Security engineer jobs in Richmond, VA

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

This position description is subject to change at any time as needed to meet the requirements of the program or company. Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. As a Senior Cyber Security Engineer, you will be responsible for overseeing the Risk Management Framework (RMF) activities at 51 separate locations. This senior-level role leads the day-to-day activities planning, implementing and executing overall RMF activities. The Senior Cyber Security Engineer serves as the primary interface between government leads, subcontractors / vendors, Cyber Engineering and network administrators. #clearance Responsibilities Major Job Activities: + This Senior role acts as supervisor to Cyber Security Engineer. + Manages the planning, execution, mitigation, and reporting of Security Technical Implementation Guide (STIG) and Security Requirements Guides (SRG). + Ongoing Vulnerability Monitoring and scanning. + Set up, operate and maintain a test lab. + Test patches, upgrades, and changes before implementing to field. + Respond to system update and patching failures. + Management of 51 existing remote field networks. + Interaction with Golf Club Management Software vendor. + Create and update all RMF related documentation (ex. Topology, Network Component Inventory, Various plans to include Plan of Action and Milestones (POAM). + Develop and maintain MS Project Master Schedule. + Contribute to Program Management Plan and Program reporting as needed. + Work non-business hours when required to avoid disrupting operations. Material & Equipment Directly Used: + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project Working Environment: Office environment with potential to support CONUS and OCONUS locations. Physical Activities: Must be able to lift / carry 50 lbs. Qualifications Education / Certifications: + Technical BA / BS Degree + IAT Level III related certifications: + CASP + + CCNP + Certified Information Systems Security Professional (CISSP) + GCED + GCIH Experience: + 15 years of related experience with a BA / BS degree. Clearance Requirement: + Candidates must possess or be able to obtain a favorable IT-I, IT-II, or IT-III Public Trust Clearance. Skills & Technology Used: + In depth experience with multiple disciplines across computing environment: + System Administration (Windows Endpoints and Windows Servers) + Networking / VPN + Code Development + Compute Infrastructure Setup + Remote Maintenance + Expertise with DoD RMF process, eMASS, and attaining system ATOs. + Development of system artifacts required for ATO packages. + Configuration and use of ACAS, STIGs, SCAP, ENS / ESS, MS Defender. + Scripting and process automation. + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project. + Preferred - Experience with Beyond Trust access security software application. Supervisory / Budget Responsibilities: Provide overall planning and daily supervision to Cyber Security Engineer. At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Black Lotus Labs is seeking a Principal Security Engineer on the Research & Analysis team. This team leverages Lumen's global visibility of one of the world's largest and most interconnected IP backbones and a petabyte-scale compute cluster to perform cutting edge threat research, hunting and tracking advanced persistent threat actors (APTs) and emerging criminal activity as the threat actors traverse the internet. They empower customers to stay ahead of the evolving threat landscape. **The Main Responsibilities** + Serve as Threat Research Subject Matter Expert, offering guidance and support to the Black Lotus Labs team on threat hunting activities, such as identifying knowledge gaps, troubleshooting technical challenges, developing solutions, and mentoring team members in overcoming obstacles. Set priorities for what threats to analyze to maximize team's impact. + Conduct threat research across technical data sets, fusing Black Lotus Labs telemetry with third party data sets, to automate detection of the latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection. + Use industry-leading technical knowledge of adversary capabilities and infrastructure and define, develop, and implement techniques to lead the team in tracking sophisticated adversaries, delivering actionable threat intelligence data to Lumen customers. + Lead and enhance threat hunting operations by actively engaging with other research teams, building strong partnerships to achieve shared goals, exploring new data sources, and mentoring team members in executing workflows and solving complex challenges. + Provide expert analysis and strategic insights on emerging threats and vulnerabilities, translating complex technical information into actionable intelligence for executive leadership and external stakeholders. + Spearhead thought leadership initiatives by leading Black Lotus Lab's voice at security conferences and internal executive briefings. **What We Look For in a Candidate** + Proven experience in threat hunting and in-depth technical security research, demonstrating a strong track record of successfully identifying, tracking, and disrupting nation-state and cybercriminal threat actors. + Deep understanding of advanced threat hunting methodologies, attacker tactics, techniques, and procedures (TTPs), and the ability to derive actionable threat hunts from complex data sets. + Demonstrated experience building prototype threat hunting solutions and large data analysis tools with Python (or other equivalent languages). + Proven experience initiating and coordinating technical projects focused on telemetry collection, TTP based threat hunting, or developing threat hunt tools that have cross-organization impact on threat visibility, including leading private-public partnerships and multi-company collaborations. + 5+ years of experience in the IC, DoD or similar tracking and defending against nation state threat activity. + Exceptional communication and presentation skills, including the ability to clearly and concisely convey complex technical information to both technical and non-technical audiences, ranging from executives and board members to conference attendees and internal stakeholders. + Experience presenting at industry conferences and in the media. + Highly organized with the ability to manage multiple tasks, prioritize effectively, and triage competing demands in a fast-paced environment. + Proven ability to lead and manage complex technical projects, effectively driving them to successful completion. + Active TS/SCI clearance with poly **Well-experienced candidates may also have the following skills: ** + Proficiency in malware reverse engineering and incident response. + 5+ years of experience leading teams of technical threat discovery professionals. + Software development experience in Docker and big data technologies like Hadoop, Spark, and Tensor Flow. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** \#LI-JS1 Requisition #: 339093 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 11/20/2025

