Data Security Architect
Security Architect Job 12 miles from Reston
Title: Data Security Architect (Data Lake House)
Hire Type: Contract
We are seeking a highly skilled Data Security Architect with extensive experience in securing Data Lakehouse environments. The ideal candidate will have a deep understanding of data security principles, best practices, and the ability to implement robust security frameworks. Experience with Snowflake and other cloud-based data platforms is highly preferred.
Key Responsibilities:
Design & Implement Security Frameworks : Develop and implement comprehensive security architectures for Data Lakehouse environments, ensuring data integrity, confidentiality, and availability.
Snowflake Security Expertise : Leverage expertise in Snowflake to design and enforce security policies, access controls, and data protection mechanisms within the platform.
Data Governance : Collaborate with data governance teams to ensure that data management practices comply with regulatory requirements and industry standards.
Threat Modeling & Risk Assessment : Conduct threat modeling, risk assessments, and security reviews to identify vulnerabilities and implement appropriate countermeasures.
Access Management : Design and implement role-based access controls (RBAC), ensuring that access to sensitive data is restricted based on the principle of least privilege.
Encryption & Data Masking : Implement and manage encryption standards and data masking techniques to protect sensitive information in transit and at rest.
Secure PII Data : Design and engineer security safeguards for PII data
Security policies : Define, create, implement, and maintain corporate security policies and procedures
Pattern Development : Use Security best practices, develop security and data protection patterns, working with Enterprise Architecture for pattern standardization
Collaboration : Work closely with IT, data engineering, and analytics teams to ensure security requirements are integrated into data pipelines and data storage solutions.
Compliance & Audits : Ensure compliance with relevant data protection regulations (e.g., GDPR, CCPA) and participate in internal and external audits.
Continuous Improvement : Stay current with emerging security trends, threats, and technologies. Continuously refine security architectures to address evolving risks.
Qualifications:
Education: Bachelor's degree in Computer Science, Information Security, or a related field. A Master's degree or professional certifications such as CISSP, CISM, or SANS GIAC are preferred.
Experience:
Minimum of 5 years of experience in application security and DevSecOps roles or a related field, with a proven track record of developing and managing security architectures for complex applications.
Technical Skills:
Deep understanding of data security principles, encryption techniques, and secure data storage practices.
Hands-on experience with Snowflake security features, including access controls, encryption, and data masking.
Familiarity with other cloud-based data platforms (e.g., AWS, Azure, Google Cloud).
Proficient in security frameworks such as NIST, ISO 27001, and CIS Controls.
Communication Skills: Excellent verbal and written communication skills, with the ability to communicate complex security concepts to a variety of audiences, including technical and non-technical stakeholders.
Problem-Solving Skills: Strong analytical and problem-solving skills, with the ability to handle complex security issues and quickly adapt to changing environments.
Leadership: Demonstrated leadership abilities, with the capacity to lead cross-functional teams and drive projects to completion.
Self-Management: Ability to effectively prioritize and execute tasks in a high-pressure environment.
Agile methodologies: Familiarity of SAFe Agile Methodologies
CORE WORK ACTIVITIES
Standards & Business Partnership
Defines strategy and roadmap, provides guidance, creates standards and guidelines, and reviews architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.
Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process including but not limited to: Data Classification, Security Controls, Threat Models, Architecture Review Boards, Authority to Operate.
Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization's information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.
Conducts security and privacy technology research, assessments, and integration processes; provides and supports a prototype capability and/or evaluates its utility.
Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.
Provides sound advice and recommendations to leadership and staff on relevant topics within the pertinent subject domain.
Applies knowledge of priorities to define an entity's direction and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.
Senior Offensive Security Engineer
Security Architect Job 15 miles from Reston
We're partnered with a leading real estate data analytics company to bring on an Offensive Security Engineer with a senior level skillset. This role focuses on securing the client's information, analytics, and online marketplaces. The ideal candidate will lead red, blue, & purple team engagements to enhance both internal and external security measures. You will be responsible for identifying and exploiting vulnerabilities in their infrastructure and applications, while collaborating with senior management to strengthen our overall security framework. This position offers a flexible hybrid work schedule.
Responsibilities:
Conduct offensive security activities including red teaming, penetration testing, and vulnerability research.
Perform adversary emulation and red team engagements to test and improve defensive blue team capabilities.
Collaborate on purple team activities to enhance threat management strategies.
Identify and exploit vulnerabilities in CI/CD systems and Active Directory environments.
Develop and execute payloads and exploits using C/C#/C++.
Utilize security tools such as NMAP, Burp Suite, Kali Linux, and Bloodhound.
Operate C2 frameworks like Cobalt Strike, Sliver, and Mythic.
Work with EDR systems to detect and respond to security incidents.
Stay updated on the latest trends, techniques, and tools in offensive security.
Provide detailed reports and presentations to senior level management on findings and recommendations.
Qualifications:
Bachelor's Degree in Computer Science, Cyber Security, or a related field.
6+ years of proven experience in offensive security activities, including red teaming, penetration testing, and vulnerability research.
Strong knowledge of scripting/programming languages such as Bash, Python, and PowerShell.
Proficiency with security tools (NMAP, Burp Suite, Kali Linux, Bloodhound) and C2 frameworks (Cobalt Strike, Sliver, Mythic).
Expertise in Windows Active Directory exploitation.
Experience with payload and exploit development in C/C#/C++.
Familiarity with EDR systems.
Relevant security certifications (OSEP, OSCP, CRTO, GXPN).
Ability to work effectively in a hybrid schedule environment.
If you or someone you know is interested, please apply in directly!
