Security engineer jobs in Rosedale, MD - 2,416 jobs

Evolver Federal is seeking a Lead Cyber Threat Analyst to fulfil a requirement for a potential government client. The Lead Cyber Threat Analyst is responsible for identifying, analyzing, and mitigating advanced cyber threats targeting federal systems and critical infrastructure. This role focuses on proactive threat hunting, intelligence analysis, and developing strategies to detect and disrupt adversary tactics, techniques, and procedures (TTPs). The Lead Cyber Threat Analyst will lead a team of analysts, collaborate with SOC and incident response teams, and provide actionable intelligence to strengthen the organization's cybersecurity posture. This position requires deep expertise in threat analysis, malware research, and adversary emulation within highly regulated environments. Responsibilities Lead cyber threat analysis and intelligence operations to identify emerging threats and vulnerabilities. Conduct proactive threat hunting across enterprise and cloud environments using advanced analytics. Analyze adversary TTPs and develop detection strategies aligned with MITRE ATT&CK framework. Oversee malware analysis, reverse engineering, and forensic investigations for complex incidents. Integrate threat intelligence feeds into SOC workflows and detection platforms. Leverage AI-driven threat detection techniques to enhance predictive and adaptive security capabilities. Apply Zero Trust principles across detection, response, and access control strategies to strengthen enterprise resilience. Implement cloud-native security solutions to safeguard workloads and data in multi-cloud environments. Prepare and deliver executive-level threat reports, risk assessments, and strategic recommendations. Collaborate with SOC, incident response, and engineering teams to enhance detection and response capabilities. Maintain and update threat intelligence platforms and knowledge bases. Support development of playbooks for threat hunting and incident response automation. Ensure compliance with federal cybersecurity frameworks (NIST 800-series, RMF, TIC 3.0). Mentor and coach junior analysts to develop technical expertise and career growth. Manage cross-functional SOC projects, ensuring alignment between threat analysis, incident response, and engineering teams. Drive process improvements and best practices across SOC operations to enhance efficiency and resilience. Basic Qualifications Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience and 4 years' experience in IT Solutions at senior management Certified Information Systems Security Professional (CISSP) Certified Security Analyst, Certified Ethical Hacker, or similar certifications Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended) Information Technology Infrastructure Library (ITIL) 4 Foundation 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical BPAs/contracts US Citizen with the ability to pass a comprehensive government background check Preferred Qualifications Experience managing or supporting cybersecurity operations, including SOC functions, in a federal or highly regulated environment Experience leading cybersecurity programs within federal civilian agencies Master's degree in a technical or management-related field GIAC (GCTI, GCFA) or AWS/Azure security certifications Knowledge of RMF, NIST 800-series, OMB A-130, and TIC 3.0 policies Experience with performance-based contracts and cross-functional team leadership Strong communication skills, including experience delivering executive briefings and incident communications Expertise in threat intelligence platforms (TIPs) and SIEM tools (Splunk, Elastic). Familiarity with SOAR platforms and automation for threat detection and response. Experience with malware reverse engineering and memory forensics. Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and threat modeling methodologies. Hands-on experience with cloud threat analysis (AWS, Azure, GCP) and container security. Ability to lead advanced threat hunting campaigns and mentor junior analysts. Understanding of nation-state threat actors and advanced persistent threats (APTs). Experience integrating threat intelligence into vulnerability management and risk scoring. Knowledge of scripting languages (Python, PowerShell) for automation and custom detection. Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law. Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. #J-18808-Ljbffr