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. Day Shift - 7.5 Hours (United States of America) We are seeking a detail-oriented and motivated Cyber Security Analyst (Level 1) to support our healthcare organization's mission of protecting patient data and ensuring compliance with HIPAA and other healthcare regulations. This entry-level role is ideal for individuals passionate about cybersecurity and eager to grow within a healthcare environment. Key Responsibilities: Monitor and analyze security alerts from healthcare systems, EHR platforms, and network infrastructure. Assist in the investigation and documentation of security incidents, including potential HIPAA violations. Support vulnerability scanning and patch management across clinical and administrative systems. Help maintain and enforce security policies, procedures, and incident response plans. Assist in documentation and presentation of findings from notable security investigations, including action items and lessons learned to drive ongoing security improvements. Act as first point of contact for security tickets and questions Participate in audits and risk assessments to ensure compliance with healthcare regulations (e.g., HIPAA, HITECH). Contribute to security awareness training for clinical and non-clinical staff. Stay informed on emerging threats, especially those targeting healthcare organizations. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Health Informatics, or a related field (or equivalent experience). Basic understanding of healthcare IT systems and regulatory requirements (HIPAA, HITECH). Familiarity with security tools such as SIEM, antivirus, firewalls, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication skills and ability to work in a team-oriented environment. Preferred Qualifications: Internship or experience in a healthcare IT or cybersecurity role. Certifications such as CompTIA Security+, HCISPP, or equivalent. Knowledge of EHR systems (e.g., Epic, Cerner) and medical device security is a plus. Work Environment: May involve hybrid or on-site work depending on facility needs. Participation in on-call rotation or after-hours incident response may be required Participation in on-call rotation or after-hours incident response may be required Salary Range: $65,000 - $80,000 Employment Non-Discrimination: Richmond University Medical Center is committed to equality of opportunity in all aspects of employment and provides full and equal employment opportunities to all employees and potential employees without regard to race, color, national origin, religion, gender identity, sex, sexual orientation, pregnancy, childbirth and related medical conditions and needs including lactation accommodations, physical or mental disability, age, immigration or citizenship status, veteran or active military status, genetic information, or any other legally protected status. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

**Title:** GRC Security Architect **Salary:** Up to $150K **About PSI** Join Us at PSI - Where You Belong, Grow, and Thrive! At PSI, we believe that people achieve their best when they feel they truly belong. That's why fairness and opportunity are at the heart of everything we do - not just words, but values deeply embedded in our culture and the full employee experience. We're proud to foster an environment where everyone is supported to reach their full potential. From your first day through every step of your journey with us, you'll feel the difference in how we work, grow, and succeed together. What You Can Expect From Us - We know that great work starts with feeling valued. That's why we've benchmarked all our roles against local market rates and why you'll always see salary details in our job postings. We believe in transparency, and we want you to feel confident that your next move aligns with your expectations. **About the Role** The GRC Security Architect plays a key role in supporting PSI's commitment to data security, privacy, and compliance. This role is responsible for driving core activities across quality, risk management, Information Security, data protection, and audit readiness to ensure the organization meets ISO, PCI, SOC 2, and other relevant standards. The position helps deliver assurance to stakeholders that PSI prioritizes the security and privacy of its data and systems. This is a full-time, permanent role, Monday to Friday, with flexible working hours around a standard 09:00 - 17:30 schedule. The role reports to the Snr Director of Information Security, Governance, Risk and Compliance and may be performed remotely, with occasional travel to offices and test centres as required for audits and assessments. This role requires that the successful applicant have experience working on Federal projects, be a United States resident and be able to obtain Federal clearance. **Role Responsibilities** + Collaborating with Internal teams to ensure that secure systems and networks are designed and implemented. + Identify potential security vulnerabilities within existing and prospective systems and devise strategies to address them. + Working with internal teams ensure that our infrastructure and applications adhere to established security measures. + Identify security risks in our organization and come up with possible preventative measures. + Assess the organization's security status in order to identify areas that need improvement. + Stay up-to-date with the emergence of new security threats while continuously adopting the industry's best practices. + Collaborate with internal teams to embed Security by Design principles in Infrastructure, Development and DevOps practices, implementing a framework to ensure that security controls are documented for all systems as part of standard operating procedures. + Collaborate with internal teams to support an integrated end-to-end GRC approach across the organization. + Maintain and update security policies, standards, procedures, and guidelines, ensuring they align with current business and IT practices. + Monitor and assess the effectiveness of security controls across business systems and processes. + Ensure alignment with client, regulatory, and internal compliance requirements. + Support the automation and continual improvement of GRC processes and tools. + Generate and present GRC-related metrics and reports to internal stakeholders and executive leadership. + Support internal and external audits (e.g., ISO27001, SOC2, etc.), including gathering evidence and managing responses. + Build