Senior information security analyst jobs near me

6 month Contract-to-Hire Contract Rate: $60-67/hr on W2 Salary Conversion: $145-155K, DOE Hybrid; 3 days/week onsite work is required Must be a US Citizen or Green Card/Permanent Resident Ability to obtain a Public Trust Clearance is required Technical Environment (preferred): CSAM, Splunk, Tenable, Palo Alto, Checkmarx Summary: Immediate need for a FISMA Information Security Engineer to bridge the gap between technical security controls and federal compliance requirements. This position involves both security engineering and governance, risk, and compliance (GRC) activities, primarily centered around the Federal Information Security Modernization Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). FISMA/NIST Compliance & Documentation, Auditing & Reporting: Implement and Monitor Controls: Implement, document, and monitor security controls in accordance with NIST SP 800-53 (Security and Privacy Controls for Federal Information Systems and Organizations). Assessment & Authorization (A&A) Support: Support the Authorization process, including contributing to security assessments, control validation, and evidence gathering to achieve and maintain an Authority to Operate (ATO). System Security Plan (SSP) Management: Assist in the development, maintenance, and update of System Security Plans (SSPs), including continuous monitoring strategies and Plans of Action and Milestones (POA&Ms). Coordinate and support Internal & External Security Audits (e.g., Office of Inspector General (OIG), independent assessors). Reporting: Generate reports on security control compliance, vulnerability posture, and POA&M status for stakeholders and the Authorizing Official (AO). Security Engineering & Operations: Control Implementation: Consult on the configuration and management of security tools and systems (e.g., SIEM, vulnerability scanners, intrusion detection/prevention systems) to effectively enforce NIST 800-53 controls. Vulnerability Management: Analyze results, prioritize remediation efforts based on risk to the system's security categorization (e.g., FIPS 199), and track POA&M completion. Incident Response: Participate in security incident response planning and testing activities, ensuring all incidents are documented and handled in compliance with federal reporting requirements. Change Management: Review system and network change requests to ensure security implications are addressed and maintain the security posture of authorized systems. Qualifications: Bachelor's degree in Computer Science, Information Technology, or a related field Relevant security certifications 3-5 years of progressive experience in Federal IT Security Engineering 2-4+ years of experience focusing on federal compliance (FISMA, NIST RMF) Technical environment: CSAM, Splunk, Tenable, Palo Alto, Checkmarx About PRG With 20+ years of success in the staffing industry, Peyton Resource Group focuses on matching talent to the precise needs of our clients. Your success is our commitment, and we back up that commitment by only recommending opportunities that align with your goals. Our candidate-centric approach ensures you are in the driver's seat of your career, and our team of recruiters will partner with you and support you every step of the way. PRG's dedication to service has been widely recognized throughout the industry. PRG has been awarded ClearlyRated's Best of Staffing award for 10+ years, as well as the Business Journal's Best Places to Work in Dallas, San Antonio and Austin.

We are seeking multiple mid-level (5 years minimum) Cyber Defense Incident Responders that are available to work the midnight shift (11pm-7:30am) in a Security Operations Center. Clearance Requirements: Top Secret w/SCI Location: Washington, D.C. Job Description: Coordinate incident response functions. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Basic Qualifications- To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: Bachelor's degree or higher 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have,one of the following certifications: CERT Certified Computer Security Incident Handler (CSIH), ECC Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Information Security Fundamentals (GISF), or ISC2 Certified Information System Security Professional (CISSP). Strong written and verbal communication skills. Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). Knowledge of system administration, network, and operating system hardening techniques. Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Demonstrated ability to interact effectively with senior management and leadership. Ability to design incident response for cloud service models. Knowledge of incident categories, incident responses, and timelines for responses. Knowledge of incident response and handling methodologies. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) Desired Skills Experience identifying, capturing, containing, and reporting malware. Skill in preserving evidence integrity according to standard operating procedures or national standards. Strong securing network communications experience. Recognizing and categorizing types of vulnerabilities and associated attacks. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Experience performing damage assessments. Skill in using security event correlation tools and design incident response for cloud service models.