The Information Technology Department of Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC office or may work 100% virtual/remote in a firm-approved U.S. state as part of the “Gideon” office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm's IT and application infrastructure and the confidentiality, integrity, and availability of the firm's data in support of enterprise IT objectives and client service delivery needs. Responsibilities Security Operations Performing security log and event analysis using EDR, SIEM and log aggregation systems. Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems. Maintaining and managing security toolsets such as Application control systems, EDR/AV, Email Security platform, Attack simulation platform, Threat intelligence/hunting, and Security related artificial intelligence tools. Supporting security incident response and investigation efforts as directed. Helping validate and track IT operational activities to ensure compliance with policy, standards, and other applicable requirements. Researching and identifying security vulnerabilities and relevant industry/cybersecurity trends for follow-up and action. Regularly reporting and tracking IT security events and metrics along with remediation activities. Helping support third‑party risk management efforts as assigned. Helping support the firm security awareness training program as assigned. Helping support the firm's IT Compliance efforts as assigned. Participating in IT Security on‑call rotation. Security Engineering & Architecture Advising and assisting with planning of security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control. Reviewing newly requested applications and SaaS and application changes for security impacts and possible remediation to address security risk. Actively participating in the enterprise Change Advisory Board (CAB). Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures. Helping to develop and contribute to security policies, standards and procedures. Qualifications Education/Experience Four‑year college degree preferred; equivalent experience will be considered. Minimum of three (3) years of experience in Information Security, or equivalent experience in IT-related fields with secondary security responsibilities. Technical Skills Experience and understanding of Windows, Unix/Linux, and Active Directory. Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, and routing protocols. Experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, application security, and cloud security. Proficient in Windows operating systems, Microsoft Office Suite, and related software. Skilled in leveraging artificial intelligence tools for daily work. Strong remote collaboration capabilities. Communication & Writing Communicate complex technical information clearly to non-technical audiences. Excellent oral and written communication, including reports, business correspondence, and procedure manuals. Effective presenter to diverse groups, including managers, clients, and the public. Ability to identify and apply the appropriate method of communication. Professionalism & Judgment Strong personal initiative, judgment, and professionalism. High level of confidentiality and discretion. Exceptional client service for both internal and external stakeholders. Problem‑Solving & Strategic Focus Strong problem‑solving skills and strategic thinking. Ability to define goals, prioritize tasks, and follow through to achieve results. Detail‑oriented with excellent organizational and time‑management skills. Capable of handling multiple tasks in fast‑paced environments. Flexibility & Commitment Reliable, dependable, and motivated. Flexible to work additional hours as needed. Willingness to travel (1-4 weeks per year, or more if required). The anticipated base salary for this position is $122,000 to $160,000. The actual base salary offered will depend on a variety of factors, including, without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. The firm may provide a discretionary bonus annually. Arnold & Porter is an equal opportunity employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex, pregnancy and childbirth (including breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state or federal laws, rules or regulations. Our Firm's equal opportunity policy applies to all employment practices and terms and conditions, including, without limitation, recruitment, employment, assignment, training, compensation, benefits, promotions, disciplinary action and terminations. For purposes of the firm's Anti-discrimination and Anti-harassment Policies, the term "race" includes, without limitation, traits historically associated with race, including, but not limited to, hair texture and protective hairstyles, such as braids, locks, and twists. #J-18808-Ljbffr

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in‑office culture with specific requirements for office‑based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role‑specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities In-depth analysis of malware, including authoring analysis reports. Tracking malware campaigns, malicious actors, and related infrastructure. Creation of tools and scripts to assist in the analysis of malware analysis. Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications Strong direct experience of analyzing malware. Intermediate to advanced malware analysis skills. Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e‑crime, and cyber espionage actors. Experience creating tools and scripts to accelerate malware and threat analysis. Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. Experience authoring YARA, Suricata, and EKFiddle detection rules. Experience with penetration testing and/or adversary emulation is a plus. Able to work independently on tasks, but also work well within a team environment. Desired Qualifications Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills Cyber Security Data Privacy and Protection Problem Solving Process Management Threat Analysis Business Acumen Data and Trend Analysis Interpret Relevant Laws, Rules, and Regulations Risk Analytics Stakeholder Management Access and Identity Management Data Governance Encryption Information Systems Management Technology System Assessment Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - CO - Denver - 1144 15th St - Denver GIS (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540) Pay and benefits information Pay range $95,700.00 - $144,900.00 annualized salary, offers to be determined based on experience, education and skill set. Discretionary incentive eligible. This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company. Benefits This role is currently benefits eligible. We provide industry‑leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve. #J-18808-Ljbffr

A high-tech company is seeking a Lead Security Engineer to oversee cybersecurity operations within the DC area. The ideal candidate will lead efforts to ensure compliance with federal security standards while managing vulnerabilities and incidents. Qualifications include a Bachelor's in Cybersecurity, 8-10 years of relevant experience, and necessary security clearances. The position offers a competitive benefits package, including health and retirement plans, within an office setting with occasional travel expectations. #J-18808-Ljbffr