and maintain cross-functional relationships with teams such as Legal, IT, Audit, Finance, and Business Operations to ensure GRC practices support overall business objectives. + Support ongoing compliance initiatives, including security incident reviews, risk memos, and policy exceptions. + Participate in the development of operational reports, metrics dashboards, and trend analysis related to security and compliance activities. + Support audit plans and compliance documentation for internal or external stakeholders. **Knowledge, Skills and Experience Requirements** + Experience working within, achieving and/or maintaining third-party attestations such as FedRAMP, SOC2, ISO27001 + Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) strongly recommended + Experience working on a Federal Program is essential and contributing to core document set eg SSP, ConMon reporting, POAMs, System Narrative, SCP, SIA + Experience implementing or maintaining FedRAMP Moderate Authorization is desirable. + Experience documenting security controls in Architecture diagrams is essential + Extensive training and experience in IT disciplines such as application and data security, systems programming, systems design, computer technology or software disciplines + Familiarity with OneTrust or ServiceNow GRC and Privacy tools desired + Certified training in security management, risk and compliance solutions and practices. CISSP, ISSAP, CISA, CISM, GSEC, or related certification(s) desirable. + Experience in a fast-paced GRC function (desirable). **Benefits & Culture** Alongside a competitive salary, we offer a comprehensive benefits package designed to support your well-being, your future, and your sense of purpose: + Retirement Benefits: 401(k), pension, or country-specific retirement plans with employer contributions + Generous Time Off: Enhanced paid time off/annual leave policies + Health & Wellbeing Coverage: Medical insurance tailored to your region, plus: + US: Dental, vision, life, and short-term disability insurance + UK: Medical cashback plan including dental, vision, and income protection + Flexible Spending Accounts (US) + Employee Assistance Program (EAP): Confidential support whenever you need it + Work-Life Balance: We understand life happens outside of work, and we fully support flexibility + Wellness Culture: Regular global wellness initiatives to help you stay healthy and inspired + Future Planning: Tools and support to help you grow personally and professionally + Giving Back: Enjoy a Volunteer Day each year and opportunities to support our communities and industry At PSI, we're more than just a workplace - we're a global team driven by shared values and real impact. If you're ready to be part of a company that's committed to your growth and well-being, we'd love to hear from you. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

Title: Information Security Specialist Hiring Range: $88,000 - $114,700 Pay Band: UG Recruitment Type: General Public - G Job Duties For more than three decades, the Virginia Lottery has worked to build a strong reputation, one synonymous with providing fun, entertaining experiences and doing so responsibly and with integrity. Proceeds from traditional Lottery games support K-12 public education in Virginia. Taxes generated by sports wagering and casino gaming, which are regulated by the Lottery, benefit other priorities of the Commonwealth. The Virginia Lottery, an independent state agency, is currently seeking an Information Security Specialist to join our ITS and Operations Department. This position is located in Richmond, Virginia. The Information Security Specialist will be responsible for ensuring the operational integrity, availability, and confidentiality of all Lottery data, networks, and computer systems supporting traditional lottery, iLottery, and Gaming Compliance operations, the protection of system data and operations from unauthorized modification or abuse. This is accomplished through policy, standards, and implementation of processes and controls through a variety of means, including testing systems and applications, monitoring system activity, coordinating system access control (physically and logically), creating\updating policies, third-party vendor risk management and analyzing system security architecture with other subject-matter experts in the Lottery Information Technology Security Committee (ITSC) and Security and Technical Architecture Review (STAR) teams that ensure we comply with the VITA Standards and §2.2-603 of the Code of Virginia. Actively collaborates with Lottery Leadership, VITA, and Information Security community to stay current with all trends, technology, and COV requirements. The Information Security Specialist will: • Periodically review policy and supporting processes and procedures to ensure that they align with risk management strategy objectives and priorities, COV policy and standards, as well as the high-level direction of the cybersecurity policy. • Works with the Director of Information Security and Information Security Risk and Compliance Officer to complete, review, and update governance tasks such as risk assessments, system security plans, and data/system classification as needed. • Collaborate with ITS on internal control requirements, best practices and compliance. • Perform routine review, analysis, and testing of security controls to ensure alignment with IT security standards and ensure effectiveness. • Develop and coordinate corrective action plans to internal and external audits and other information security assessments to ensure any gaps in security and compliance are corrected. • Participate in the development and maintenance of the Lottery risk management program, part of the overall Lottery Information Security program, to include associated policies, procedures, and formalized application security testing processes. • Coordinate with internal and external stakeholders to ensure Risk Assessments for sensitive systems are developed and reviewed in accordance with the Lottery Risk Assessment Plan. • Coordinate risk analysis, assessment, and reporting activities. • Perform updates and manage Lottery POA&M and compliance registers and assist with tracking remediation and closure of corrective actions. • Implement cybersecurity supply chain risk management and third-party vendor risk management activities across the enterprise. • Develop and maintain the Lottery Business Impact Analysis (BIA), Enterprise Business Continuity Plan, and documentation supporting the overall continuity program. • Coordinate disaster recovery planning activities; disaster recovery training and exercise, IT disaster recovery exercise and updates. • Perform prize verification process and supporting tasks as required. • Perform duties as system administrator for raffle