCP, CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, and GSLC. + Detailed understanding of DoW cybersecurity policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH, and other applicable policies. + Comprehensive knowledge of Physical Security principles, methods, and techniques. + Proficient in operating and configuring ACAS, HBSS, and vulnerability scanners. + Proficient using MS Office including Word, PowerPoint, Excel, SharePoint, and Teams. **Desired Experience and Qualifications:** + Operating system certification (for example, Microsoft Certified Solutions Expert). + Microsoft Windows environment, UNIX, Linux, VMWare, VDI zero client architecture. + Microsoft Certified Solutions Craftsman: Server Infrastructure and/or Red Hat Certified System Administrator. + Experience with entering and reviewing eMASS artifacts. **Salary** + For extremely qualified candidates, salaries may exceed the target salary range given below. Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors. REQNUMBER: 2511578 SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Penetration Testing is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate + Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG/MASVS/ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate + Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate + Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container/orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate + Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate + Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained/unconstrained delegation, ACL abuses, LAPS/MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate + Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate + Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate + Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate + Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate + Experience collaborating in red/purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate + Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate + Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate **Other Requirements** + Completed Bachelor's Degree in a related field or relevant work experience required + 5-7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments. + Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed. + Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus). + Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description Join SOSi and Shape the Future of Secure Networks in the Pacific! SOSi is seeking a Secret-cleared Senior Information Systems Security Officer (ISSO) to join our elite team at Hickam AFB, Hawaii. We design and deliver secure, resilient, and innovative network infrastructures that power USINDOPACOM's mission and connect 5,000+ customers across the Pacific theater. As part of our team, you'll tackle complex cybersecurity challenges, architect unique solutions, and help deploy a private cloud platform that empowers the warfighter. If you're ready to make an impact with cutting-edge technology and ensure the health and security of enterprise systems spanning hundreds of embedded devices, this is your opportunity to lead from the front. Principal Duties: Assist the ISSM in developing and maintaining a formal information system (IS) security program and policies for their assigned area of responsibility. Provide technical and procedural IS Security advice to engineering team and senior management regarding the RMF process. Establish and maintain computer systems and networks for classified processing, responsible for administration, maintenance, and security auditing. Develop and oversee operational information systems security implementation policy and guidelines. Maintain a repository using eMASS with all security authorizations for IS under their purview. Coordinate IS security inspections, tests, and reviews. Ensure proper measures are taken when an IS incident or vulnerability is discovered. Ensure development and implementation of an effective IS security education, training, and awareness program. Ensure Configuration Management policies and procedures for authorizing the use of hardware/software on an IS are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate AO prior to the addition, change or modification. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Manage, maintain, and execute the information security continuous monitoring plan. Ensure records are maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AO/DAO. Assess changes to the system, its environment, and operational needs that could affect the security authorization. Qualifications Minimum Requirements Active Secret DoD security clearance. Bachelor's degree in a related field plus 4 years of related experience. DoD 8570 IAT-II compliant (Security+ CE, CCNA, CND, CySA+, GICSP, GSEC, or SSCP). Knowledge of NSA's Commercial Solution for Classified (CSfC) solution and Cross Domain Solutions (CDS). Thorough understanding of NIST Publication 800-53r5, Risk Management Framework, Executive Order 14028, and OMB Mandate M-22-09. Prior experience with eMASS. Strong communication skills and ability to coordinate tasks across functional groups. Preferred Qualifications Master's degree in Information Technology or related discipline Recent experience supporting system authorizations. Additional Information Work Environment: Working conditions are normal for an office environment. Fast paced, deadline-oriented environment. May require periods of non-traditional working hours including consecutive nights or weekends. Target Salary Range: $110,556 to $136,257. Working at SOSi: All interested individuals will receive consideration and will not be discriminated against for any reason.