Chief Information Security Officer (CISO) The Chief Information Security Officer is a senior executive responsible for defining and overseeing the enterprise-wide vision, strategy, and execution of information security programs that safeguard all organizational data and technology. Reporting directly to the CEO and/or Board of Directors, the CISO plays a pivotal role in managing security risk across both the Academic/Research and Clinical/Patient Care operations of the integrated university and hospital system. Position Details Salary: $250-2750k Type: Full-time, direct hire Location: Washington DC, onsite 3 days a week Strategic Direction & Executive Leadership Build and execute a long-term cybersecurity vision that supports the institution's academic initiatives, research priorities, and clinical mission. Lead and develop the security department, offering coaching, structure, and direction to cybersecurity personnel and partner teams. Establish the organization's security policies, governance models, and standards to ensure consistent risk management practices. Oversee financial planning for cybersecurity, including technology investments, service contracts, and budget management. Risk Oversight & Regulatory Alignment Supervise all risk assessments, compliance reviews, and internal/external audits, ensuring timely closure of any identified risks. Maintain adherence to all regulatory requirements applicable to both sectors: Hospital/Clinical: HIPAA/HITECH, CMS guidelines, and relevant state-level data protection rules. University/Research: FERPA, NIST SP 800-171 for research compliance, and PCI DSS for payment and donation processing. Direct the institution's incident management program-coordinating preparation, testing, and response efforts during cybersecurity events affecting either environment. Operational Security Management Lead the selection, deployment, and ongoing support of cybersecurity technologies (e.g., SIEM tools, firewalls, intrusion detection systems, endpoint protection). Oversee vulnerability assessments, penetration testing initiatives, and continuous monitoring activities. Work closely with IT, engineering, research teams, and clinical technology leaders to incorporate secure design principles into all systems and projects. Communication, Influence & Education Act as the organization's primary authority on cybersecurity matters for executives, trustees, faculty, students, clinicians, and administrative teams. Create and oversee training and awareness programs tailored to the specific needs of academic users, researchers handling sensitive data, and clinical professionals. Provide routine briefings to senior leadership and the Board on emerging risks, ongoing initiatives, and the overall security posture. Required Qualifications Education: Bachelor's degree in Computer Science, Information Systems, or a related technical field (Master's preferred). Professional Background: At least 10 years of progressive cybersecurity experience. Minimum 5 years serving in a senior leadership capacity (e.g., CISO, Security Executive, VP of Cybersecurity). Dual-sector experience: Strong understanding of both healthcare and higher-education cybersecurity and regulatory environments. Certifications: One or more required-CISSP, CISM, or equivalent. Key Skills & Core Competencies Advanced knowledge of enterprise security design, network and cloud protection strategies, and modern risk evaluation techniques. Strong familiarity with frameworks such as NIST Cybersecurity Framework, ISO 27001, and the MITRE ATT&CK model. Outstanding leadership presence with the ability to collaborate, influence, and guide diverse groups across a complex institution. Demonstrated success in leading security incident response efforts and handling high-pressure situations. Proven ability to implement practical, scalable security practices in environments balancing open research culture with rigorous patient data protection requirements.

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

As the Director of Information Security - Architecture & Engineering, you'll lead the teams responsible for building our enterprise security architecture and engineering capabilities. Think of yourself as the studio head of cybersecurity - setting the vision, defining the standards, and ensuring every system, app, and network across the group is secure by design. You'll partner closely with our CISO, technology leaders, and global business teams, creating a seamless blend of innovation and protection that keeps our guest experience running as smoothly as the final cut. Your Responsibilities (Featured Roles) Strategic Leadership & Governance Set the enterprise-wide security architecture strategy that keeps our global operations safe from opening credits to end credits. Partner with our CISO and executive teams to evolve the cybersecurity roadmap - balancing bold innovation with airtight protection. Establish the security standards, patterns, and blueprints that guide teams across multiple business units and regions. Lead and mentor a team of world-class security architects and engineers. Architecture & Engineering Excellence Architect secure solutions across cloud, on-prem, and cinema technology environments - from POS to mobile apps to loyalty systems. Embed security-by-design into every technology initiative, ensuring new systems roll out like polished premieres. Oversee secure vendor integrations, payment systems, and global platform partnerships. Drive DevSecOps adoption across engineering teams. Operational Security Engineering Direct the engineering of our critical security stack: SIEM, EDR/XDR, IAM, firewalls, vulnerability tools, encryption, and more. Implement automation and orchestration across monitoring and response workflows - reducing time-to-detect and time-to-respond. Ensure secure patching, configurations, and cloud posture management. Provide expert architectural guidance during major incidents. Compliance, Risk & Assurance Ensure alignment with PCI-DSS, ISO 27001, NIST CSF, and Cineworld governance standards. Lead threat modeling, risk assessments, and continuous improvement programs. Build dashboards and metrics to spotlight security maturity and resilience. Collaboration & Influence Partner with Cinema Operations, Guest Experience, Data Analytics, and Corporate IT - ensuring security is part of the storyline early and often. Communicate complex issues clearly to technical and non-technical audiences. Build strong vendor relationships that uphold our cybersecurity expectations. Who We're Looking For 10+ years of information security architecture or engineering experience; 5+ years leading teams. Proven success securing enterprise and cloud environments at scale. Expertise with AWS/Azure security, zero-trust, microservices, DevSecOps, and secure design. Familiarity with tools like CrowdStrike, Splunk, Palo Alto, Okta, Qualys. Strong communication, leadership, and storytelling skills. Bonus points for CISSP, CISM, SABSA, or cloud security certifications. Experience in entertainment, retail, hospitality, or other consumer-centric industries is a plus.