FISMA - Information Systems Security Officer (ISSO)
Security Architect Job In Reston, VA
We are a fast growing cloud security and compliance services partner with an exciting set of solutions in the security and operations management space. We were ranked #136 in the INC 500 and #26 in the Top 100 Cloud Managed Services Providers and are continuing to aggressively grow our FedRAMP, FISMA and CMMC compliance cloud solutions practice. We provide cloud migration, cloud managed services and managed security services for US Federal and DOD Agencies.
To support our continued growth, we are looking to add an accomplished professional to provide strong program and project management support for our FedRAMP, FISMA and CMMC compliance solutions. If you are a talented project manager with hands-on experience with managing and delivering compliance, cloud or infrastructure projects, we'd love to hear from you. We are looking someone with the proven ability to lead projects, manage client requirements, and strong communications skills. If you are interested in growing in the cybersecurity, compliance and cloud space, then definitely apply here.
Responsibilities and Duties
- Be responsible for managing and overseeing delivery of FISMA, FedRAMP, CMMC compliance projects based on NIST RMF within time, cost and quality parameters
- Lead teams, task management, and schedule management for FISMA, FedRAMP projects
- Provide advisory services based on best practices for compliance with NIST SP 800-53 requirements (FedRAMP, FISMA or CMMC)
- Develop RMF work products such as SSP, POAM, and related artifacts for obtaining and maintaining an ATO.
- Manage schedules for multiple projects, engage customers, track and resolve issues with strong levels of customer satisfaction.
- Allocate and manage technical and delivery resources for multiple projects and customers adhering to Statement of Work and Budget(s)
- Meet FedRAMP, FISMA and CMMC compliance requirements, monitoring reports and meeting SLA's
Required Experience, Skills and Qualifications
- Must have experience in project management, resource management and services delivery for FISMA or FedRAMP projects
- Experience with managing multiple projects, customers and teams as well as understanding of compliance, cloud or infrastructure requirements
- Demonstrated proficiency with support for engagements covering infrastructure, network connectivity, identity, encryption, CI/CD and cloud migration.
- Experience with managing customers, Change Orders and doing budget and cost tracking.
- Must have demonstrable experience in handling both commercial or government experience in handling multiple projects and juggling tasks; commercial cloud project management experience will be given preference
The ideal candidate will have strong communication skills, a customer service based approach. They should have experience and familiarity with infrastructure, VPN, cloud, virtualization, security and networking and familiarity with cloud computing. This is a service delivery and management role with excellent growth prospects for highly motivated individuals. Industry certifications such as CISSP, CISA, PMP and ITIL are desirable.
Experience:
FedRAMP or FISMA compliance: 2 years (Preferred)
Cybersecurity Project management: 2 years (Required)
License/Certification:
PMP and Agile or Scrum Certification (Preferred),
ISC(2) CGRC, CompTIA, CASP+ or similar level certification preferred
Education:
Associate (Preferred)
Job Type: Full-time
Pay: $90,000.00 - $120,000.00 per year
Benefits:
401(k)
Dental insurance
Health insurance
Paid time off
Vision insurance
Compensation Package:
Bonus opportunities
Signing bonus
Schedule:
8 hour shift
Information System Security Officer
Security Architect Job 17 miles from Reston
Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges.
But that's not who we are - that's just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
We are on the look out for Information System Security Officers (ISSO) to support our Federal team in the Northern Virginia / DC Metro area.
Job Summary
As an ISSO you'll be supporting as the principal advisor to the information system owner (SO), ISSM, CISO on all matters (technical and otherwise) involving the security of assigned information systems (on prem, vendor, and cloud-based).
Location
Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred.
What you'll do
Maintain detailed knowledge and expertise required to manage the security aspects of assigned information systems.
Ensure that the appropriate operational cybersecurity posture is maintained for assigned systems to provide confidentiality, integrity, and availability of information systems.
For each system assigned to an ISSO, the ISSO will be responsible to complete and keep updated security documentations, such as SIA, SSP, POA&M, Configuration Management Plan, Vulnerability Reports, etc.
Participate in planning and management of all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (SAA) process.
Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
In coordination with SO team, develop standard operating procedures in accordance with security control requirements.
Perform continuous monitoring of implemented security controls to ensure that they are implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems. Conduct continuous monitoring activities, to include:
Maintenance of current ATO, conducting periodic system self-assessments, periodic scans, log reviews
Ensuring proper sanitization of media prior to disposal
Work with technical teams to mitigate security control deficiencies and scan vulnerabilities for assigned IT systems.
Assess the cybersecurity impact of changes to assigned IT systems and document findings in a security impact analysis (SIA) report.
Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M.
Manage the plan of action and milestone (POA&M) process for designated IT systems to provide timely detection, identification and alerting of non-compliance issues. In coordination with System Owner staff, create POA&Ms or remediation plans for vulnerabilities identified during risk assessments, audits, inspections, etc.
Provide the required system access, information, and documentation to security assessment and audit teams.
Participate in security assessments and audits for assigned systems and facilitate evidence and/or data collection for data requests related to assigned systems.
Complete required A&A activities on assigned IT systems.
Brief senior management and ISSM on the security status of assigned authorization boundaries.
What you'll bring
Strong working knowledge and familiarity with NIST publications and privacy frameworks.
Demonstrated understanding of cloud service models, hybrid models, financial applications, and mobile security technologies and tools.
Demonstrated experience supporting an industry risk management tool executing A&A activities.
Education
Completed Bachelor's degree from an accredited university in an IT related field.
Clearance / Suitability
Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
Certifications
One or more of the following certifications: CRISC, CISM, or CISSP is strongly preferred
Years of Experience
At minimum 5+ years of hands-on work experience with ISSO duties; performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful security authorization of such systems.