Information Systems Security Manager (ISSM) LOCATIONHonolulu, HI 96815CLEARANCETS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARYWe are looking for a dedicated and results-driven Information Systems Security Manager (ISSM) to lead and oversee the security management of our information systems. In this pivotal role, you will be responsible for ensuring the confidentiality, integrity, and availability of organizational systems while maintaining compliance with applicable security policies and standards. As the ISSM, you will work closely with leadership and technical teams to assess risks, implement security strategies, and monitor ongoing compliance efforts. The ideal candidate will possess strong leadership skills, a deep understanding of cybersecurity principles, and a proactive approach to addressing complex security challenges. Join our team and make a meaningful impact on the security and resilience of our technology environment. *** Please note that our job openings are dynamic and can open or close quickly (much faster than we can publish). If you do not see an opening you are looking for, know that we see almost all types of positons. We strive to keep our listings up to date, but please consider submitting your current resume. Our team will work with you to identify the most recent opportunities that align with your skillset and career goals. We look forward to you joining our family. *** SIMILAR CAREER TITLESInformation Systems Security Manager (ISSM), Cybersecurity Manager, IT Security Manager, Information Assurance Manager, Security Compliance Manager, Network Security Manager, Cyber Defense Manager, Security Operations Center (SOC) Manager, Risk Management Manager, Security Program Manager, etc.DEGREE (Level Desired) Bachelor's DegreeDEGREE (Focus) Cybersecurity, Information Systems, Computer Science, Information Technology, Computer Engineering, Information Assurance, Network Security, Systems Engineering, Risk Management, Data Science, etc.ALTERNATE EXPERIENCEGeneral comment on degrees: Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some contracts give 4-5 years experience credit for a Bachelor's Degree. Some contracts give 2 years experience credit for a Master's Degree. We will work with you to find the right fit.POSITION RESPONSIBILITIES Develop and enforce security policies Oversee system accreditation and compliance Conduct regular security assessments Manage incident response processes Implement and monitor security controls Lead security awareness and training programs REQUIRED SKILLS Proficiency in risk management frameworks Expertise in security auditing Knowledge of regulatory compliance standards Ability to manage security teams Proficiency in security monitoring tools Strong communication and leadership skills DESIRED SKILLS Familiarity with cloud security management Experience with DevSecOps practices Understanding of Zero Trust architecture Knowledge of IoT and OT security Proficiency in automation and scripting Expertise in forensic analysis and investigation tools PLUG IN to CYMERTEK - And design your future... YOUR FOREVER CAREER STARTS HERE Are you looking for more than just a job? Join a company where employees are treated like family, and your career is built to last. We are a growing small business and a trusted federal contractor offering full scope consulting services in information technology, cybersecurity, and analyst workforce development. At our company, you come first. We're committed to creating an environment where you'll thrive professionally and personally. We provide meaningful, challenging work using cutting-edge technologies while investing in your growth and success. With direct access to company leadership, a laid-back and inclusive atmosphere, and exceptional work-life balance, you'll feel valued every day. We also believe in taking care of our family - both yours and ours. Our benefits are phenomenal, family-friendly, and designed with your well-being in mind. From employee and family events to career-long support, we create a community you'll never want to leave. Ready to make your next move the best one? Join us and experience the difference. BENEFITS Excellent Salaries Flexible Work Schedule Cafeteria Style Benefits 10% - 401k Matching (Vested Immediately) Additional 401k Profit Sharing 30 days Paid Leave/Holiday (No Use or Lose!) The day off for your birthday Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus) HSA/FSA AFLAC Long Term/Short Term Disability - 100% employee coverage. No cost to you. Life Insurance - 100% employee coverage. No cost to you. Additional Discretionary Life Insurance Paid Training No long, wordy reviews with tons of paperwork!!! Referral bonus program with recurring annual payments HOW TO APPLY Email us at ***************** or apply today: **************** Want to see what our employees think? Click here . EQUAL OPPORTUNITY EMPLOYER STATEMENT Cymertek is proud to be an Equal Opportunity Employer committed to fostering an inclusive and diverse workplace. We embrace and celebrate differences in our employees, recognizing that a diverse workforce enhances our creativity, innovation, and overall success. At Cymertek, employment decisions are made based on merit, qualifications, and business needs without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by applicable laws. We believe in creating an environment where all individuals are treated with respect and dignity, and where opportunities for professional growth and advancement are accessible to everyone, regardless of background or identity.