A leading cybersecurity firm is seeking an Information Systems Security Engineer (ISSE) to support secure, mission-focused information systems in a high-impact government environment. The ISSE will work on cybersecurity controls design, implementation, and maintenance, ensuring systems meet federal requirements. The ideal candidate will have 3-5 years in cybersecurity, TS Clearance, and practical experience with NIST RMF as well as familiarity with various security tools. This role offers the opportunity to contribute significantly to the security of government missions. #J-18808-Ljbffr

A technology firm is seeking a Software Engineer to design, develop, and integrate secure computing environments supporting critical mission objectives. The role requires experience in full-stack development, AWS services, and Infrastructure-as-Code tools. Ideal candidates will collaborate with cross-functional teams and possess strong scripting skills. Preferred certifications include AWS Certified Solutions Architect. This position is based in Washington, D.C. #J-18808-Ljbffr

A tech solutions provider based in Washington is seeking an experienced Information Assurance Engineer / Security Manager to lead the development and management of security infrastructure. The ideal candidate will have 15+ years in information security, overseeing security projects, and enhancing compliance. Strong leadership and communication skills are essential for mentoring a high-performing team. This role offers an opportunity to impact the security strategy and operations significantly. #J-18808-Ljbffr

A leading technology consulting firm is seeking a DevSecOps Architect with over 12 years of experience in building secure and scalable solutions. The role demands strong proficiency in automation tools, cloud security, and container orchestration. Ideal candidates will possess cloud certifications and an active TS/SCI Clearance. This position offers the opportunity to work in a fast-paced environment while collaborating effectively with both technical and non-technical stakeholders. #J-18808-Ljbffr

A leading defense contractor in Bethesda is hiring for a cybersecurity position that requires a BA/BS degree and 10+ years of experience. Candidates will manage Information Systems security policies, develop cybersecurity plans, and analyze vulnerabilities. Familiarity with Linux and ISSM or ISSO experience is essential. This role offers a competitive salary ranging from $104,650 to $189,175, providing an opportunity to work with cutting-edge technologies while supporting the US Navy. #J-18808-Ljbffr

Computational Physics, Inc. (CPI) is seeking a Network Security Engineer to supportour customers at the United States Naval Observatory (USNO) in the deployment andmaintenance of its new Precise Time and Astrometry Network. Background The USNO is responsible for the production and dissemination of precise parametersconcerning time, star positions, and the earth's rotation to the Department of Defense(DoD) and intelligence community, other U.S. Government (USG) users such as NASAand the National Oceanic and Atmospheric Administration (NOAA), as well as non-USG civilian and international users. Distribution of these parameters supports GPSnavigation, among other applications, an important national and international function. Areliable, secure, maintainable and manageable USNO network is crucial to theproduction and dissemination of these data products. The successful candidate will: Provide direct technical support to the Precise Time, Celestial Reference Frame,Earth Orientation, and DevSecOps Departments at USNO. Work with USNO Information Assurance staff to ensure compliance with DoDcybersecurity requirements. Prepare and maintain associated documentation. The position will be located at the U.S. Naval Observatory in Washington D.C. Partial telework may be permitted in accordance with applicable Navy and Observatory guidance in effect at the time. Salary will be commensurate with experience and qualifications. CPI offers an excellent package of benefits. Qualifications 7+ years of experience managing and configuring Cisco Routers, Switches,Juniper SRX, Cisco NGFW and Cisco ASA Firewalls. Experience Configuring, STIG/Patching, Troubleshooting and Replacing Ciscoand Juniper equipment Proficient in Cisco ISE management Knowledge of PKI, CAC/ALT-token authentication, and certificate lifecyclemanagement Experience with Cisco Anyconnect VPN and RAVPN access. Familiarity with virtual machine management for Cisco ISE Experience with DISA STIGs, SCAP benchmarks, and ACAS/Nessusvulnerability remediation Experience with console cables and physical connections to Network Equipment Understanding of Kerberos, LDAP, and Multi-Factor Authentication concepts Experience integrating systems with monitoring tools (e.g., SolarWinds) Networking fundamentals: TCP/IP, DNS, DHCP, VLANs, and firewall concepts CompTIA Security+ CE or equivalent DoD 8570 certification (required) Cisco CCNP or CCNP Security desired A Top Secret security clearance is required for this DoD contract About CPI We love science! We study the physical properties of the Earth and our atmosphere, neighboring planets, and the sun. We make the study of science practical by translating our findings into products, both hardware and software, that make our customer's lives easier and better. CPI has served various U.S. Government agencies, universities, international science organizations, prime contractors, as well as commercial customers for 40 years. CPI is an employee-owned company - our team members receive company stock. Employee ownership motivates and empowers increased productivity, contribution to the longevity of the business, improved retention, and enhanced employee engagement. Why Work for Us? Competitive salary and comprehensive benefits Positive, upbeat, and transparent company culture with opportunities for self-development and career advancement Employee-owned small business that allows team members to learn from each other and take ownership Professional development support including conference attendance and certification training Benefits 401(k), Profit Sharing and an Employee Stock Ownership Plan (ESOP) Disability insurance (short-term and long-term) Flexible schedule Flexible spending account Health, Dental and Vision insurance Life insurance Paid time off Parental Leave Tuition reimbursement CPI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you need a reasonable accommodation for any part of the employment process, please contact us and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. #J-18808-Ljbffr