Cyber Security Engineer (Remote) Client: PCAOB - Public Company Accounting Oversight Board Employment Type: Contract Sponsorship: Not Available We're seeking a Cyber Security Engineer (Contractor) to join PCAOB's Security Operations team within the Office of Technology. You'll help monitor and respond to cyber threats, perform incident analysis, and support core security operations that protect PCAOB's technology environment. Key Responsibilities: Monitor security events and triage potential threats or anomalies. Participate in incident response, forensics, and data investigations. Support e-discovery and escalation processes to the Cyber Security team. Collaborate with internal teams to maintain cyber hygiene and compliance. Ensure operational continuity during closures or critical events. Preferred Qualifications: 3+ years' experience in a Security Operations Center (SOC) role. Expertise in endpoint protection, IDS/IPS, firewalls, SIEMs, and log analysis. Familiar with HTTP/TCP/IP analysis, vulnerability assessments, and encryption. Understanding of Linux, Windows, and cloud environments (Azure preferred). Knowledge of email security, CASB, VPN, and malware defense tools. Excellent analytical, communication, and problem-solving skills.

Our client Dscout is a flexible Experience Research Platform for capturing in-context insights from high-quality participants, bridging the gap between product teams and users. Leading brands like Sonos, Spotify, Duolingo and Best Buy use Dscout to test ideas, iterate quickly, collaborate, and build confidently. We are expanding our smart and driven team and would love for you to join us. We are looking for a Cybersecurity Engineer to become a part of the Cybersecurity team reporting to the VP, Compliance and Information. The Cybersecurity Engineer will contribute to reducing risk within the Dscout SaaS environment and internal IT systems. This includes planning and implementing cybersecurity controls, supporting cybersecurity operations, and monitoring the threat landscape. This role will ensure Dscout controls operate effectively over time. What You Will Do Lead the process to build security into the Dscout SaaS environment. This includes applying security throughout the software development lifecycle. Collaborate with Engineering to plan and implement cybersecurity controls to protect the SaaS environment. This includes applying leading practices to secure AWS resources (e.g., VPCs, EC2 instances, and containers). Continually enhance security monitoring of the SaaS environment and internal IT services by implementing SIEM and working with Engineering to continuously improve logging and auditability. Assess evolving threats and develop recommendations to mitigate risk to Dscout. You will provide weekly threat intelligence reports highlighting potential risk to the organization. Work side-by-side with Engineering to analyze, contain, and mitigate cyber attacks and other related incidents. Perform vulnerability monitoring and, where appropriate, ensure remediation. Participate in the development of security policies and processes. Assist third party risk reviews. Provide recommendations to continually improve security controls. Assist in development of security programs and efforts to promote security awareness. What you need to have (we can call them Desired Skills and Background): Experience working with developers to conduct security reviews and provide strong recommendations to manage risk. This includes a strong understanding and practical use of OWASP Top 10 (web and AI). Experience securing AWS cloud environments and infrastructure as code solutions such as Terraform. Proven ability to implement security monitoring tools such as Datadog. This includes the ability to identify relevant scenarios and ensure proper logging. Experience responding to cyber attacks such as bots and account compromise as well as threats like data leakage and infected computers. Strong knowledge of cloud computing environments. Working knowledge of security in software development and continuous integration/continuous delivery (CI/CD). Experience documenting and implementing security policies and processes. Knowledge of security frameworks and standards: ISO 27001, NIST, or SANS preferred. Experience with HITRUST and/or SOC 2 certification is preferred. Good communication, documentation and presentation skills. Limitless curiosity and insatiable appetite to understand human behavior and relevant technologies. Background Bachelor's degree is preferred CISSP, CCSP, or GIAC security certification preferred A minimum of 3 years of security experience Of course, what is outlined above is an ideal set of expectations, but things may shift based on business needs, and other projects and tasks could be added at the discretion of your manager. About Dscout Dscout is a team of passionate, empathetic, and curious professionals. As a recognized leader in the Forrester Wave, we're at the cutting edge of experience research technology. The power of research drives us-how in-context insights from real people can build more enjoyable products and services. We prioritize learning, sharing, and building. We also deeply value being a diverse and inclusive team and company and look for team members who align with that belief. Join our dynamic team and help shape product roadmaps and business strategies for the world's most loved brands. It doesn't stop there. When you join the Dscout team, you will get: * A strong and competitive compensation package with a built-in bonus and equity program. * An incredible and progressive benefits package (for both you and your dependents) to support work/life balance, including flexible PTO, 16 company holidays, 12 weeks of paid parental leave, 401k match, and much more. * An education stipend to support your growth & development and a remote work stipend. * A company that is open and transparent with our team. You will know what is happening and why it matters. Dscout is an equal-opportunity employer that values diversity. We do not discriminate based on identity, including race, color, religion, national origin or ancestry, sex, gender identity and expression, age, physical or mental disability, pregnancy, veteran or military status, unfavorable discharge from military service, genetic information, sexual orientation, marital status, order of protection status, citizenship status, arrest record or expunged or sealed convictions, or any other legally recognized protected basis under federal, state, or local law. If you need reasonable accommodations for any part of the employment process, please email us at accommodations@dscout.com with the nature of your request and your contact information. We'll do all we can to ensure you're set up for success during our interview process while upholding your privacy, including accommodation requests. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. When you apply at Dscout, we will process your job applicant data, including your employment and education history, transcript, writing samples, and references, as necessary to consider your job application for open positions. For more information about our privacy practices, please visit our Privacy Policy. Dscout participates in the E-Verify program in certain locations, as required by law. NOTE: DSCOUT NEVER CONTACTS JOB APPLICANTS VIA TEXT, MESSENGER, OR OTHER SIMILAR APPLICATIONS. BE AWARE OF PHISHING AND SPOOFING SCAMS, BOTH VIA TEXT AND EMAIL. ONLY RESPOND TO EMAILS FROM DSCOUT.COM #BI-Remote #LI-Remote