The Opportunity: Are you looking for an opportunity to advance your experience in cybersecurity and security engineering that will safeguard our nation? As an Information Systems Security Officer on our team, you can identify the tools, applications, and systems needed to assess vulnerabilities and recommend the best solution and security strategy. We need your experience to develop and implement security solutions that will protect our military. On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity testing and risk management. You'll use your curiosity for technology and market trends to further research and develop security solutions. Using your experience with systems security, you'll help assess security threats and implement infrastructure controls. In this role, you'll closely impact Navy missions by championing cybersecurity, discovering cyber risks, and providing hands-on support to critical mission areas. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Work with us as we secure and protect our military's cybersecurity posture for the better. What You'll Work On: Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management. Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises. Perform risk and vulnerability assessments in network, system, and application areas. Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise. Join us. The world can't wait. You Have: 3+ years of experience with cybersecurity and Information Technology (IT) systems for a DoD or government agency Experience as an Information Systems Security Officer (ISSO) working with Assessment and Authorization (A&A) and the implementation of the Risk Management Framework (RMF) process, including continuous monitoring Experience with cybersecurity strategies, constructs, and vulnerability analysis to determine applicability, risk, impact, mitigations, and remediations Experience interacting directly with clients, managers, and stakeholders and approving authorities to identify problems, analyze data, generate solutions, and communicate results Experience with Windows and Linux operating systems Knowledge of NIST 800-37, NIST 800-53, CNSS-1253, or JSIG requirements TS/SCI clearance HS diploma or GED Nice If You Have: Experience with eMASS and XACTA Experience with configuration management Experience providing network, system administration, or computer operations support Experience with hands-on cybersecurity compliance testing using industry standard tools, including Assured Compliance Assessment Solution (ACAS) and DoD Security Technical Implementation Guides (STIG), SCAP, scan analysis, IP networking, and communications Experience supporting SAPF or SCIF environments Knowledge of cloud architecture and virtualization Knowledge of computer networking concepts, protocols, and security methodologies Bachelor's degree Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $69,400.00 to $158,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Leidos has several career opportunities for Cyber Intrusion Analysts who will be members of the Network Assurance (NA) Team (DISA GSM-O program) in Pearl Harbor, Hawaii. We support 24/7 operations and shift assignments are based on both preference and contract requirements, so we ask our team members to remain flexible to potential shift modifications to meet minimum staffing requirements. **JOB DESCRIPTION:** Work closely with Government counterparts to provide guidance within the CND-SP area. Provide CND reports, trends, responses, mitigations, analysis & information dissemination. Provide C2 support, situational awareness support, and provide leadership & support for all CND applicable activities within Protect, Detect, Respond, and Sustain. Work as a technical leader within the CSSP Team, responsible for maintaining the integrity & security of enterprise-wide systems & networks. Provide technical leadership to CND Teams supporting security initiatives through predictive & reactive analysis, and by articulating emerging trends to leadership & staff. **PRIMARY RESPONSIBILITIES:** + Perform computer network incident detection, and response activities to detect, correlate, identify and characterize anomalous activity that may be indicative of threats to the enterprise. + Monitor various security tools and applications for possible malicious activities, investigate any associated alerts or indicators, and develop recommendations for a course of action, including mitigation strategies as necessary. + Conduct analysis of low-level ("low and slow") events to identify unauthorized activity utilizing exploratory problem-solving or self-learning techniques. + Conduct near real-time event triage and analysis, which can result in network traffic validations or a Mission Partner's incident report. + Utilize formal monitoring policies and procedures that include the appropriate use of DoD-approved network monitoring and traffic analysis tools to assist with identifying suspicious, anomalous, or