WHY JOIN US
Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.
Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
You'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.
Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Azure AI Architect
Security Architect Job In Reston, VA
We have partnered together with a global consulting partner who is seeking an exceptional Azure AI Architect to join the team in Reston, VA. You'll have the opportunity to work on cutting-edge projects that leverage AI and machine learning to solve complex challenges across healthcare, climate, energy, and finance sectors.
As an Azure AI Architect, you'll design and implement reusable, scalable, and secure cloud solutions that harness the power of AI. You'll be instrumental in improving developer experience (DX) and accelerating vertical solution delivery through innovative cloud architectures. The ideal candidate that has done both technology and business (an ex-CTO as an example) but still hands on in Azure. This is essentially a brand-new team, as you will be on the forefront of driving growth in the AI/ML space for the business.
This position offers a base salary of $200k-$250k, with an annual bonus of $15k. You will report 2-3 times per week to the office in Reston, VA.
Key Responsibilities
Design and implement AI-enabled cloud platforms that enhance DX and accelerate solution delivery
Ensure security, scalability, and reliability of cloud solutions using Azure's native tools and services (
Azure Monitor, Advance Threat Detector
)
Integrate and deploy AI/ML models using
Azure OpenAI Service, AI Search, and Machine Learning Services
Implement CI/CD pipelines for rapid feedback and continuous development
Optimize cloud solution performance and cost using Azure monitoring and management tools (
Azure Activity Log, etc.
)
Research and share insights on emerging AI and cloud computing technologies
Qualifications
Experience developing Azure cloud solutions
Experience with Azure AI services
Experience integrating AI/ML models with cloud platforms
Applying AI/ML concepts (LLMs, deep learning, NLP, computer vision)
Oscar Associates Limited (US) is acting as an Employment Agency in relation to this vacancy.
Information Systems Security Officer 3
Security Architect Job 6 miles from Reston
Job Title: Information Systems Security Officer (ISSO) 3
MUST Possess An Active TS/SCI with Full Scope Poly
Position Overview: We are seeking an experienced and highly motivated Information Systems Security Officer (ISSO) 3 to join our team. In this role, you will manage the information security posture of both classified and unclassified systems, ensuring the protection of sensitive data and compliance with established security frameworks. You will work collaboratively with government stakeholders, technical teams, and subject matter experts (SMEs) to safeguard information, perform risk assessments, and lead security authorization efforts. Your expertise in security best practices, risk management, and system documentation will be pivotal in ensuring the continuous monitoring and defense of our organization's IT infrastructure.
Key Responsibilities:
Security Management: Oversee the entire lifecycle of information security for classified and unclassified systems, including research, testing, implementation, training, and program management to protect sensitive information from potential threats and vulnerabilities.
Risk Management Framework (RMF): Apply comprehensive knowledge of RMF processes, identifying, assessing, and mitigating risks to IT systems. Lead risk analysis efforts, ensuring effective risk management strategies are implemented across the organization.
Authorization and Compliance: Lead and support Authority to Operate (ATO) and Authority to Proceed (ATP) efforts. Provide independent recommendations and work directly with government leads to ensure the successful authorization of IT systems.
Vulnerability and Compliance Analysis: Conduct detailed analysis of vulnerability scans, penetration tests, and other audit activities to identify potential threats. Provide actionable insights and recommendations for system improvements and risk mitigation.
Documentation & Reporting: Create, review, and maintain key security documentation, including but not limited to System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), Configuration Management Plans, Contingency Plans, and Risk Assessments. Ensure compliance with security requirements and provide clear, accurate status reports to stakeholders.
Agile Participation: Actively engage in Agile Planning events, contributing technical insights and providing expert security input to ensure security is integrated throughout the development lifecycle.
Continuous Monitoring & Security Posture Management: Ensure the security posture of IT systems is maintained across on-prem, cloud, and hybrid environments. Lead continuous monitoring efforts to identify and resolve emerging security risks.
Required Qualifications:
Education & Experience: Bachelor's degree in a relevant field and 5-8 years of direct experience in information security, or 7 years of related experience with expertise in IT systems security.
Security Clearance: Active TS/SCI clearance with CI Polygraph.
Core Competencies:
Strong understanding of the NIST Risk Management Framework (RMF), including NIST SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2, and other federal security standards.
Proven experience in developing and maintaining System Security Plans (SSPs) and other security-related documentation.
Experience with vulnerability management tools such as Tenable Nessus, Security Center, or similar platforms.
In-depth knowledge of cloud computing technologies and services, including AWS, Microsoft Azure, and VMware.
Expertise in analyzing test results (vulnerability scans, audits, penetration tests) and determining associated risk levels.
Proficiency with Microsoft Office 365 Suite (Word, PowerPoint, Excel, SharePoint).
Soft Skills:
Strong communication skills, with the ability to articulate complex security concepts and status updates to non-technical stakeholders.
Self-starter with the ability to work independently and within a team, building strong relationships across various divisions.
Comfort with briefing security issues and presenting security posture to government customers.
Desired Qualifications:
Familiarity with Scaled Agile Framework (SAFe), Agile development practices, and DevSecOps methodologies.
Experience with security management in virtualized environments, including VDI and VMware.
Familiarity with security tools such as Jira, Jira Align, or ServiceNow.
Cybersecurity program experience within federal government agencies.
Relevant certifications such as CISSP, CCSP, AWS Certified Security Specialty, Microsoft Azure Security Engineer, CISA, CAP, or SAFe 6.
Information System Security Officer [Job ID: 81334]
Security Architect Job 15 miles from Reston
MUST HAVE an active TS/SCI clearance
Job Summary: Seeking a highly skilled, Senior Information Systems Security Operator (ISSO) to join our team.