Job Title: Cybersecurity and Network Security Engineer Job Type: Full-time Dynanet started with a focus on IT infrastructure and operations, helping organizations enhance their networks and overcome the limitations of 1990s technology. From strengthening communication channels to introducing innovative ways to collaborate and share information, Dynanet played a crucial role in shaping the early stages of digital transformation. The company's efforts helped organizations build the very fabric of connectivity that now powers our modern world. Over the last three decades, Dynanet has grown into a trusted partner for organizations looking to innovate boldly and transform seamlessly. While technology continues to evolve and unlock new opportunities, for nearly 30 years, Dynanet remains committed to delivering cutting-edge solutions that drive lasting change for its customers. Through agility, foresight, and an unwavering dedication to excellence, Dynanet continues to empower organizations to thrive in a rapidly changing digital landscape. Our story is more than just a story of technology - it's a story of vision, growth, and transformation that has shaped the past and continues to pave the way for the future. Taking inventory of client's hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks. Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework. Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly. Deploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions. Reviewing US government cyber security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework. Reviewing administrative, technical, and cybersecurity controls and providing recommendations to mitigate the identified cyber security risks. Performing cyber security vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendations to remediate the identified issues. Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects. Travel to the NIH sites as required. Preferred Professional Skills: Certified SCADA Security Architect (CSSA) GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection) ISA/IEC 62443 Cybersecurity Certificates Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.) Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53) A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.) Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting Prior experience Control System Engineer or SCADA Engineer working in manufacturing environments or power generation facilities Certified professional engineer The ICS/OT Cybersecurity and Network Security Engineer shall demonstrate: High integrity A willingness to go beyond the ordinary to meet and exceed client expectations A desire for continual challenges and development Excellent written and verbal communication skills Dynanet Team Requirements and Expectations: Possess Strong written and verbal communication skills. Highly organized with an ability to prioritize, balance, and effectively advance multiple competing priorities in a high-volume, fast-paced environment. Ability to interact in a professional and collaborative manner with fellow Dynanet Teammates and the clients, and business partners that we work with. Ability and desire to challenge and educate yourself to support and advance IT services delivery in the Federal agencies we serve. Excellent judgment and creative problem-solving skills. Respond to team member and client requests via email, MS teams, or other communication means during core business hours. Active listening skills to understand clients' needs, and collaboration skills to work with other developers and designers. Education/Experience Requirements: Certified Information Systems Security Professional (CISSP). Bachelors Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field. Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, Perdue Reference Model etc.). Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.). A minimum of Five (5) years “hands on” experience assessing, designing, and implementing ICS/OT network architectures. Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architecture and communication technologies. Experience with Nazomi Cyber-Physical System (CPS). #J-18808-Ljbffr