game(s) as required. Other duties may be required based on supplementary assignments. Note - This position requires in-office work three days per week including Tuesday and Wednesday. Minimum Qualifications The person selected for this position will have: • Bachelor's degree in information systems, computer science, or related field required. • Five or more years of information security governance, risk, compliance and third-party vendor oversight activities. • Knowledge of information security principles, policies and procedures, and Risk Management Frameworks. Working knowledge of business, applications, and technology as applied to information security. Knowledge of information assurance principles and organizational requirements that are relevant to confidentiality, integrity, and availability. Demonstrated ability to plan, develop, coordinate, and manage multiple security initiatives in a technologically diverse environment. Demonstrated ability to interact successfully with senior management, regulatory and compliance managers, and external vendors. Knowledge of new and emerging Information Technology and Security strategies. Knowledge of federal, state, agency, and other regulatory agents' policies, regulations, and standards. • Experience in developing and maintaining an enterprise information security program. • Experience in working with internal and external stakeholders to develop and maintain Risk Assessments, System Security Plans, and other IT security governance, risk, and compliance documentation. • Thorough understanding of IT security controls, specifically NIST 800-53 and Commonwealth of Virginia IT security policies and standards, SEC530, SEC20. • Experience in business continuity planning. • Excellent interpersonal and communications skills, both oral and written. • Ability to develop and maintain policies and procedures. • Ability to work independently and as part of a team. • Expertise in effectively managing competing priorities. • Ability to maintain strict confidentiality of sensitive material. A comparable amount of training and experience may be substituted for the minimum qualifications Additional Considerations • Advanced degree in Computer Science, Information Technology or relevant field. • Recognized certifications from CompTIA, ISC2, ISACA or SANS Global Information Assurance Certification (GIAC) credentials. • Lottery experience preferred. Special Instructions You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to “Your Application” in your account to check the status of your application for this position. The selected candidate will be required to complete a background investigation and possess a valid Driver's License. Minimum travel required. Must be willing to work some nights and weekends as needed. Requires in-person work three (3) days a week including Tuesday and Wednesday. The Virginia Lottery is an independent state agency, and as such all positions are exempt from the Virginia Personnel Act, as well as most Executive Branch human resources policies. The Virginia Lottery is a fun place to work and values diversity in the workforce. We offer a competitive salary and excellent benefits. The Virginia Lottery is an Equal Opportunity Employer. Only online applications completed in their entirety will be accepted for this position. The Virginia Lottery will provide, if requested, reasonable accommodation to applicants in need of accommodation in order to provide access to the application and/or interview process. If any assistance is needed when applying online, please contact the Virginia Lottery's Human Resources Department at **************. Applications will be accepted until a suitable pool of candidates is received. After 5 business days, this position may be closed at any time. Contact Information Name: Human Resources Phone: ************ Email: N/A In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at ************. Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.

Centurion is seeking a skilled Information Security Analyst to support security and privacy efforts across all programs, projects, IT systems, and applications. This role will work closely with the Information Security Office (ISO), providing expertise in governance, risk, and compliance, while ensuring appropriate security controls are implemented and maintained. The ideal candidate is detail-oriented, collaborative, and experienced in applying security frameworks to real-world business and technology environments. Key Responsibilities Support Information Security and Privacy initiatives across business areas and vendor engagements. Manage and update information security documentation within a Governance, Risk, and Compliance (GRC) system. Develop and maintain System Security Plans (SSPs) in collaboration with business stakeholders. Represent the Information Security Office in PMO-led projects, ensuring proper ISO engagement. Partner with teams to analyze challenges, propose compliant solutions, and deliver clear communications. Assist in the creation and maintenance of information security standards, policies, and procedures. Document security controls, including system diagrams, risk assessments, and control narratives. Review contracts and vendor documentation to ensure adequate information security protections. Conduct research on emerging information security and privacy practices to strengthen internal processes. Required Qualifications Minimum of 3 years' experience in information security concepts related to governance, risk, and compliance. Strong knowledge of information security principles, methods, and IT infrastructure management. Experience with security frameworks (e.g., NIST, ISO 27001, COBIT). Proven ability to organize work, prioritize tasks, and meet deadlines independently. Experience drafting policies, standards, and procedures related to Information Security and Privacy. Ability to interpret technical documentation, flow diagrams, and process maps. Strong communication skills with the ability to write clearly for varied audiences. Proficiency in creating diagrams, flowcharts, and spreadsheets. Understanding of general contract terms and conditions related to information security. Preferred Qualifications Bachelor's degree in Computer Science, Information Systems, or related field. Professional certifications such as CISA, CISSP, or equivalent. Prior experience in the financial services industry. Knowledge of cloud and application security controls. Familiarity with information security regulations such as GLBA, GDPR, PCI, and privacy regulations including GDPR, CCPA, VCDPA. Why Join Us? Play a vital role in protecting sensitive information and strengthening enterprise-wide security posture. Collaborate across teams and gain exposure to a broad range of security and compliance initiatives.

VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of security policy, intrusion detection/prevention systems, perimeter security Technology, and Information security. Job Overview: VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of Information Systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap. Key Responsibilities:• Participates in the design, implementation and support of security infrastructure for the Department. • Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level.• Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment.• Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained.• Strategic Plan items pertinent to the Network Security Operations group are completed.• System policies and procedures are created, documented, and maintained.• Perform network scans and penetration testing. Monitors log analysis and management tools for threats. • Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation. • Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement.• Ensure all daily functions that are required to maintain security applicable systems and applications are documented.• Work with the agency's ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders.• Device configurations are based on best practices.• Relevant documentation is kept up to date.• Coordinating the handling and resolution of incidents related to security. Requirements Considerable knowledge and hands on experience in the areas of information systems security of security policy--Required 7 Years Considerable knowledge hands on experience with web security gateways, network access control, endpoint security, and perimeter security technologies--Required 7 Years Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems--Required 7 Years Considerable knowledge and hands on experience with intrusion detection/prevention systems, log analysis and management, web content filtering--Required 7 Years Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of OSI model with emphasis on TCP/IP--Required 7 Years Demonstrated ability to identify security risks across the enterprise and perform the day-to-day operation--Required 7 Years Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure--Required 7 Years Considerable knowledge and hands on experience detecting, responding, remediating security incidents--Required 7 Years Considerable knowledge and hands on experience remediating System Security Plans (SSP) and Risk Assessment (RA) in cybersecurity--Required 7 Years Solid experience with performing threat; vulnerability, risk assessment and coordinating the resolution of incidents related to security breaches--Required 7 Years Considerable knowledge and hands on experience with web related technologies and penetration testing tools--Required 7 Years CISSP--Highly desired

Network Security Engineer Clearance Requirements: None Contract (Long-Term, Potential for Extension) Pay Rate: $57/- on W2 Per hour Description Our government client in Richmond, VA is seeking an experienced and proactive Network Security Engineer to enhance and maintain the security posture of its enterprise IT infrastructure. This hands-on role is vital to safeguarding systems through continuous monitoring, incident response, and the implementation of cybersecurity best practices. The ideal candidate brings strong technical expertise across network and endpoint security, a working understanding of Zero Trust architecture, and proven experience using tools such as Qualys, Splunk, Cisco Secure Access, DUO, ThousandEyes, and Cloudflare. You'll collaborate with IT teams to ensure network integrity, manage security incidents, and help drive continuous improvement in cyber resilience. This position offers an excellent opportunity to work in a mission-driven, collaborative environment that protects critical infrastructure and supports secure digital operations. Key Responsibilities Incident Response & Monitoring * Detect, analyze, and respond to security incidents across networks, endpoints, and cloud environments. * Investigate alerts using Splunk, SolarWinds, Cisco Secure Endpoint, and Secure Network Analytics. * Log and manage incidents using ServiceNow and Jira. Identity & Access Management (IAM) * Administer and maintain IAM systems, role-based access controls, and MFA tools (DUO, Microsoft Authenticator). * Manage Active Directory and Azure AD user provisioning. * Support Network Access Control (NAC) enforcement and policy configuration. Vulnerability & Threat Management * Conduct regular vulnerability assessments using Qualys. * Collaborate with internal teams to remediate vulnerabilities and strengthen defenses. Network & Cloud Security * Monitor and analyze network protocols (TCP/IP, DNS, HTTP/S) for threats. * Support cloud security initiatives using Cloudflare and Cisco Secure Access Suite. * Configure and maintain Cisco ThousandEyes for network visibility and performance optimization. Documentation & Collaboration * Maintain accurate documentation of incidents, investigations, and remediation actions. * Contribute to security awareness and cross-functional security initiatives. Required Skills & Education * 3+ years of experience in cybersecurity or IT operations. * Strong knowledge of IAM principles, MFA implementation, and endpoint protection. * Hands-on experience with Qualys, DUO, SolarWinds, Splunk, Cloudflare, and EDR solutions. * Familiarity with Cisco Secure Access, Umbrella, AnyConnect, ThousandEyes, and Secure Network Analytics. * Working knowledge of Active Directory, Azure AD (Entra), and ticketing systems (ServiceNow, Jira). * Solid understanding of network protocols and traffic analysis. * Certification: CompTIA Security+ or equivalent required. Preferred Qualifications * 5+ years of experience in cybersecurity or network operations. * Bachelor's degree in Cybersecurity, Information Technology, or a related discipline. * Experience with cloud platforms (Azure, AWS, GCP) and their native security tools. * Familiarity with Microsoft Sentinel, Entra ID, Defender for Identity, and Zero Trust frameworks. * Experience with NAC platforms such as Cisco ISE or Aruba ClearPass. * Advanced certifications preferred: * CISSP, CISM, CEH * Microsoft SC-200 / SC-300 * Cisco CyberOps Associate * GIAC Security Essentials (GSEC) About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm - we are a trusted career partner. With offices across the U.S. and clients spanning Fortune 500 companies to government agencies, we connect talented professionals with opportunities that drive both personal and professional growth. Our consultants enjoy competitive pay, comprehensive benefits, and dedicated career support. We invest in your success, celebrate your achievements, and help you make an impact through meaningful work with leading organizations nationwide. Seneca Resources is proud to be an Equal Opportunity Employer, committed to fostering an inclusive environment where all qualified applicants are encouraged to apply.