Job Description & Requirements: The ideal candidates will be responsible for ensuring the security and integrity of our information systems by implementing and maintaining robust security measures. This includes developing and enforcing security policies, conducting regular security audits, and staying up to date with the latest cybersecurity threats and trends.
Application Security Engineer
Security Architect Job 15 miles from Reston
· Collaborate with a team of engineers to implement *** specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.
· Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.
· Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.
· With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
· Support security standards, create templates and patterns to increase the efficiency and adoption of security program.
Responsibilities:
· Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.
· With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
· Support security standards, create templates and patterns to increase the efficiency and adoption of security program.
Experience:
· Bachelor's degree with minimum 8 years of work experience in the IT field
· 3+ years software development experience using Java, JavaScript
· 3+ years of experience in the following:
· OWASP Secure Coding Practices
· Common software and web application security vulnerabilities
· Application security scanning tools
· Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins)
· Experience in Python scripting
Skills:
Even Better If You Have
· A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field
· Business acumen to support the implementation of SAST or DAST or IAST across the enterprise
· Ability to perform code reviews with minimal assistance
· A self-starter, with a strong desire for learning new technologies and applying them to solve problems
· Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
· Familiarity with public cloud services a plus
· Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype
· Experience with Threat Analysis.
· Experience with DevSecOps, Secure SDLC.
· DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus
· Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus
Education:
· Bachelor's Degree Required
About US Tech Solutions:
US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit ************************
US Tech Solutions is an Equal Opportunity Employer.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Recruiter Details:
Name: Aaditya
Email: ******************************
Internal Id: 24-26931
Information System Security Officer
Security Architect Job 34 miles from Reston
Dynamic Data Solutions (D2S) is a leading provider of Information Technology (IT) and cyber security solutions for Department of Defense (DoD) and private sector mission partners in the MD, DC, and VA areas. We offer a range of consulting services that assist companies in reducing risk, securing critical enterprise infrastructure, achieving governing compliance, and protecting data and systems across multiple platforms. Our commitment is to provide top-tier expertise to ensure the highest levels of operational efficiency and security for our clients.
ROLE DESCRIPTION
D2S is currently seeking a full-time on-site Information System Security Engineer in Fort George G. Meade, MD. The Information System Security Engineer will be responsible for designing, implementing, and maintaining security measures to protect information systems from unauthorized access and cyber threats. They will collaborate with clients to develop robust security solutions that align with their operational requirements and regulatory compliance.
REQUIRED QUALIFICATIONS
"Must"
be an US citizen
"Must"
hold an Active Security Clearance: TS/SCI
"Must"
have a Full Scope Polygraph (Lifestyle)
Work is strictly
"On-site"
in Maryland,
"No"
Hybrid or Remote available at this time
Willing to commute and/or preferably living in or near the greater MD, DC, VA area
REQUIRED SKILLS
Security Frameworks and Policies:
Strong understanding of security frameworks (e.g., NIST, ISO 27001) and experience in developing security policies.
Knowledge of regulatory compliance standards (e.g., HIPAA, GDPR) and their application.
Risk Management:
Ability to conduct risk assessments and manage remediation strategies for identified vulnerabilities.
Familiarity with security audit processes and methodologies.
Network Security:
Expertise in implementing and managing firewalls, IDS/IPS, and VPNs to secure network infrastructures.
Understanding of network protocols and services (e.g., TCP/IP, DNS, DHCP).
Incident Response:
Experience in developing incident response plans and conducting forensic investigations.
Proficiency in security information and event management (SIEM) tools for real-time threat monitoring.
Access Control and Authentication:
Strong knowledge of identity and access management (IAM) principles and practices.
Experience with multi-factor authentication (MFA) and single sign-on (SSO) technologies.
Vulnerability Management:
Proficient in conducting vulnerability assessments and penetration testing.
Experience with tools like Nessus, Qualys, or OpenVAS for identifying security weaknesses.
Endpoint Protection:
Knowledge of endpoint protection solutions and strategies for mitigating risks from malware and cyber threats.
Experience with endpoint detection and response (EDR) technologies.
Security Awareness and Training:
Ability to develop and deliver security awareness training programs for employees.
Knowledge of best practices in promoting a security-conscious culture within organizations.
Soft Skills:
Strong analytical, problem-solving, and critical-thinking skills.
Effective communication and collaboration abilities for working with cross-functional teams.
PREFERRED SKILLS
Cloud Security: Proficiency in securing cloud environments (AWS, Azure) and understanding of cloud security best practices.
Automation and Scripting: Experience with scripting languages (e.g., Python, PowerShell) for automating security tasks.
DevOps Security: Familiarity with DevSecOps principles and practices, including CI/CD security.
Data Protection: Knowledge of encryption technologies and secure data management practices.
Project Management: Ability to lead security projects, manage timelines, and coordinate with stakeholders.
PAY RANGE AND COMPENSATION
We offer a highly competitive compensation package designed to attract and retain top talent. Our pay structure is at the forefront of industry standards, reflecting our commitment to rewarding excellence. In addition to generous salaries, we provide a comprehensive benefits package, including premium health insurance, and retirement savings plans. We believe in investing in our employees' well-being and career growth, ensuring that our team members are supported both personally and professionally.
EQUAL OPPORTUNITY STATEMENT
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. We are committed to creating an inclusive environment where diverse perspectives are valued and everyone has the opportunity to thrive.
IT Manager- Compliance and Security
Security Architect Job 8 miles from Reston
This position will be responsible for IT security, compliance, support build out and maintenance of security and compliance program with export controls, CUI data management, CMMC 2.0 compliance, and ultimately classified systems responsibilities.