About Us: We are a dynamic technology services company based in Washington, DC, specializing in cutting-edge network solutions. We are seeking a skilled Network Engineer to join our team to ensure the seamless operation and optimization of our network infrastructure. Job Summary: The Network Engineer will be responsible for troubleshooting and managing Cisco routing and switching (R/S) environments, handling Layer 2 networking with some routing, and working extensively with Palo Alto firewalls. This role requires hands-on experience with Panorama-managed firewalls, familiarity with legacy network migrations, and policy optimization on Palo Alto systems. Key Responsibilities Troubleshoot and maintain Cisco routing and switching (R/S) infrastructure, focusing on Layer 2 and routing protocols. Manage and optimize Palo Alto firewalls using Panorama. Perform Cisco-to-Palo Alto migrations, ensuring minimal downtime and optimal configurations. Work with OSPF and MPLS protocols to maintain a robust and efficient network. Collaborate on legacy infrastructure transitions and provide expertise for policy optimization on Palo systems. Operate in a hybrid work environment, primarily onsite (4-5 days a week). Coordinate with remote team members to ensure network consistency and performance. Qualifications Proven experience with Cisco routing and switching (R/S) technologies. Strong understanding of Layer 2 networking and routing protocols. Proficiency in Palo Alto firewalls and Panorama management. Hands-on experience with Cisco-to-Palo Alto migrations and legacy network systems. Familiarity with OSPF, MPLS, and other networking protocols. Ability to work in a hybrid setting with flexibility to be onsite 4-5 days a week. Strong troubleshooting and problem-solving skills with a detail-oriented mindset. Preferred Skills Experience with policy optimization and fine-tuning firewall configurations. Strong interpersonal skills and the ability to work both independently and in a team setting. Familiarity with large campus environments and hybrid work structures. What We Offer Competitive salary and benefits package. Opportunity to work on innovative projects in a collaborative environment. Professional growth and development within a technology-forward company. If you are passionate about network engineering and thrive in a hands-on, dynamic environment, we would love to hear from you! #J-18808-Ljbffr

Be Challenged and Make a Difference In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. Description of Task to be Performed: AnaVation is looking for a Sr. Systems Security Engineer to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members. Responsibilities Perform hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications. Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance. Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles. Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs. Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF). Conducting, configuring, and managing vulnerability scans. Conducting vulnerability remediations, patching, and system hardening. Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls. Support security assessments, audits, and accreditation/authorization (ATO) activities. Document security configurations, engineering solutions, and compliance evidence. Troubleshoot and resolve security-related technical issues in a timely manner. Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans. Providing Incident Response (IR) activities including triage, investigation, interviewing, resolving, and reporting on events. Promoting information security awareness across the program, ensuring security controls and processes are implemented. Presenting vulnerability analysis to system owners and leadership. Required Qualifications 5-10 years of experience in information system engineering and configuration management. 5 years of experience in control implementation and secure system engineering or design. Excellent communication skills. Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management SIEM tools (e.g., Splunk) Vulnerability Scanning tools (e.g., Tenable, Nessus) EDR tools (e.g., Crowdstrike) Web App Scanning tools (e.g., Burpsuite, Acunetix) Active Directory SANs VMWare Networking Devices Expertise in batch, bash, and/or PowerShell scripting Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership). Experience configuring and operating enterprise storage across networks (SAN) Server visualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc) Experience with: Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases Agile Methodologies GRC Tools (e.g., CSAM) Strong desire to learn, grow and be highly motivated. Certifications: OS specific certifications, Security + Personnel assigned to this task shall possess a blend of strong technical skills (networking, operating systems, security tools, programming, encryption) and essential soft skills (problem-solving, critical thinking, communication, collaboration) to design, implement, and maintain an information system's security control implementation. Desired Qualifications Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP Understanding of servers and security tools Education: Bachelor's degree in Engineering, Computer Science, or Information Systems Certifications: CompTIA Server+, Cloud certifications (AWS, Azure, Google), Network+, CCNA, RHCSA, Azure (AZ-104, AZ-204, AZ-500, AZ-305), AWS Solutions Architect Benefits Generous cost sharing for medical insurance for the employee and dependents 100% company paid dental insurance for employees and dependents 100% company paid long-term and short-term disability insurance 100% company paid vision insurance for employees and dependents 401k plan with generous match and 100% immediate vesting Competitive Pay Generous paid leave and holiday package Tuition and training reimbursement Life and AD&D Insurance About AnaVation AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team. If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you! AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. #J-18808-Ljbffr

A leading financial institution in Washington, DC is seeking a cybersecurity expert to enhance its malware defense team. Responsibilities include analyzing malware, tracking campaigns, and authoring reports. The ideal candidate must possess strong malware analysis skills, experience in creating analytical tools, and a solid understanding of network traffic analysis. This position offers an annual salary between $95,700.00 and $144,900.00 based on experience, alongside robust benefits aimed at ensuring employee wellness. #J-18808-Ljbffr