Synigent Technologies is seeking a Network Security Engineer for our client in Richmond, VA. This onsite role will support and enhance the security posture of its enterprise IT infrastructure. This contract position plays a critical role in safeguarding IT systems through proactive monitoring of the environment, performing incident response activities, and implementation and configuration of security best practices in all IT security software. Minimum requirements include: 5+ years of experience in cybersecurity, IT operations, or related field Bachelor's degree in Cybersecurity, Information Technology, or related discipline. Experience with cloud platforms (Azure, AWS, GCP) and their security features. Familiarity with Microsoft Sentinel, Entra ID, and Defender for Identity. Exposure to Zero Trust implementation frameworks and NAC platforms (e.g., Cisco ISE, Aruba ClearPass). Strong understanding of IAM principles and MFA implementation. Hands-on experience with tools such as Qualys, Nessus, DUO, SolarWinds, Splunk, Cloudflare, and EDR solutions. Familiarity with Cisco security products including Secure Access, Umbrella, AnyConnect, ThousandEyes and Secure Network Analytics. Experience with ticketing systems such as ServiceNow and Jira. Working knowledge of Active Directory and Entra. Solid grasp of network protocols and traffic analysis. Certifications Required: CompTIA Security+ or equivalent Sound like you, or someone you know, let's talk today.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

The Client is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of Information Systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap. Key Responsibilities: Participates in the design, implementation and support of security infrastructure for the Client. Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level. Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment. Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained. Strategic Plan items pertinent to the Network Security Operations group are completed. System policies and procedures are created, documented, and maintained. Perform network scans and penetration testing. Monitors log analysis and management tools for threats. Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation. Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement. Ensure all daily functions that are required to maintain security applicable systems and applications are documented. Work with the agency's ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders. Device configurations are based on best practices. Relevant documentation is kept up to date. Coordinating the handling and resolution of incidents related to security. Skills: SkillRequired / DesiredAmountof ExperienceConsiderable knowledge and hands on experience in the areas of information systems security of security policy Required7YearsConsiderable knowledge hands on experience with web security gateways, network access control, endpoint security, and perimeter security technologies.Required7YearsConsiderable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems.Required7YearsConsiderable knowledge and hands on experience with intrusion detection/prevention systems, log analysis and management, web content filtering Required7YearsConsiderable knowledge and experience with network protocols and security/authentication protocols at all layers of OSI model with emphasis on TCP/IPRequired7YearsDemonstrated ability to identify security risks across the enterprise and perform the day-to-day operation.Required7YearsDemonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure Required7YearsConsiderable knowledge and hands on experience detecting, responding, remediating security incidents.Required7YearsConsiderable knowledge and hands on experience remediating System Security Plans (SSP) and Risk Assessment (RA) in cybersecurity Required7YearsSolid experience with performing threat; vulnerability, risk assessment and coordinating the resolution of incidents related to security breaches.Required7YearsConsiderable knowledge and hands on experience with web related technologies and penetration testing tools Required7YearsCISSPHighly desired Years Powered by JazzHR Ofrm7kSZXQ

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. Security Environments: Create and maintain testing environments for security solutions. Risk Mitigation: Innovate security measures across on-premise and cloud environments. Network Security Oversight: Manage cloud network security, including firewall approvals. Automation & Scripting: Develop automation scripts for security needs. Incident Response: Lead and strategize responses to cyber threats. Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. Cyber Threat Awareness: Stay updated on security trends and threats. Change Management: Oversee security aspects of cloud changes and software deployments. Policy Documentation: Document and enforce security policies and procedures. Skill Development: Update and share technical knowledge on data protection. Metrics & Reporting: Generate Cloud Security status metrics. Mentorship & Leadership: Guide and mentor junior team members. Operational Support: Maintain security tools and systems. Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). Project Support: Evaluate and implement new security technologies. Technical Resource: Serve as an expert for other departments. Communication: Convey security issues and solutions clearly. Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: 3+ years related work experience & industry certification in cyber security. Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. Security+ or similar industry approved certifications. Other certifications that are a plus: ITIL, preferred Certified Cloud Security Professional - ISC2 .org (CCSP) Certified Information Systems Security Professional (CISSP) Certificate of Cloud Security Knowledge - CSA (CCSK) Information Systems Security Engineering Professional (ISSEP) Microsoft Certified: Azure Fundamentals (MCAF) Microsoft Certified Azure Administrator Associate (MCAAA) Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose ‘Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job DescriptionCenter 3 (19075), United States of America, McLean, VirginiaSr. Distinguished Engineer - Network Security Senior Distinguished Engineers are individual contributors who strive to be diverse in thought so we visualize the problem space. At Capital One, we believe diversity of thought strengthens our ability to influence, collaborate and provide the most innovative solutions across organizational boundaries. Distinguished Engineers will significantly impact our trajectory and devise clear roadmaps to deliver next generation technology solutions. The Senior Distinguished Engineer will be a part of the Network Protection Engineering organization focusing on shaping the network security agenda including the vision and capability growth across the domain. This domain covers enterprise the network security platform inclusive of secure access services, perimeter defense, and network defense. Senior Distinguished Engineers are: Deep technical experts and thought leaders that help accelerate adoption of the very best engineering practices, while maintaining knowledge on industry innovations, trends and practices Visionaries, collaborating on Capital One's toughest issues, to deliver on business needs that directly impact the lives of our customers and associates Role models and mentors, helping to coach and strengthen the technical expertise and know-how of our engineering and product community Evangelists, both internally and externally, helping to elevate the Distinguished Engineering community and establish themselves as a go-to resource on given technologies and technology-enabled