IF YOU DO NOT HAVE THE REQUIRED BACKGROND IN THE U.S. COMMERCAL NUCLEAR INDUSTRY, PLEASE DO NOT APPLY. Immediate opening for a Cyber Security Engineer with commercial nuclear background, to perform design modifications (involving digital upgrades) as well as preparing cyber assessments on those digital components. Prefer direct/perm hire, will consider contract. This person will be the go-to individual for Cyber related projects. Must be familiar with NEI-08-09, EPRI graded approach, have digital mod experience, and extensive understanding of plant SSC (Safety Classification of Structures, Systems, and Components). Site Cyber qualifications to perform CSAT (Cyber Security Assessment Team) would be a plus. Compensation based on experience, but likely in the 140K-$160K range. JSG offers medical, dental, vision, life insurance options, short-term disability, 401(k), weekly pay, and more. Johnson Service Group (JSG) is an Equal Opportunity Employer. JSG provides equal employment opportunities to all applicants and employees without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, marital status, protected veteran status, or any other characteristic protected by law. #D650

Veteran Owned Firm Seeking a Junior Information Systems Security Officer (ISSO) for an Onsite role in Washington, DC My name is Stephen Hrutka, and I am the owner of a Veteran Owned management consulting firm in Washington, DC focused on Technical/Cleared Recruiting for the DoD and IC. HRUCKUS helps other Veteran-Owned businesses recruit for positions across the VA, SBA, HHS, DARPA, and other cutting-edge R&D related defense agencies. We seek to fill a Junior Information Systems Security Officer (ISSO) position in Washington, DC. The ideal candidate is a DMV resident who holds active TS/SCI clearance with CI-Poly eligibility, a minimum of 3 years of ISSO experience, at least 5 years in a computer science or cybersecurity-related role, hands-on familiarity with tools such as Nessus or NMAP, and a core certification such as CISSP, GISP, or CASP. If you're interested, I'd be glad to provide more details about the role and further discuss your qualifications. Thanks, Stephen M Hrutka Principal Consultant HRUCKUS LLC Executive Summary: HRUCKUS is looking for an experienced Jr. ISSO for an onsite role in Washington, DC. The program provides support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a federal customer. The contract's support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Key Responsibilities: Services to support IS Security performed by the Information System Security Officer (ISSO) at a minimum, shall consist of the following activities: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS Provide liaison support between the system owner and other IS security personnel Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis Conduct required IS vulnerability scans according to risk assessment parameters. Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs) Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO) Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an agency's IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR Provide baseline security controls to the system owner, contingent upon the IS's security categorization, type of information processed, and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems' impact levels and ISs' authorization boundary Ensure that new entities are created in the GRC application with the security categorization of agency ISs Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS Perform an independent review of the System Security Plan (SSP) and make approval decisions Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number Advise the agency Authorizing Official of IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official Ensure the removal and retirement of agency ISs being decommissioned, in coordination with the SO, ISSO, and ISSR. Required Qualifications: Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility At least 3 years serving as an Information Systems Security Officer (ISSO) at a cleared facility Minimum of 5 years of work experience in a computer science or cybersecurity-related field Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP WeblInspect, Network Mapper (NMAP), and/or similar applications. Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level I proficiency Preferred Education: A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline. Details: Job Title: Jr. Information Systems Security Officer (ISSO) Location: Washington, DC 20535 Clearance Requirement: Active Top-Secret Clearance w/ SCI and a CI-Polygraph eligibility Assignment Type: Full-time, Onsite Salary Range: $70,000 - $95,000 per year with benefits: Competitive salary for well-qualified applicants Relocation assistance available for highly qualified candidates 401(k) plan Annual performance bonus Certification and advanced degree attainment bonuses Student Loan / Tuition reimbursement Health Care Insurance (medical, dental, vision) Up to four weeks of paid vacation 11 Federal Holidays, and 3 Floating Holidays Team bonding events