Evolver Federal is seeking a Senior Security Engineer to fulfill a requirement for a potential government client. The Senior Security Engineer is responsible for designing, implementing, and maintaining advanced security solutions to protect federal systems and data. This role prioritizes continuous monitoring, FISMA compliance, and OIG audit readiness while engineering secure architectures, integrating cybersecurity technologies, and ensuring adherence to federal standards such as NIST 800-series, RMF, and TIC 3.0. The Senior Security Engineer will work closely with SOC teams, architects, and program managers to deliver robust security capabilities across cloud (AWS GovCloud, Azure Government), on-premises, and hybrid environments. This position requires deep technical expertise, hands-on experience with security tools, and the ability to lead engineering efforts for mission‑critical systems in highly regulated environments. Responsibilities Design and implement security solutions for enterprise and federal environments, ensuring compliance with RMF and NIST guidelines. Engineer secure configurations for SIEM, SOAR, EDR, and vulnerability management platforms. Support Tier 2/3 SOC analysts by developing advanced correlation rules for Splunk and optimizing detection workflows. Support SOC operations by integrating advanced detection and response capabilities. Conduct security assessments, penetration testing, and risk analysis for critical systems. Implement continuous monitoring and automated compliance reporting to meet Department of Labor and federal requirements. Develop and maintain security engineering documentation, including system security plans and architecture diagrams. Collaborate with architects and program managers to align security engineering with strategic objectives. Lead efforts to integrate security into DevSecOps pipelines and CI/CD workflows. Provide technical expertise during incident response and forensic investigations. Evaluate emerging technologies and recommend enhancements to improve security posture. Define and track measurable outcomes such as MTTR reduction, SLA adherence, compliance score improvements, and false positive reduction to meet performance‑based contract KPIs. Coordinate with federal stakeholders (CISO, ISSOs, AO) and provide audit support for ATO processes. Ensure adherence to performance‑based contract requirements and federal cybersecurity mandates. Basic Qualifications Bachelor's Degree in Computer Science, Information Management (IM), Information Technology, Engineering, or equivalent with 6 years of technical experience, or 4 years' experience in IT Solutions at senior management Certified Information Systems Security Professional (CISSP) mandatory with Information Systems Security Engineering Professional (ISSEP) concentration Project Management Institute (PMI) Project Management Professional (PMP) (Highly Recommended) Information Technology Infrastructure Library (ITIL) 4 Foundation 10 years of successful enterprise experience in an IT or technology-related field, with the last 5 years, on large government technical contract/BPAs US Citizen with the ability to pass a comprehensive government background check Preferred Qualifications Master's degree in cybersecurity, IT, or a related technical field Experience supporting SOC operations in federal or regulated environments Familiarity with RMF, NIST 800-series, OMB A-130, and TIC 3.0 Proven leadership in cross‑functional teams and performance‑based contracts Strong communication skills, including executive briefings and incident reporting Hands‑on experience with SIEM (Splunk, Elastic), SOAR (Cortex XSOAR), and EDR (CrowdStrike, Microsoft Defender). Expertise in cloud security engineering (AWS, Azure, GCP) and container security (Kubernetes, Docker). Familiarity with Zero Trust Architecture principles and implementation strategies. Familiarity Continuous Diagnostics and Mitigation (CDM). Experience with PKI, encryption standards, and secure network design. Knowledge of automation tools for security orchestration and compliance reporting. Ability to lead technical teams and mentor junior engineers in cybersecurity best practices. Experience integrating security controls into large-scale federal systems and mission‑critical applications. Understanding of advanced threat detection techniques and AI‑driven security solutions. Evolver Federal is an equal opportunity employer and welcomes all job seekers. It is the policy of Evolver Federal not to discriminate based on race, color, ancestry, religion, gender, age, national origin, gender identity or expression, sexual orientation, genetic factors, pregnancy, physical or mental disability, military/veteran status, or any other factor protected by law. Actual salary will depend on factors such as skills, qualifications, experience, market and work location. Evolver Federal offers competitive benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. #J-18808-Ljbffr

A technology consulting firm is seeking a Senior Information Security Engineer / Vulnerability Manager in Washington, DC. This role involves identifying and mitigating security vulnerabilities, managing risk-based analyses, and ensuring compliance with federal frameworks. The ideal candidate will possess a degree in Computer Science or Cybersecurity, alongside proven experience in security engineering and vulnerability management. This position is onsite but may require occasional travel. #J-18808-Ljbffr