Essential Duties and Responsibilities:
Develop and enforce security policies, practices and procedures to meet both internal and external cybersecurity requirements, including adherence to government regulations like NIST 800-53, DFARS, ITAR, FISMA, and other relevant frameworks.
Ability to identify areas where FedRAMP requirements may apply within our systems and anticipated future state.
Monitor and appropriately implement compliance with industry standards (e.g., ISO 27001, NIST Cybersecurity Framework) and ensure that all systems meet necessary security certifications and requirements.
Develop and communicate cyber security risk management strategies and plans to executive team, staff, partners, customers, and stakeholders.
Internal information technology and troubleshooting support.
Cybersecurity threat and vulnerability identification and maintenance of systems to protect against these issues.
Support mapping of contract requirements, regulations, federal contract information, and CUI; define authorization boundaries and architecture; scope, plan, and implement technical solutions; create policies, procedures, and artifacts to support the Company as it operates in this regulated environment; conduct self-assessment and support relevant audits.
Lead strategic cyber security risk management planning to achieve business goals by prioritizing.
Promote a “culture of risk awareness” by developing and executing a communications and education plan to create awareness through workshops, presentation, and direct interaction.
Develop, implement, maintain, and communicate cyber security risk management policy and related standards incorporating metrics to enable measurement of effectiveness.
Develop implement, maintain, and communicate cyber security policy management policy and process and execute against it.
Remain informed on trends and issues in the security, including current and emerging technologies and prices. Advise, counsel, and educate executive and management teams on their relative importance and financial impact.
Performs other related duties as assigned.
Qualifications
Must be a team player, highly motivated, must demonstrate a high degree of confidentiality, discretion, integrity, and professionalism in all aspects of the job. Excellent interpersonal skills. Ability to present ideas in business-friendly and user-friendly language. Exceptionally self-motivated and directed. Must be hands on. Superior analytical, evaluative, and problem-solving abilities. Excellent verbal and written communication skills. Excellent interpersonal and customer service skills. Excellent organizational skills and attention to detail. Excellent time management skills with a proven ability to meet deadlines. Proficient with Microsoft Office Suite.
Education/Experience
University degree in the field of Cyber Security, Risk Management, Information Systems Technology.
CISSP, CISM, or other relevant security certifications preferred.
At least 10 years of progressive technology security and compliance experience.
Special Knowledge / Skills:
Knowledge of Federal Risk and Authorization Management Program (FedRAMP).
Knowledge of cyber security principles, risk management and network security.
Experience with government contracts and security requirements (DFARS, ITAR etc).
Experience with security frameworks (e.g., NIST, ISO 27001, CIS) and best practices.
Ability to work harmoniously in a multi-cultural team environment.
Must have experience working with Microsoft Government Community Cloud High (GCC High) Tenant or Azure Government environments.
Physical Demands / Work Environment:
Normal amount of sitting or standing, average mobility to move around an office environment, able to conduct normal amount of work at a computer. Must be able to lift 20 pounds. Vision abilities required by this job include close vision and ability to adjust focus.
This job position may include access to controlled information or technology covered under applicable U.S. export control laws. As such, employment for this job position maybe contingent on either verification that an applicant falls under the definition of a "U.S. Persons" (which included US citizens, US lawful permanent residents, and those granted U.S. asylum or refugee status) or on the company timely obtaining any necessary export license required under federal laws. The Company evaluates such export license situations on a case-by-case basis and may decline to procced with a job applicant in its sole discretion since export license applications can take many weeks to be processed.
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
No Unauthorized Referrals from Recruiters & Vendors
Please note that HDUSA does not seek or accept unsolicited resumes or offers from third party recruiters or staffing agencies associated with any published or unpublished employment opportunities. Any unsolicited information sent to HDUSA will be considered as unencumbered and free from any fee or charge whatsoever. Only members of our Human Resources Team have the authority to engage or authorize recruiting services, which must be agreed upon before the unsolicited resume or offer is received.
Cyber Security Analyst
Security Architect Job 15 miles from Reston
Senior Cyber Analyst
Active TS/SCI clearance
Arlington, Virginia
The Cybersecurity Analyst will be responsible for protecting digital assets, identifying, and mitigating security risks, and responding to security incidents.
This role plays a critical part in ensuring the confidentiality, integrity, and availability of the program. The ideal candidate has a strong and proven understanding of ACAS, Splunk and other cybersecurity tools, extensive experience in vulnerability analysis and incident response, excellent communication skills, and is proactive, detail-oriented, and adaptable to changing security landscapes.
Key Responsibilities:
Detection/Monitoring: Continuously monitor and analyze systems for unusual activity and potential threats.
Vulnerability Assessments: Conduct regular vulnerability assessments to identify and address security weaknesses.
Dashboard Development: Develop and configure advanced dashboards in security platforms (e.g., ACAS, Splunk) to monitor, analyze, and report on cybersecurity threats, vulnerabilities, and compliance status, ensuring actionable insights for proactive defense measures.
Incident Response: Investigate security breaches and other cybersecurity incidents, providing timely and effective responses.
Security Measures: Develop and implement robust security measures to protect information systems from unauthorized access and cyber threats.
Collaboration: Work closely with IT and security teams to enhance security protocols and ensure compliance with industry standards.
Reporting: Prepare detailed reports on security incidents, mitigation strategies, and overall security posture.
Threat Intelligence: Stay updated on the latest cybersecurity trends, threats, and technologies to proactively address potential risks.
Minimum Requirements:
Candidates must have an active Top Secret/SCI clearance.
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
4 years of relevant work experience may be considered in lieu of the degree requirement.