capabilities Responsibilities: Build awareness, increase knowledge and drive adoption of modern technologies, sharing consumer and engineering benefits to gain buy-in Strike the right balance between lending expertise and providing an inclusive environment where others' ideas can be heard and championed; leverage expertise to grow skills in the broader Capital One team Promote a culture of engineering excellence, using opportunities to reuse and innersource solutions where possible Effectively communicate with and influence key stakeholders across the enterprise, at all levels of the organization Operate as a trusted advisor for a specific technology, platform or capability domain, helping to shape use cases and implementation in an unified manner Lead the way in creating next-generation talent for Tech, mentoring internal talent and actively recruiting external talent to bolster Capital One's Tech talent Basic Qualifications: Bachelors Degree At least 9 years of software engineering or software development experience At least 5 years of public cloud experience (AWS, GCP, Azure) At least 3 years of experience with Network Security Engineering Preferred Qualifications: Masters Degree 12+ years of software engineering or software development experience 7+ years of experience in building distributed systems and highly available services using cloud computing services (AWS, GCP, Azure) 5+ years of experience with Network Security Engineering Capital One will consider sponsoring a new qualified applicant for employment authorization for this position. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Number of positions: 1 Length: 12Months + Work Address: Richmond, VA 23219 Immediate interviews Web Cam Interview Elect - Cybersecurity Engineer Is Remote. Seeking an Azure Senior Security Engineer (Cybersecurity Engineer 3) with minimum 5 years experience to work with an existing software development team. You will be working with our more established contractors and staff to focus on several web and Windows applications used both by internal staff and constituents of the Commonwealth of Virginia. The candidate will need expertise in all aspects of IT security and cloud security and experience working in an Agile/Scrum development environment interacting with technical and non-technical stakeholders. Candidate will need to have extensive knowledge of cybersecurity practices, industry security standards, and regulatory standards. A bachelors degree and/or applicable recognized industry certifications are strongly desired and will help you stand out in this position. using mobile and responsive design practices, so a familiarity with these methodologies would be a plus. Required/Desired Skills Candidates must have ALL the Required skills in order to be considered for the position. Desired or Highly Desired skills are a PLUS but may NOT be required. Skill Matrix (Please fill the last two columns of this matrix) Experience with Business workflow processes Required / Desired Amount of Experience Years of Experience Last Used 5+ years in IT security or cloud security roles required. Required 5 Years 3+ years of hands-on experience securing Azure environments Required 3 Years Bachelors degree in Computer Science, Cybersecurity, or related field or equivalent work experience required. Required 5 Years Relevant certifications (MS Certified Cybersecurity Architect Expert, Azure Security Engineer Associate (SC-300), CompTIA Security+, CISSP, CISM Highly desired 5 Years Experience with Azure Security Services (Azure Defender, MS Sentinel, Azure Key Vault, Azure Policy and Blueprints, Azure Security Center) required. Required 5 Years Experience with Azure Active Directory (AAD), including conditional access, MFA, and identity protection required. Required 5 Years Extensive knowledge of PIM and RBAC required Required 5 Years Experience with NSGs, ASGs, VPN, ExpressRoute, and hybrid connectivity security required Required 5 Years Ability to implement and moitor compliance with regulatory standards such as NIST, ISO 27001, GDPR, etc. is required Required 5 Years Extensive knowledge of threat modeling and vulnerability management, SIEM/SOAR tuning and response workflows, and security alert triage and forensics Required 5 Years Ability to perform scripting and automation using PowerShell, Bicep, ARM templates, or Terraform Required 5 Years Ability to perform perform integration with CI/CD pipelines for secure deployments (GitHub Actions, Azure DevOps) Required 5 Years Ability to create and deliver security architecture reports and documentation Required 5 Years Experience in risk assessment and mitigation strategies Required 5 Years

Job Title: IT Senior Systems Engineer Pay Rate: $100K- $110K per year Schedule: 9:00AM - 5:00PM The Senior Systems Engineer is responsible for ensuring the stability, integrity, and efficiency of the organization's information systems that support core business functions. This includes monitoring, maintaining, supporting, and optimizing all IT infrastructure, networked software, and associated operating systems to ensure reliable performance and operational excellence. Key Responsibilities: Collaborate with the IT team to ensure smooth and reliable network and systems operations. Design and deploy new applications and enhancements to existing applications, software, and operating systems. Conduct cost-benefit and return-on-investment analyses for proposed systems to assist management in decision-making. Interact and negotiate with vendors, outsourcers, and contractors to secure system-related products and services. Evaluate the efficiency and effectiveness of existing systems; develop and implement strategies for improvement. Develop system design models, specifications, diagrams, and documentation to guide the IT team. Perform server and security audits, backup procedures, and disaster recovery testing in alignment with company continuity plans. Integrate and maintain servers, including cloud, email, print, and backup systems, within the organization's IT infrastructure. Ensure reliable system connectivity across all network infrastructure, servers, software, and applications. Create and maintain documentation for system configurations, processes, and service records. Ensure compatibility and interoperability of all in-house computing systems. Monitor and test system performance; prepare and present performance reports and statistics. Provide training and orientation to end users on newly implemented or updated systems. Mentor and provide technical guidance to junior team members. Skills and Qualifications: Proven experience in designing, developing, and implementing IT infrastructure systems and related applications. Strong understanding of systems planning, security principles, and infrastructure management best practices. Hands-on experience with Aruba network infrastructure (switches, routers, wireless access points). Proficiency with Microsoft Windows Server environments (physical and virtual). Experience managing VMware virtualized environments. Skilled in Microsoft 365 configuration and administration. Experience with networked storage systems and data backup solutions. Excellent understanding of organizational goals and IT alignment strategies. Strong knowledge of data security, privacy practices, and applicable regulations. Effective project management, analytical, and problem-solving abilities. Exceptional written, verbal, and interpersonal communication skills. Ability to make sound independent decisions based on expertise and judgment. Strong troubleshooting skills and customer service orientation. Highly organized, detail-oriented, and self-motivated with the ability to prioritize tasks in high-pressure environments. Collaborative mindset and ability to work effectively within a team environment.