overtly malicious network traffic on a 24/7/365 basis. + Review and analyze available logs in a timely manner to detect intruders and notify Mission Partners of activity through a formal reporting process/pending an incident report. + Apply, develop, tune, and distribute or optimize new and existing countermeasures or guidance to prevent or mitigate potential cyber event impacts when possible. + Perform network traffic analysis utilizing raw packet data, net flow, IDS, IPS and custom sensor output, as it pertains to the cyber security of communications networks. + Understand attack signatures, tactics, techniques, and procedures associated with advanced threats. + Requires good technical writing skills as each event, including the associated analysis, are documented in a ticketing system for review and action. + Requires excellent communication skills as we are collocated with our customer and regular face-to-face interaction is necessary throughout the day, as well as significant coordination and communication between team members. **BASIC QUALIFICATIONS:** + Minimum active DoD Secret clearance with ability to obtain Top Secret (active TS strongly preferred) + Current DoD 8570 IAT Level II Certification (e.g. Sec+ CE) or higher at time of start. + Ability to obtain DoD 8570 CSSP-Analyst certification, such as CEH, CySA+, GCIA or equivalent, within 180 days of hire. + Bachelor's and 2+ years of relevant experience; additional relevant work experience and/or military service may be considered in lieu of degree + Experience working CND duties (e.g., Protect, Defend, Respond, and Sustain). + Experience working with DoD / Government Leaders at all levels. + Strong computing system knowledge, particularly networking, including a knowledge of communication protocols and familiarity with common computing security elements such as IDS/IPS systems and firewalls. + Experience evaluating packet captures. + Willingness and ability to perform shift work (shifts may not be static). **PREFERRED QUALIFICATIONS:** + Command Line Scripting skills (PERL, python, shell scripting) to automate analysis task. + Knowledge of hacker tactics, techniques and procedures (TTP). + Familiarity with computing security frameworks such as MITRE ATT&CK and Cyber Kill Chain. + Monitoring of intrusion detection and computer defense appliances (Splunk, Elastic), applications, and analysis of associated alerts. + Knowledge of advanced threat actor tactics, techniques, and procedures (TTP) + Understanding of software exploits. + Analyze packed and obfuscated code. If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** October 30, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $69,550.00 - $125,725.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00169702 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

**Req ID:** RQ210177 **Type of Requisition:** Regular **Clearance Level Must Be Able to Obtain:** Top Secret SCI + Polygraph **Public Trust/Other Required:** None **Job Family:** Cyber and IT Risk Management **Skills:** Cybersecurity,Event Security,Security Audit,Splunk (Inactive) **Experience:** 8 + years of related experience **US Citizenship Required:** Yes **Job Description:** **Cyber Security Analyst - Full time position, but must include working one weekend day (Sunday)** Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT + Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. + Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. + Identify acceptable use policy infractions. + Review event logs to determine events of interest. + Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). + Prepare case evidence and incident reports. + Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: + Bachelor's Degree and 8+years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. + DoD Approved Baseline 8570 IAT level III (CASP, CISSP, CISA, etc.) certification is required prior to start date. + DoD Approved Baseline 8570 CSSP Auditor (CEH, CySA, CISA, etc.) certification is required prior to start date. + Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph + Preferred Skills: Splunk, Microsoft O365, Fidelis, Solera, Windows, and Linux Operating Systems + Saturday and Sunday weekend Day Shift work required. + Willing to work holidays supporting your assigned shift. Location: 100% On Customer Site + Bolling AFB, Washington D.C. + Reston, VA + Colorado Springs, CO + Riverdale, MD + Pearl Harbor, HI + Tampa is available for part time weekend only support GDIT IS YOUR PLACE: + 401K with company match + Comprehensive health and wellness packages + Internal mobility team dedicated to helping you own your career + Professional growth opportunities including paid education and certifications + Cutting-edge technology you can learn from + Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $61.30 - $82.94. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events at ******************** Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

AMS Technologies is a leader in providing technological solutions tailored to meet the ever-changing needs of our customers. We pride ourselves on delivering scalable, customer-focused, and cost-effective solutions that drive success in complex environments. Summary As a Cybersecurity Analyst at AMS Technologies, you will play a crucial role in safeguarding our clients' information systems. This position is vital for ensuring the security and integrity of our technological solutions, allowing us to maintain our commitment to excellence and customer satisfaction. PRIMARY RESPONSIBILITIES: Detect, analyze, and respond to computer network incidents by identifying anomalous activities that may pose threats to the enterprise. Monitor security tools and applications for suspicious activity, investigate alerts, and recommend appropriate mitigation strategies. Analyze subtle (“low and slow”) events to uncover unauthorized actions using problem-solving and self-learning techniques. Conduct near real-time event triage and analysis, leading to network traffic validations or incident reporting to Mission Partners. Follow established policies and utilize DoD-approved network monitoring and traffic analysis tools to identify suspicious or malicious traffic around the clock. Review and analyze logs promptly to detect intrusions and formally notify Mission Partners of findings through incident reports. Develop, apply, and fine-tune countermeasures to prevent or reduce cyber event impacts. Perform detailed network traffic analysis using raw packet data, net flow, IDS/IPS, and custom sensor outputs to protect communication networks. Maintain a thorough understanding of attack signatures, tactics, techniques, and procedures used by advanced threats. Document all events and analyses clearly in a ticketing system, requiring strong technical writing skills. Communicate effectively with customers and team members, with regular face-to-face interactions and ongoing coordination. BASIC QUALIFICATIONS: Active DoD Top Secret clearance required. Bachelor's Degree plus 4+ years of relevant experience; relevant cyber courses, certifications, or DISA customer experience may substitute for the degree. Current DoD 8570 IAT Level II Certification (e.g., Security+ CE) or higher at start. Current DoD 8570 CSSP Analyst Certification (e.g., CEH, CySA+), or ability to obtain within 180 days of start. Experience performing Computer Network Defense (CND) duties, including Protect, Defend, Respond, and Sustain. Experience working with DoD and government leadership at multiple levels. Strong knowledge of computing systems and networking, including protocols and security elements like IDS/IPS and firewalls. Experience analyzing packet captures. PREFERRED QUALIFICATIONS: Proficiency in command-line scripting (PERL, Python, Shell) for automating analysis tasks. Understanding of hacker tactics, techniques, and procedures (TTP). Familiarity with security frameworks such as MITRE ATT&CK and Cyber Kill Chain. Experience monitoring intrusion detection systems and defense tools (e.g., Splunk, Elastic) and analyzing associated alerts. Knowledge of advanced threat actor tactics and software exploits. Ability to analyze packed and obfuscated code. If you are passionate about cybersecurity and eager to make a difference in a dynamic environment, we invite you to apply today and join our team at AMS Technologies! Talent @ AMS AMS Technologies Please contact us with any questions: Email: ******************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Information Systems Security Officer (ISSO) - "W-TRS" Schofield Barracks , Hawaii Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. Job Description: *Conducts regular security assessments and audits on I.T. devices and information system assigned to identify vulnerabilities, security gaps, and non-compliance with security policies and standards in support of U.S. Army's Warfighter Training& Readiness Solutions ( W-TRS) program. *Performs risk analysis to evaluate the potential impact of identified vulnerabilities on the security and operations of training Devices. *Determines the likelihood of a security breach and the potential consequences. *Ensures that all DoD and U.S. Army security policies, procedures, and standards are properly implemented in all training devices. *Prepares for and respond to security incidents involving training devices. *Creates and maintains detailed RMF body of evidence, documentation of all security assessments, audits, incidents, and remediation efforts. Education/Experience: B.S. in Engineering, Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or related field; Advanced degree(s) preferred. Years Experience: (1+MA/MS or 2+BA/BS) or (4+AA/AAS) or (6+No Degree) Certification(s): 8140/8570 DoD Certification; Foundation-Intermediate / Information Assurance Manager I-II (IAM I-II) Required Knowledge: *Experience conducting regular