A dynamic technology services company is seeking a skilled Network Security Engineer to ensure optimal operation of their network infrastructure. This role focuses on troubleshooting Cisco routing and switching environments, managing Palo Alto firewalls, and performing migrations. The ideal candidate should have strong skills in network protocols and problem-solving. The position offers a competitive salary, career growth opportunities, and the chance to work in a hybrid setting, primarily onsite 4-5 days a week. #J-18808-Ljbffr

A leading technology solutions provider in Washington, DC is seeking a Senior Systems Security Engineer. This role involves hands-on engineering and securing multiple operating systems, managing vulnerabilities, and ensuring compliance with security frameworks. Ideal candidates will have 5-10 years of experience in system engineering and strong communication skills. The position offers competitive pay and extensive benefits including paid medical and dental insurance. #J-18808-Ljbffr

TLA is seeking an Information System Security Engineer (ISSE). This is a critical role responsible for designing, developing, implementing, and maintaining secure information systems and networks. The ISSE ensures that security requirements are effectively integrated into systems throughout their entire lifecycle, from design to disposal. This position involves close collaboration with system owners, developers, and other stakeholders to identify vulnerabilities, assess risks, and implement robust security controls in accordance with industry standards and regulatory frameworks such as the NIST Risk Management Framework (RMF) and DoD 8570/8140 guidelines. Responsibilities Security Architecture and Design: Design, develop, and implement network and system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation. Risk Management: Assess and mitigate system security threats and risks throughout the program life cycle, including performing technical security assessments and vulnerability analyses. Compliance and Documentation: Ensure systems comply with applicable security policies, standards, and methodologies (e.g., NIST, DoD, FISMA). Prepare and maintain security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and security assessment reports. Testing and Validation: Plan and conduct security verification testing, using tools like vulnerability scanners (e.g., Nessus, ACAS) to identify weaknesses and ensure controls are in place and effective. Operational Support and Incident Response: Monitor systems for irregular behavior, support security incident response activities, and manage changes to systems while assessing their security impact. Collaboration and Guidance: Serve as a subject matter expert, providing guidance to development, engineering, and program teams on secure design, development, and secure coding techniques. System Hardening: Oversee the implementation of security configuration settings and hardening of systems (e.g., using DISA STIGs) to minimize vulnerabilities. Required Skills and Experience Education: Bachelor's degree in Computer Science, Information Technology, Information Assurance, Information Systems Security Engineering, or a related field (or equivalent experience). Experience: A minimum of 5-8 years of experience in information security engineering, system administration, and/or cybersecurity, with hands‑on experience in implementing security controls and supporting authorization processes. Technical Skills Expert knowledge of security engineering principles, secure architecture, and design concepts. Hands‑on experience with security tools such as vulnerability scanners (Nessus/ACAS), SIEM platforms (Splunk, LogRhythm), and security configuration tools (DISA STIGs, SCAP). Strong understanding of network protocols, firewalls, intrusion detection/prevention systems, encryption techniques, and access controls. Familiarity with various operating systems (Windows, Linux, Unix) and secure configuration management. Experience with risk management frameworks, specifically the NIST RMF and/or DoD 8500 series guidance. Soft Skills Strong analytical thinking, attention to detail, problem‑solving capabilities, and excellent communication skills to collaborate effectively with technical and non‑technical stakeholders. Clearance (if applicable): May require a U.S. Citizenship and an active security clearance (e.g., Secret, Top Secret, or SCI). Preferred Certifications Certified Information Systems Security Professional (CISSP) CISSP-Information Systems Security Engineering Professional (ISSEP) Certified Cloud Security Professional (CCSP) Certified Ethical Hacker (CEH) or GIAC certifications (GSEC, GCIH) AWS Certified Security Specialty, Cisco Certified Network Associate (CCNA) Security, or similar cloud/network vendor certifications. At TLA, we build solutions that matter-supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission‑focused outcomes for our customers. Benefits Competitive salary and performance bonuses Medical, dental, and vision coverage Paid time off and federal holidays 401(k) with company match Education and certification reimbursement Training and professional development opportunities Employee referral bonuses and team events TLA is proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. #J-18808-Ljbffr