SNOW Security Management Specialist Work Model: Onsite in Manassas, VA (minimum 3 days/week) Duration: Long-term engagement Work Hours: 37.5 per week (no overtime allowed; excess daily hours balanced with time-off during same week) Rate: $50-54/hour C2C Work Authorization: Any status is acceptable Mandatory for Submission: Photo ID Santcore Technologies, on behalf of our client, is seeking a ServiceNow (SNOW) Security Management Specialist to support enterprise-wide security initiatives focused on vulnerability management, security automation, and ServiceNow Vulnerability Response operations. This position plays a critical role in strengthening the organization's security posture across its global infrastructure. This is an onsite role (3 days/week minimum) in Manassas, Virginia, working a 37.5-hour week (7.5 hours/day) as per client policy. Position Overview The SNOW Security Management Specialist will contribute to enterprise security programs by implementing and optimizing vulnerability management processes across hybrid on-prem and cloud environments. The ideal candidate is hands-on with ServiceNow Security Operations (especially the Vulnerability Response Module) and experienced in assessing, prioritizing, and tracking vulnerabilities at scale. You will collaborate closely with global infrastructure, application, and security teams to ensure accurate remediation, consistent risk reduction, and operational excellence. Key Responsibilities Vulnerability & Risk Management Identify, analyze, validate, and triage vulnerabilities across enterprise systems. Perform severity and impact assessments using both base (CVSS) and environmental scoring factors. Prioritize vulnerabilities and track remediation progress based on operational criticality and risk thresholds. Produce structured reports highlighting vulnerability trends, risk posture, and remediation effectiveness. ServiceNow Vulnerability Response (VRM) Lead onboarding activities for partner teams into ServiceNow Security Operations. Configure, support, troubleshoot, and optimize the ServiceNow Vulnerability Response Module. Maintain data accuracy within ServiceNow CMDB, ensuring alignment with asset owners and operational teams. Security Automation & Process Improvements Analyze existing architecture, workflows, and policies to recommend improvements. Identify automation opportunities to streamline threat detection, response, and remediation. Support integration of vulnerability scanners and threat intelligence sources into SNOW workflows. Cross-Functional Collaboration Work closely with global teams across time zones to enable efficient remediation and exception handling. Provide clear, actionable guidance to stakeholders on vulnerability risks and recommended next steps. Data Analytics & Reporting Query and analyze large datasets to uncover risks, patterns, and systemic gaps. Build dashboards, summaries, and executive reports to support security leadership decisions. Required Experience & Skills ( Candidates do not need all skills, but experience in the majority is preferred ) Proven experience in Enterprise Vulnerability Management Hands-on expertise with ServiceNow Security Operations (SecOps) Strong understanding of ServiceNow Vulnerability Response Module (VRM) Solid working knowledge of ServiceNow CMDB Experience with vulnerability scanning tools, risk scoring, and remediation workflows Strong analytical skills with the ability to interpret large data sets Experience collaborating with diverse technical teams across multiple regions Knowledge of impact assessment, risk prioritization, exception handling, and remediation tracking Nice to Have Exposure to patch management processes for on-prem infrastructure Certifications in Cybersecurity or ServiceNow (e.g., Security+, CySA+, SNOW SecOps) Experience integrating security tools with SNOW via APIs or automation workflows

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

Company - Our client is a nationally recognized cybersecurity solutions provider partnering with some of the most prestigious names in financial services and beyond. They deliver cutting-edge cloud and network security transformations with a proven track record of large-scale deployments across Fortune 500 enterprises. This opportunity supports one of the largest and most security-conscious financial organizations in the U.S. Job Title - SASE Security Engineer (Netskope Focus) Location - Tysons, Virginia (Hybrid - onsite 3 days per week) Role Type - 6-Month Contract (1,040 hours) Must Have Skills: 5+ years of hands-on experience in security engineering roles, with at least 3+ years specifically focused on enterprise-scale SASE/SSE deployments Deep expertise in Netskope Security Cloud (SWG, CASB, ZTNA) or similar SASE platforms such as Zscaler or Prisma Access Proven success in migrating from legacy firewalls (Check Point, Cisco, etc.) to Zero Trust, cloud-delivered SASE architectures Strong grasp of networking principles across OSI layers 1-7, SD-WAN, and NGFW policy optimization Experience integrating Netskope with IdP platforms (Ping/Azure AD) and EDR tools to enable contextual access control Responsibilities and Job Details: Own the design, deployment, and operationalization of the global SASE environment using Netskope as the core SSE solution Define and engineer Zero Trust Network Access (ZTNA) policies tailored by user group and application sensitivity Lead legacy policy migration, replacing traditional firewall rules with a tag-oriented unified security policy aligned with Zero Trust principles Optimize SSL inspection by minimizing unnecessary exclusions and improving visibility into encrypted traffic Clean up and harden legacy firewall rule sets, eliminating redundancies and reducing overly permissive access Oversee full lifecycle deployment of Netskope modules including SWG, CASB, ZTNA, RBI, and DLP Ensure seamless integration with enterprise IdPs and EDR solutions to support adaptive, real-time access decisions Serve as Tier 3 technical escalation for Netskope-related issues across Windows and mac OS endpoints Lead Zero Trust transformation efforts across the enterprise security stack Document architecture, design decisions, and configuration standards to support long-term maintainability Work onsite in Tysons, VA three days per week Must commit to this engagement exclusively with no overlapping contracts