7+ years of direct experience in Cybersecurity.
4+ years of experience displaying proficiency in network security technologies and tools.
4+ years of experience displaying strong knowledge of operating systems (e.g., Windows, Linux).
Strong knowledge of cybersecurity principles, tools, and techniques.
Experience with security information and event management (SIEM) systems (e.g. Splunk).
Proficiency in conducting vulnerability assessments using ACAS.
Security+ or equivalent certification (DoD 8570 for IAT).
Quick learner and team player.
Commitment to ethical and responsible conduct.
Desired Skills & Qualifications:
IAT level III certification (CASP+, CISA, CISSP, or GCIH) or the ability to obtain certification within six months of hiring.
5+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
Excellent problem-solving and analytical skills.
Strong communication and teamwork abilities.
Familiarity with NIST Risk Management concepts and processes.
Cyber Security Analyst [Job ID: 81332]
Security Architect Job 15 miles from Reston
MUST HAVE an active TS/SCI clearance
Job Summary: Seeking a highly skilled, Senior Cybersecurity Analyst to join our team in Arlington, VA. The Cybersecurity Analyst will be responsible for protecting digital assets, identifying, and mitigating security risks, and responding to security incidents.
Job Description & Requirements: This role plays a critical part in ensuring the confidentiality, integrity, and availability of the program. The ideal candidate has a strong and proven understanding of ACAS, Splunk and other cybersecurity tools, extensive experience in vulnerability analysis and incident response, excellent communication skills, and is proactive, detail-oriented, and adaptable to changing security landscapes.
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS058, T4, Band 7
Cyber Security Project Engineer
Security Architect Job In Reston, VA
RESTON, VA onsite
REQUIRED: Active TS/SCI with Full Scope Polygraph
Are you ready to manage and lead projects which protect and secure digital assets? Ardent Principles is searching for a full-time Cyber Security Project Engineer to enhance our security initiatives onsite in Reston, VA.
If you're passionate about cyber security, thrive on managing impactful projects, and are ready to make a difference, this is the role for you. With a competitive salary and industry-leading benefits, Ardent Principles offers more than just a job - we offer a career path filled with growth and opportunities. Join us and let's shape the future together!
In this challenging yet rewarding role, you are an integral part of what brings our company's mission to life. You are primarily responsible for and must have demonstrated experience with or in:
Computer networking in Windows AND Linux, Use of common online services in a persona-specific environment, Website configuration, Basic software development knowledge.
Strategically planning efforts, identifying issues, negotiating changes, proactively anticipating needs, and analyze complex requirements with stakeholders, and allocate resources in a given timeline to achieve desired mission outcomes.
Eliciting information on complex technical problems from non-technical personnel for use in diagnosis, analysis, resolution of problems.
Making decisions and managing competing priorities, schedules, risks, stakeholder requirements and interdependencies on a variety of technical, resource, and organizational issues, even in ambiguous or high-pressure situations.
Effectively communicating (oral and written) to convey complex technical information for a variety of audiences (i.e., technical and non-technical).
Customer regulations and standards, including Information Security (INFOSEC) and Communications Security (COMSEC).
Managing security aspects of deployed infrastructure and technical solutions, in addition to day-to-day security operations.
Must possess
Bachelor's Degree or equivalent in computer science, information technology, system administration or a related discipline.
Other skills and demonstrated experiences that are highly desired but not mandatory to perform the work, include demonstrated experience with or in:
Evaluating emerging technologies and identifying areas of improvements to meet requirements.
Customer systems, architectures and applications.
Project Management concepts and principles.
IT tools, methodologies, technologies, and industry trends (to include social media and web).
Rapid7, WebInspect, AppDetective, CIS-CAT, and other vulnerability assessment tools and processes.
Information security certifications such as CISSP, CISSE, CISA, CEH, CCSP, etc.
Computer and network vulnerabilities (e.g., malware, zero-day attacks, denial of service attacks, etc.)
Ardent Principles signifies our unwavering commitment to excellence, driven by a profound passion and a strict adherence to ethical values. We believe that happy employees make for happy clients. Our mission is to act as a bridge between satisfied clients and fulfilled employees, ensuring that your job and well-being are our top priorities because your satisfaction leads to the success of our clients.
Full Stack Architect
Security Architect Job 12 miles from Reston
mroads is looking for a "Full Stack Architect" for one of the direct clients.
Job Responsibilities:
Design and develop scalable and high-performance web applications using Node.js, React.js, TypeScript, and GraphQL.
Lead the architecture and design of complex systems, ensuring best practices in software development and deployment.
Collaborate with cross-functional teams to define, design, and ship new features.
Provide technical guidance and mentorship to junior developers, fostering a culture of continuous learning and improvement.
Conduct code reviews and ensure adherence to coding standards and best practices.
Stay updated with emerging technologies and industry trends to drive innovation within the team.
Participate in hands-on development when necessary, ensuring the delivery of high-quality software solutions.
Communicate effectively with stakeholders to gather requirements and provide project updates.
Requirements:
12-15 years of experience in software development, with a strong focus on fullstack development.
Proficiency in Node.js, React.js, TypeScript, and GraphQL.
Proven experience in leading digital transformation projects and initiatives.
Experience working in top-tier companies, demonstrating a track record of successful project delivery.
Excellent communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
Strong problem-solving skills and a hands-on approach to development.
Ability to work collaboratively in a fast-paced environment and manage multiple priorities.
A degree in Computer Science, Engineering, or a related field is preferred.
AWS Cloud Architect
Security Architect Job 15 miles from Reston
• Strong understanding of AWS security services, including IAM, KMS, VPC, Security Groups, NACLs, WAF, Shield, Inspector, GuardDuty, and Macie
• Experience with cloud migration strategies and tools.