security assessments and audits on IT devices / Information Systems to identify vulnerabilities, security gaps, and non-compliance with security policies and standards, using both manual inspections and automated tools to scan for vulnerabilities. *Experience participating in the Risk Governance process to provide security risks, mitigations, and input on other technical risk. Prepares and presents reports on the security posture to senior management and other stakeholders. *Experience creating and maintaining detailed RMF Assess and Authorization (A&A) documentation, incident reports, findings from device / information system examinations, summaries, and other situational awareness information. *Experience in supporting necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). *Experience with creating / managing plans of actions and milestones (POA&Ms) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. *Experience ACAS/Nessus vulnerability scans, review audit logs in Splunk to detect suspicious or unauthorized activity, and that all modules are functioning / detecting for HBSS/ TRELLIX. *Experience staying abreast of the latest security threats, trends, and technologies. *Ability to provide continuous evaluations and improve the security measures in place to address evolving security challenges. *Familiar with all DoD Cybersecurity guidance, NIST Special Publications, and U.S. Army Information Technology / Cybersecurity Regulations. *Overseeing an information security training and awareness program. Preferred Requirements Experience working with DoD / U.S. Army / Federal Government Experience with software/tools: ACAS / Nessus, Splunk, ePolicy Orchestrator - HBSS/TRELLIX, SCAP Compliance Checker (SCC), STIG Viewer, eMASS Experience as an ISSO Clearance: Must have a current and active U.S. Passport with ability to obtain a DoD SECRET clearance Travel: PHYSICAL REQUIREMENTS: Light work. Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work. Benefits include the following: Healthcare coverage Retirement plan Life insurance, AD&D, and disability benefits Wellness programs Paid time off, including holidays Learning and Development resources Employee assistance resources Pay and benefits are subject to change at any time and may be modified at the discretion of the company, consistent with the terms of any applicable compensation or benefit plans. V2X is committed to building a diverse and inclusive environment in which we recognize and value each other's differences as well as fostering a culture that promotes its core values: Professionalism, Integrity, and Respect. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, or status as a protected veteran.

Valiant Integrated Services is seeking an experienced, highly skilled Information System Security Analyst to act as Information Systems Security Officer (ISSO) to join our professional team protecting mission training services for a Mission Training Complex (MTC) on Schofield Barracks, HI. Duties and Responsibilities Develop and maintain an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures. Provide support to the System Owner and the ISSM for maintaining the appropriate operational IA posture for a system, program, or enclave. Provide support to the customer on all matters involving the security of their information systems. Assist with the management of all security aspects of the information system and as assigned performs day-to-day security operations of the system. Assist in the development of the system security policy and ensures compliance with that policy on a routine basis. Prepare, validate, and maintain security documentation including, but not limited to: system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment, FIPS categorization. Provide configuration management for security-relevant information system software, hardware, and firmware, controlling changes to the system and assessing the security impact of those changes. Identify and mitigate security business and system risks. Identify and manage POA&Ms through remediation as well as develop corrective action plans for each POA&M. Maintain a repository for all organizational or system-level cybersecurity-related documentation such as DIACAP/RMF processes within eMASS or other automated process. Maintain Defense Information Technology Portfolio Registry (DITPR) for client systems and software. Ensure implementation of Information System (IS) security measures and procedures, including reporting incidents to the Command Information System Security Manger (ISSM) and appropriate reporting chains as well as coordinating system-level responses to unauthorized disclosures in accordance with DoDM 5200.01 Vol 3 for classified information or DoDM 5200.01 Vol 4 for CUI, respectively. Implement and enforce all DoD IS and Platform Information Technology (PIT) system cybersecurity policies and procedures, as defined by cybersecurity-related documentation. Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems. In coordination with the ISSM, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered. Establish a process for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO. Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals. Ensures proper Configuration Management procedures are followed. Prior to implementation and contingent upon necessary approval with the ISSM. Initiates requests for temporary and permanent exception, deviations, or waivers to IA requirements such as Plan of Action and Milestones (POA&Ms). Ensures IA and IA-enabled software, hardware and firmware comply with appropriate security configuration guides. Provide status updates of assigned duties to the appropriate agency heads as defined in their respective Service Level Agreement (SLA). Respond to all applicable data calls, CTO's, FRAGO's, IAVA's ,etc within the requested timeframe. Attend all Cybersecurity Workforce Meetings when requested. Required Education and Experiences A bachelor's degree plus 3 years of recent specialized experience OR an associate's degree plus 7 years of recent specialized experience OR a major certification plus 7 years of recent specialized experience OR 11 years of recent specialized experience. Required to have active U.S. Top Secret/SCI security clearance with the ability to pass a CI/Polygraph exam. Baseline DoDI 8570 IA Certifications are required - a current CompTIA Security+ or greater certification. A higher level certification, such as GSLC, CAP, CASP, CISM, CISSP, is also appropriate. Desired Skills and Qualifications A working knowledge of RMF and the security authorization processes and procedures. Knowledge of NIST Special Publications and their counterparts, especially SP800-37, SP800-53, ICD 503, and CNSS 1253. Ability to communicate clearly and present information to the customer in a format they can understand. Experience in several of the following areas: knowledge of current security tools, hardware and software security implementation; different communication protocols; and encryption techniques/tools. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services. Must be able to prioritize tasks, deliver solutions on time and be a team player with the ability to work independently and proactively while being flexible and prioritizing competing priorities, often under time constraints. Have strong analysis, oral and written communication, and change management skills with ability to plan, organize, prioritize, track, manage, and learn new skills. It is preferred that a candidate have at least one year of experience under the DoD Information Assurance Certification and Accreditation Process (DIACAP) and/or Risk Management Framework (RMF) accreditation process and has a familiarity with Enterprise Mission Assurance Support Service (eMASS). Technical familiarity with Windows 7 Enterprise/Windows 10 Professional, Windows Server 2012, and Red Hat Linux. Experience with providing IA or IT support to a US Army client desirable, but not required. Proficiency with using the Internet and with Microsoft Office products including e-mail, Word, Excel, Access and Project is required. Completion of required certifications required within six (6) months of hire date. *****************************************

Prime Time Consulting, a GRVTY Company, provides clients with expert intelligence analysis services. Our clients include defense contractors, industrial and service corporations, and departments and agencies of the U.S. Federal Government. We are actively searching for Computer Network Defense Analysts (CNDAs), located in Hawaii, to support our team. We have varying levels of CNDAs, depending on years of experience and education.As a Computer Network Defense Analyst (CNDA), you will: Use information collected from a variety sources (e.g., intrusion detection systems, firewalls, network traffic logs, and host system logs) to identify potential vulnerabilities, respond to cyber events that occur, and defend against events that might occur. Help develop mitigations to strengthen network defenses and protect against attacks on network infrastructure devices or systems. Support a wide range of data transport possibilities, such as traditional wired networks, wireless transport (including Wi-Fi and cellular), collaborative platforms such as video teleconferencing, and the hardware and software that enable it all. Advance your career as you develop increasing expertise in networking protocols and architectures, cloud security, Internet of Things protocols, and advanced network security. Be part of a team, working together with government, military, and contractor personnel to develop shared understandings of intelligence needs, mission relevance, and areas of expertise. Apply your innate curiosity and analytical talent to form hypotheses, critically assess and choose analysis techniques, then query, merge, enrich, evaluate, and pivot within data to attain and share insights. Distill, document, contextualize and share your findings--including any new tradecraft that you develop--with teammates, stakeholders, and intelligence consumers. Qualifications: STEM degree in Network Engineering, Systems Engineering, Information Technology, or related field. Extended military cyber training courses may be counted toward degree requirement. Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Demonstrative experience w/SIGINT and AMOD Must also have experience in network or system administration. Documented foreign language proficiency may count toward experience requirements. Specific labor category determined by years of experience + educational degrees and/or equivalencies. Company Perks At PTC, a GRVTY Company, we believe that when our employees thrive, our company thrives. That's why we offer a comprehensive and competitive benefits package designed to support your well-being, growth, and work-life balance. Robust health plan including medical, dental, and vision Health Savings Account with company contribution Annual Paid Time Off and Paid Holidays Paid Parental Leave 401k with generous company match Training and Development Opportunities Award Programs Variety of Company Sponsored Events $125,000 - $250,000 a year Prime Time Consulting, a GRVTY Company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability. Anyone requiring reasonable accommodations should email [email protected] with requested details. A member of the HR team will respond to your request within 2 business days. Please review our current job openings and apply for the positions you believe may be a fit. If you are not an immediate fit, we will also keep your resume in our database for future opportunities.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

ActioNet is looking for a Cyber Security Analyst (Entry, Mid Level, or Senior) with an Active Secret Clearance for the Defense Program, located in Hawaii (Joint Base Pearl Harbor Hickam). The Cyber Security Analyst will provide network defense support on site . Start Date Expected: TBD 2025 Salary range: 76-119K Responsibilities Extracts and analyzes network defense data to reconstruct a timeline of events in response to attempted and successful network intrusions. Supports Enterprise incident response and strengthens incident response methodologies. Supports the development of threat detection capabilities. Applies network operations knowledge to predict how networks might be attacked. Provides recommendations for collecting useful threat data, improving the information available to cybersecurity analysts and IT operations personnel. Analyzes large volumes of data, identifies cybersecurity risks, and translates these risks for decision-makers in a clear, understandable manner. Supports protection of intellectual property. Certified Information Systems Security Professional (CISSP) or similar is preferred. Qualifications Bachelor's Degree and at least 12 months of experience for Entry Level Role. Please NOTE: 5+ years of experience considered in Lieu of Degree. Bachelor's Degree and 2-6 years of system administration experience for Mid Level Position. Please NOTE: 5+ years of experience considered in Lieu of Degree. Bachelor's Degree and 10+ years of system administration experience for Senior Level Position. Please NOTE: 5+ years of experience considered in Lieu of Degree. DoD Secret clearance. Department of Defense Directive (DoDD) 8140 / 8570 Certification requirements (CompTIA Security+ CE or equivalent certification. ActioNet is a CMMI-DEV Level 4, CMMI-SVC Level 4, ISO 20000, ISO 27001, ISO 9001, HDI-certified, woman-owned IT Solutions Provider with strong qualifications and expertise in Agile Software Engineering, Cloud Solutions, Cyber Security and IT Managed Services. With 24+ years of stellar past performance, ActioNet is the premier Trusted Innogrator! Why ActioNet? At ActioNet, our Passion for Quality is at the heart of everything we do: We are committed to make ActioNet a great place to work and continue to invest in our ActioNeters We are committed to our customers by driving and sustaining Service Delivery Excellence We are committed to give back to our community, help others and make the world a better place for our next generation ActioNet is proud to be named as a Top Workplace for the ninth year in a row (2014 - 2022). We have 98% of Customer retention rate. We are passionate about the inspirational missions of our customers and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health and well-being of our nation. What's in It For You? As an ActioNeter, you get to be part of exceptional team and a corporate culture that nurtures mutual success for our customers, employees and our communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy and a desire to develop your skills, experience and career. Are you ready to make a difference? ActioNet is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.