ISSO Industry: Government Contracting Our client is seeking a talented ISSO to join their team. This position will support the Assistant Secretary for Administration (ASA) under guidance from the CIO's Information System Security Manager (ISSM). The candidate will ensure a portfolio of 4 systems are in compliance with applicable NIST standards, and provide standard ISSO services. The candidate will also work closely with the other ISSOs supporting the client customers to provide leadership and mentoring and ensure consistent delivery of ISSO services. ISSO Key Responsibilities: · Ensure applicable cybersecurity policies are implemented for systems and information system-related physical security also under purview. · Maintain operational security posture consistent with current security policy. · Report actual or suspected computer-security incidents to DOT CSIRC within time frames established by DOT Incident Response policy for incident types in accordance with US-CERT. · Distribute cybersecurity notices and advisories to appropriate personnel and that vendor-issued security patches are expeditiously installed. · Serve as primary security to system owners, common control providers, and users. · Serve as focal point for cybersecurity incident reporting and subsequent resolution. · Assisting ISSM in reviewing contracts for information systems under the Component's control to ensure that cybersecurity is appropriately addressed in contract language. · Ensure all security-related SDLC documentation meets all identified security needs. · Maintain Security Assessment and Authorization (SA&A) documentation for information systems under purview according to DoT Cybersecurity Policy and Compendium. · Ensure selection of NIST SP 800-53 baseline security controls are appropriate for system based on FIPS 199 security categorization, NIST SP 800-53 guidance, and supplemental DOT policy specified in DoT Cybersecurity Compendium. · Assist System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in POA&Ms IAW DoT policy and procedures. · Track all security education and awareness training conducted for personnel and contractors, as required by DoT Cybersecurity Policy and Compendium. · Provide security advice to AO and System Owner on all matters (technical and otherwise) involving security of the information system. · Ensure required updates are performed to key documents in accordance with NIST SP 800-37 for continuous monitoring. · Identify changes to systems that may impact security controls, perform security impact assessment of proposed changes, report any change in risk posture, and provide recommendations for risk mitigation. · Ensure proper backup procedures exist for assigned information systems and that procedures are performed and tested in accordance with System Security Plan. · Assist System Owner and ISSM to ensure external connections to/from DoT information systems and networks are provided by an approved DoT Trusted Internet Connection Access Provider (TICAP) or DoT-approved Managed TIC Provider Service (MTIPS). · Ensure audit logs are captured, maintained, and analyzed as required by NIST SP 800- 53 and any supplemental Departmental Cybersecurity Policy and the Compendium. · Ensure DoT enterprise information security management system (CSAM or its successors) accurately contains required information system inventory, categorization, POA&Ms and other security metrics required by DoT CIO through this policy. · Complete mandatory annual specialized information security training. ISSO Required Skills:8+ years of experience in IT Security Certified Information Systems Security Professional (CISSP) certification. Understanding of NIST 800.53 and its applicability to IT Systems. Expertise with Risk Management Framework, FEDRAMP and FISMA. Understanding authentication in the cloud environment. Experience with continuous monitoring of a cloud system Experience working on assessments with third party assessments organization (3PAO) AWS/Azure associate certified ISSO Compensation and benefits: $120,000 Company-supported medical, dental, vision, life, STD, and LTD insurance Benefits include 10 federal holidays and PTO. 401(k) with company matching Flexible Spending Accounts for commuter, medical, and dependent care expenses Tuition Assistance

Senior Manager - Global Payment Network Information Security Office (ISO) Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: The Senior Lead ISO Consultant will provide cyber security architecture advisory support needed to build the Technology & Business capabilities on a novel Modern platform, that will enable customer set-up, use, and management of a Capital One Credit Card, including Data Product. In this role, the responsibilities will include: Act as a central Information Security point of contact for the Global Payment Networks line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Collaborating with enterprise cyber teams and tech architects in defining and driving the cyber architecture strategy and guiding principles for the architecting and designing of the modern platforms. Support security architecture and implementation needs for technology modernization efforts Overseeing all cyber related dependencies across the multiple components being built for the modernization effort. Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad-hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Support the team on collectively mapping technologies to a standardized framework in order to identify and execute on best practices in risk reduction through the configuration of cybersecurity tools and platforms. Support the development, modification, and use of capability, risk, or threat classification frameworks and standardization methodologies to facilitate the conduct of correlative capability, maturity, and effectiveness evaluations. Support data validation and communications on the impact of identified operational, compliance, process, control, and tooling gaps and potential remediation courses of action to multiple audiences, including leadership, to support the enhancement of their cybersecurity postures. About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews At least 4 years of experience with cloud security Preferred Qualifications: Bachelor's Degree 7+ years of experience in securing a public cloud environment (AWS, GCP, Azure) 6+ years of cyber security advisory and technology consulting experience 6+ years of experience in Cyber Risk Management 3+ years of experience on cryptography, HSMs and similar systems Knowledge of HPNS, ATM, Mainframe technologies and other payment networks infrastructure technologies Experience in security integration for Mergers and Acquisitions Experience with PCI and Payment Network Compliance. Professional certifications AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. Chicago, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