• Proficiency in scripting languages (e.g., Python, Bash) and infrastructure as code tools (e.g., Terraform).
• Solid understanding of networking concepts, including routing, firewalls, and VPNs.
• Experience with CI/CD pipelines and tools (e.g., Jenkins, GitLab CI/CD, AWS CodePipeline).
Locals preferred
******************
Information Security Analyst IV
Security Architect Job 18 miles from Reston
Value Proposition:Good opportunity to get wide rang of security experience ranging from EDR, SIEM, SOAR, and Vulnerability Management.
Daily Responsibilities:
Build and maintain complex technical infrastructure that supports a secure platform that protects our data at rest and in transit.
Work closely with Enterprise and business owners to identify endpoint coverage scope, strong analytical skills related to working with operating systems and security toolsets.
Provide technical guidance on industry tools and best practices in the field of endpoint security.
Monitor and maintain security tools that instrument security policies and capabilities.
Provide expertise in the field of managing enterprise security systems, specifically the ability to
determine the least business impactful way of implementing security tools and features
Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically
Administration of system infrastructure that is hosted within a public/private/hybrid infrastructure
Remain current with new security trends, continuously assessing systems to ensure they are appropriately configured to defend the business.
Experience in deploying and correlating threat intelligence and vulnerability management solutions.
Provide expertise in day-to-day security operations such as onboarding/offboarding of security endpoint agents, user access management, systems' security and administration, configuration
changes, system upgrades, ensuring 24x7 systems availability & DR, etc.
Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management. Technology requirements:
Degree or certifications required:
• SPLUNK Admin cert.
• AWS certs.
Years experience:
• 10+ years of experience
Required background/ Skillsets:
Extensive experience in Splunk and related SIEM and SOAR technologies
Application: Cribl, or Demisto
Extensive experience with Cloud infrastructure
Application: (AWS preferred) - EC2, ECS, Route53, SNS, Lambda, CloudWatch, Secrets Manager, RDS, etc.
Extensive experience with configuration management tools
Application: Such as Ansible or Chef and infrastructure as code tools such as Terraform or CloudFormation
Appian Architect
Security Architect Job 17 miles from Reston
What Working at Hexaware offers:
Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.
Hexaware provides access to a vast array of tools that enhance, revolutionize, and advance professional profile. We complete the circle with excellent growth opportunities, chances to collaborate with highly visible customers, chances to work alongside bright brains, and the perfect work-life balance.
With an ever-expanding portfolio of capabilities, we delve deep into and identify the source of our motivation. Although technology is at the core of our solutions, it is still the people and their passion that fuel Hexaware's commitment towards creating smiles.
“At Hexaware we encourage to challenge oneself to achieve full potential and propel growth. We trust and empower to disrupt the status quo and innovate for a better future. We encourage an open and inspiring culture that fosters learning and brings talented, passionate, and caring people together.”
We are always interested in, and want to support, the professional and personal you. We offer a wide array of programs to help expand skills and supercharge careers. We help discover passion-the driving force that makes one smile and innovate, create, and make a difference every day.
The Hexaware Advantage: Your Workplace Benefits
Excellent Health benefits with low-cost employee premium.
Wide range of voluntary benefits such as Legal, Identity theft and Critical Care Coverage
Unlimited training and upskilling opportunities through Udemy and Hexavarsity
Essential Skills
10+ years of Business Process Management hands-on experience in Appian Tool
Appian “Lead Developer” Certification is a MUST.
Experience in Appian 22.X is essential.
Highly experienced in complex, enterprise implementations based on Appian software.
Undertakes complex system integration configuration and transformations.
4+ years of strong experience in Leading team with respect to design and implementation of Business Process Management solutions using Appian.
Strong architectural, design and Hands-on active experience includes:
Design of UI SAIL forms for Tempo environment.
Experience with Appian's data fabric feature.
Client has looking someone who has worked in a faster paced industry.
Client is looking for someone who can-do hands-on coding in Appian tools and manage the team.
Design of CDTs that interact with external database.
Design of role-based access control Appian components.
Development of Records and Reports using SAIL.
Build/consumption of WEB/REST services.
Design of expression rules, constants, and query rules.
Handling Appian Packaging and deployment.
Applying Appian Best Practices.
Experience in performing integration using Standard Protocols like REST, SOAP, MQ etc.
Experience in terms of installation, Configuration, Deployment and Maintenance of Appian Applications.
Experience in handling Application Security (Encryption/Decryption, TLS/SSL, Digital Certificate) and SSO (SAML, OAuth).
Experience in building automated deployment of Appian process applications.
Well Versed with the latest versions of Appian release including process mining, AI, and RPA capabilities.
Strong understanding of Appian server-side properties, Topology, heap memory, sizing, and scaling.
Experience/exposure to Cloud Migration (on-prem to cloud and vice versa), DB Migration.
Should have good communication skills.
Education & Experience:
Masters/Bachelor's Degree in Computer Science or equivalent with 10+ years work experience
Benefits:
In addition to a competitive salary and sign-on bonus, Hexaware has an excellent health benefit plan for medical, dental, and vision. We also offer paid holidays and time off so you can relax and unwind. And our sick leave plan allows you to take paid time off to care for yourself or even a family member. Throw in our 401(k), and we know you'll feel the love!
Information System Security Engineer
Security Architect Job 17 miles from Reston
Edgewater is currently seeking an Information Systems Security Engineer (ISSE) to support our federal customer in the Washington DC area. This is remote role with one to two days a month on site as customer requires.