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Investigator, Insider Trust Responsibilities: 1. Perform analysis, and threat hunting from a variety of log sources (e.g., individual host logs, network traffic logs) to identify potential insider threats 2. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 3. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 4. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 5. Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigation capabilities 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 5+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. Technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Experience with attacker tactics, techniques, and procedures 12. Proficiency in coding or scripting in one or more general-purpose programming languages **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

This position description is subject to change at any time as needed to meet the requirements of the program or company. Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. As a Cyber Security Engineer with AFGES, you will be responsible for the Risk Management Framework (RMF) activities at 51 separate locations. This role executes the day-to-day activities planning, implementing and executing overall RMF activities. The Cyber Security Engineer will interact with government leads, subcontractors / vendors, and network administrators. #clearance Responsibilities Major Job Activities: + This Cyber Security Engineer role works closely with a Sr. Cyber Security Engineer. + Assists the Sr. Engineer in the planning, execution, mitigation and reporting of Security Technical Implementation Guide (STIG) and Security Requirements Guides (SRG). + Ongoing Vulnerability Monitoring and scanning. + Set up, operate and maintain a test lab. + Test patches, upgrades, and changes before implementing to field. + Respond to system update and patching failures. + Oversite of 51 existing remote field networks. + Interaction with Golf Club Management Software vendor. + Create and update all RMF related documentation (ex. Topology, Network Component Inventory, Various plans to include Plan of Action and Milestones (POAM). + Provide support to develop and maintain MS Project Master Schedule. + Contribute to Program Management Plan and Program reporting as needed. + Work non-business hours when required to avoid disrupting operations. Material & Equipment Directly Used: + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project Working Environment: Office environment with potential to support austere locations. Physical Activities: Must be able to lift / carry 50 lbs. Qualifications Education / Certifications: + Technical BA / BS Degree + IAT Level II related certifications (or higher): + CompTIA Security+ CE + Cisco Certified CyberOps Associate + CySA + + GSEC + SSCP Experience: + 10 years of related experience with a BA / BS degree. Clearance Requirement: + Candidates must possess or be able to obtain a favorable IT-I, IT-II, or IT-III Public Trust Clearance. Skills & Technology Used: + In-depth experience with multiple disciplines across computing environment: + System Administration (Windows Endpoints and Windows Servers) + Networking / VPN + Code Development + Compute Infrastructure Setup + Remote Maintenance + Expertise with DoD RMF process, eMASS, and attaining system ATOs. + Development of system artifacts required for ATO packages. + Configuration and use of ACAS, STIGs, SCAP, ENS / ESS, MS Defender. + Scripting and process automation. + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project. + Preferred - Experience with Beyond Trust access security software application. At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: * Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. * Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. * Security Environments: Create and maintain testing environments for security solutions. * Risk Mitigation: Innovate security measures across on-premise and cloud environments. * Network Security Oversight: Manage cloud network security, including firewall approvals. * Automation & Scripting: Develop automation scripts for security needs. * Incident Response: Lead and strategize responses to cyber threats. * Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. * Cyber Threat Awareness: Stay updated on security trends and threats. * Change Management: Oversee security aspects of cloud changes and software deployments. * Policy Documentation: Document and enforce security policies and procedures. * Skill Development: Update and share technical knowledge on data protection. * Metrics & Reporting: Generate Cloud Security status metrics. * Mentorship & Leadership: Guide and mentor junior team members. * Operational Support: Maintain security tools and systems. * Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). * Project Support: Evaluate and implement new security technologies. * Technical Resource: Serve as an expert for other departments. * Communication: Convey security issues and solutions clearly. * Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: * 3+ years related work experience & industry certification in cyber security. * Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. * Security+ or similar industry approved certifications. Other certifications that are a plus: * ITIL, preferred * Certified Cloud Security Professional - ISC2 .org (CCSP) * Certified Information Systems Security Professional (CISSP) * Certificate of Cloud Security Knowledge - CSA (CCSK) * Information Systems Security Engineering Professional (ISSEP) * Microsoft Certified: Azure Fundamentals (MCAF) * Microsoft Certified Azure Administrator Associate (MCAAA) * Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. * We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. * All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. * We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose 'Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: * All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. * All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.