GovCIO is currently hiring a Senior Information Systems Security Engineer for a program with the US Coast Guard. This position will be located in Alexandria, VA area and will be an onsite only position. This position focuses on maintaining support of cybersecurity, risk management, and compliance across dynamic environments including cloud-based systems, virtual workspace solutions, infrastructure and data center systems, wide area and local area networks (classifiedand unclassified) and software development environments. Responsibilities: The ISSE will bridge compliance and technology-ensuring Coast Guard systems meet cybersecurity and accreditation requirementsunder DoD RMF and NIST SP 800-series guidance, while actively engaging with engineers and administrators to embed security into operations and design. This role requires both policy fluency and technical literacy, particularly in areas like cloud architecture, virtualization, DevSecOps pipelines, workplace productivity solutions, networks and network security, and ICAM solutions. Support the Risk Management Framework (RMF) lifecycle, including categorization, control selection, assessment, and authorization. Develop and maintain key documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms. Collaborate with infrastructure, DevSecOps, and cloud engineering teams to ensure security controls are implemented in virtualized and containerized environments. Evaluate and document compliance for FedRAMP DoD IL2/4/5/6, or other cloud baselines as applicable. Participate in technical design reviews to ensure alignment with RMF, Zero Trust, and ICAM principles. Support implementation and continuous monitoring of security controls within Microsoft Azure Government, AWS GovCloud, or DoD Cloud environments. Analyze and mitigate vulnerabilities identified through automated scans or assessments. Work with product managers to proactively plan security compliance and review ongoing security engineering tasks and projects Coordinate with ISSOs, system owners, and Authorizing Officials (AOs) to maintain Authority to Operate (ATO) status and ensure timely remediation of findings. Facilitate approvals for network interconnections such as the Boundary Cloud Access Point (BCAP) and DISA System/Network Approval Process (SNAP) through the provisioning of required documentation Support Product Teams in the preparation, response, and finding remediation for JFHQ-DoDIN Cyber Operational Readiness Assessments (CORAs) Manage ISSE team in accordance with product line expectations, successfully translating security needs of all portfolio products into appropriate FISMA boundaries and systems Qualifications: Bachelor's with 12+ years of cybersecurity experience (or commensurate experience) Clearance Required: Ability to maintain an active Secret clearance 10+ years of experience supporting cybersecurity engineering, RMF, or information assurance functions. Demonstrated experience with one or more of the following technical areas: Virtualized or cloud-based systems (AWS GovCloud, Azure Government, or similar) Virtual desktop/workspace platforms (VDI, Citrix, VMware Horizon, Azure Virtual Desktop) Software Factory / DevSecOps environments (GitLab, Jenkins, Nexus, SonarQube, etc.) including API management tools and data streaming Identity, Credential, and Access Management (ICAM) solutions (PIV/CAC, IdM, MFA, SSO, RBAC) WAN/LAN networks, SIPR and unclassified domains, firewalls and other boundary/perimeter security systems Continuous monitoring and end point management systems (MECM, InTune, Trellix, ACAS, SolarWinds) Data center and physical computer/storage systems Physical end user systems such as laptops, workstations, printers and multi-functional devices, mobile devices Working knowledge of: NIST SP 800-37, 800-53, 800-171, and FIPS 199/200 DoD RMF and cybersecurity directives FISMA, FedRAMP, and Zero Trust principles Ability to collaborate effectively with engineers, administrators, and leadership to translate technical configurations into compliance documentation. Strong written communication and briefing skills. CCISO; CISM; CISSP (or Associate); GSLC Company Overview: GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? What You Can Expect Interview & Hiring Process If you are selected to move forward through the process, here's what you can expect: During the Interview Process Virtual video interview conducted via video with the hiring manager and/or team Camera must be on A valid photo ID must be presented during each interview During the Hiring Process Enhanced Biometrics ID verification screening Background check, to include: Criminal history (past 7 years) Verification of your highest level of education Verification of your employment history (past 7 years), based on information provided in your application Employee Perks At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including: Employee Assistance Program (EAP) Corporate Discounts Learning & Development platform, to include certification preparation content Training, Education and Certification Assistance* Referral Bonus Program Internal Mobility Program Pet Insurance Flexible Work Environment *Available to full-time employees Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors. Posted Salary Range: USD $143,230.00 - USD $185,000.00 /Yr.