This job is a hybrid position. That said, candidates who live in the DC Metro area and are open to 1 day every other week onsite for collaboration will be preferred. This is a mid-level position.
No agency inquiries, please
Requirements:
Bachelor's degree in cyber security, information technology or related field or equivalent experience working in field.
Experience supporting IT operations with hands-on security configuration roles and applying security baselines on IT systems using CIS Benchmarks and/or DISA STIGS.
Experience in Linux environment is a bonus.
Must obtain and maintain one (1) industry standard security certification. The government approves CompTIA Security+, CISSP, CEH, or DoD equivalent.
Microsoft Certified Azure Administrator Associate highly desirable.
Experience performing risk assessments and security product reviews and statice code analysis.
Strong attention to detail with an analytical mind and outstanding problem-solving skills.
Great awareness of cybersecurity trends and hacking techniques.
Salary: $95,000.00 - $105,000.00
Additional benefits include:
Paid Time Off & Holiday Pay
Medical Insurance
Dental Insurance
Vision Insurance
Disability, Life Insurance, and AD&D
Flexible Spending Accounts
Pre-Tax 401K and/or After-Tax Roth IRA (with employer matching contribution)
Tuition and Technical Training Reimbursement
Exercise Reimbursement
Computer Reimbursement
Employee Assistance Program
Edgewater Federal Solutions is a privately held government contracting firm located in Frederick Maryland. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named a Top Workplace in the Greater Washington Area for six consecutive years 2018 through 2023.
It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law.
Cloud Security Engineer
Security Architect Job 7 miles from Reston
Job Summary: As a Cloud Security Engineer, you will support the security of cloud environments across AWS, GCP, and Azure. This includes identifying and mitigating security risks, using cloud-native security tools, and managing security solutions. You will work with various teams to integrate security into the software development lifecycle, maintain threat models, ensure compliance with security and regulatory requirements, and respond to security queries from clients and partners. Familiarity with cloud security platforms like CNAPP, CSPM, CWPP, CASB, CIEM, and the Wiz tool is beneficial.
Responsibilities:
Experience with cloud security in AWS, GCP, and Azure.
Deploy and manage cloud-native security tools.
Monitor and enforce security using platforms like CNAPP, CSPM, CWPP, CASB, and CIEM.
Use the Wiz tool for security posture management.
Enhance security solutions and maintain security posture.
Integrate security into the software development lifecycle.
Develop and maintain threat models.
Collaborate with stakeholders to minimize security risks.
Ensure compliance with security and regulatory requirements.
Respond to client and partner security queries.
Other duties as assigned.
Qualifications:
B.A. or B.S. in Computer Science or a similar field, or equivalent experience.
5+ years of Cloud Information Security experience with AWS, GCP, and Azure.
Security certifications like AWS Security, CISSP, CISA, or OSCP are a plus.
Experience in security reviews of cloud applications.
Up-to-date knowledge of cloud security advisories and vulnerabilities.
Strong communication skills and attention to detail.
Familiarity with AWS services and cloud security platforms.
Knowledge of IaC tools like Terraform/CloudFormation is a plus.
Proficiency in Python and basic Java for cloud security scripting.
Team-oriented with a passion for cloud technology.
Vulnerability Management Security Engineer
Security Architect Job 17 miles from Reston
Coalfire Federal is a market leading cybersecurity consultancy that provides independent and tailored advice, assessments, technical testing, and a full suite of cybersecurity engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges.
But that's not who we are - that's just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
We're on the lookout for a Vulnerability Management Security Engineer (VSE) to support our Federal team.
Location
Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred.
WHAT YOU'LL DO
Assist in developing and maintaining security policies and standards, and ensuring compliance throughout the organization.
Support the planning and implementation of VM Tools in the detection and tracking of security vulnerabilities.
Monitors availability of system updates, and assists with their installation on security tools.
Assist with investigations of security issues, collect Incident Response data, and summarize report findings.
Analyze processes and technologies to ensure comprehensive protection exists on computer systems to prevent unauthorized entry to computer systems or compromise of data integrity or confidentiality.
Provide up-to-date working knowledge in areas such as computer viruses, intrusion detection systems, encryption systems, firewalls, etc.
Configure agency Vulnerability Management tools
Generate, Analyze and Report on existing vulnerabilities and recommend mitigations.
Monitoring of US-Cert, SANS and additional sources focused on new and evolving vulnerabilities affecting IT security
WHAT YOU'LL BRING
Demonstrated experience working with and securing Cisco, ESXi, Linux, Solaris and Windows operating systems based on defined policy guidance.
Experience with regex, bash, PowerShell, and VBScript scripting languages.
Ability to explain events and produce reports based on the data generated in vulnerability tools.
A solid understanding of the current threats and tactics being used to attack systems.
Experience providing similar service to other clients.
Prior experience working with MS SQL Server.
A strong knowledge of vulnerability management tools and methodologies such as Tenable Nessus, Qualys WAS, Nexpose, Burp Suite Pro
A strong appetite to learn and ability to translate evolving threats and mitigations to real world recommendations.
Ability to recognize and escalate risks, issues, and concerns when necessary.
Education
Completed Bachelor's degree from an accredited university in an IT related field.
Clearance / Suitability
Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
Certifications
Our aim is to build a technologically diverse team - so while we don't have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example.
Preferred certifications typical for roles in our federal delivery services include: Security+, CEH, CISA, CISSP, CISM, or other industry recognized certification(s).
Years of Experience
At least three (3) to five (5) years of demonstrated experience implementing, configuring, and maintaining vulnerability management tools in an enterprise environment (i.e., Tripwire, Nessus, MS Defender, etc.).
WHY JOIN US
Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.
Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
And you'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.