Crypto.com is expanding into stocks, equities trading, bridging the gap between traditional finance and digital assets. We're launching a platform that makes it as intuitive to trade equities as it is to trade crypto: starting with a mobile-first experience designed for global retail investors. We're looking for a Growth Marketing Hacker to lead the go-to-market strategy, lifecycle programs, and product positioning for this new vertical. You'll work in close collaboration with product managers and growth to ensure every feature launch, campaign, and user experience is tightly aligned with user needs and business priorities. This is a rare opportunity to help define how the next generation engages with traditional markets. Key Responsibilities 1. Strategy & Positioning- Partner up with product and strategy teams to own the roadmap for stocks and equities trading within the Crypto.com ecosystem.- Craft messaging that differentiates our offering across accessibility, fees, user experience, and cross-asset trading. Own positioning and briefs. - Define user personas (e.g. crypto-first investors, fintech users, traditional retail traders) and build tailored journeys to drive UA at target CAC.- Work closely with product managers and growth to align product direction with market insights and user behavior. 2. Launch Execution- Lead growth GTM for new features (e.g. fractional shares, commission-free trading, securities lending etc.)- Conceptualise integrated campaigns across email, in-app, paid media, content, and influencer channels to drive adoption, cross-sell and engagement. UA teams to execute.- Collaborate with regional marketing, compliance, and comms teams to ensure local relevance and impact.- Deliver high-conversion landing pages, onboarding flows, and campaign assets to improve CAC and trading volume. 3. Customer Insights & Market Intelligence- Conduct user interviews, surveys, and behavioral analysis to inform positioning and roadmap- Track and analyze competitors and emerging fintech trends to stay competitive.- Feed insights directly into product, growth, and creative strategy. 4. Growth & Retention- Build lifecycle and retention campaigns to drive trading activity, repeat engagement, and product education.- Coordinate cross-functionally with product, CRM, UA, design, partnerships, media and comms teams to ensure seamless, impactful launches and on-going adoption across sports and crypto ecosystems.- Conceptualise and create compliant reward systems, and streaks tied to market events and trading behavior.- Work with product and growth to continuously optimize the onboarding, funding, and trade execution experience. 5. Performance & Reporting- Work with the Head of Growth and Product to define KPIs across funnel metrics, retention, and campaign impact.- Use tools like GA4, Tableau, Mixpanel to analyze campaign performance and drive rapid iteration.- Share insights regularly with product, data, and leadership teams to guide growth priorities. Requirements 3 to 5 years of experience in product marketing: ideally stocks/equities background Proven success launching and scaling B2C products or platforms and growing adoption and revenue sustainably. Excellent communication and copywriting skills: you can simplify complex ideas and tell stories that convert. Highly collaborative, with experience working cross-functionally in fast-paced environments. Bias to action. Analytical mindset with proficiency in marketing analytics and user research. Experience in regulated industries or financial services is a plus. Bonus: Crypto native or familiarity with community-led growth. ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

at VikingCloud CERTIFIED ETHICAL HACKER About VikingCloud VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions - faster. Powered by the Asgard Platform™, the industry's largest repository of anonymized cybersecurity and compliance event data, we continuously monitor and analyze over 6+ billion online events every day. VikingCloud is the one-stop partner trusted by 4+ million customers to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruptions to their business. Our 1,000 dedicated cybersecurity and compliance expert advisors understand that it's not just about technology. It's about transacting business and delivering an exceptional customer experience every day, without fail. That's the measurable value we deliver. And that's what we call, Business Uninterrupted. This Position VikingCloud is always looking for candidates seeking a Certified Ethical Hacker position to help us secure our clients' network against potential threats. You will be responsible for testing a vast array of global company networks, servers, and infrastructure to identify potential vulnerabilities. As a Certified Ethical Hacker, you will be required to know how to use various network and cybersecurity tools and have an expert-level understanding of computer and network security. This will include an understanding of topics related to encryption and cryptography. Responsibilities Below are some of the main areas of responsibility a Certified Ethical hacker is expected to assume: Ethical hacking and penetration testing Vulnerability assessment Malware analysis Work with other penetration testers and information security analysts Web application security Social engineering Database security Reverse engineering Network security Threat modeling and risk assessment Qualifications Below are the qualifications expected of a certified ethical hacker: Bachelor's degree in computer science, information technology security, or related field Security certifications, including the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) Demonstrable expertise in penetration tests, vulnerability assessment, and security monitoring Proficiency with the OSI model, TCP/IP, HTTP, SSL, and wireless networking Experience with common network infrastructure and security tools Familiarity with web applications, including HTTP and SQL injection attacks Knowledge of security testing methodologies in accordance with the EC-Council Ability to work in a fast-paced environment PLEASE NOTE: We are always looking for strong candidates to reinforce the VikingCloud Cyber Threat Unit. While positions may not be currently open, please use this application to send us your resume so that we have it on file and can follow up as required by our customer demand. We will let you know when a position opens up that may fit your background. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, political affiliation or opinion, medical condition, status as a veteran, and/or any other federal, state, or local protected class.

About VikingCloud VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions - faster. Powered by the Asgard Platform™, the industry's largest repository of anonymized cybersecurity and compliance event data, we continuously monitor and analyze over 6+ billion online events every day. VikingCloud is the one-stop partner trusted by 4+ million customers to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruptions to their business. Our 1,000 dedicated cybersecurity and compliance expert advisors understand that it's not just about technology. It's about transacting business and delivering an exceptional customer experience every day, without fail. That's the measurable value we deliver. And that's what we call, Business Uninterrupted. This Position VikingCloud is always looking for candidates seeking a Certified Ethical Hacker position to help us secure our clients' network against potential threats. You will be responsible for testing a vast array of global company networks, servers, and infrastructure to identify potential vulnerabilities. As a Certified Ethical Hacker, you will be required to know how to use various network and cybersecurity tools and have an expert-level understanding of computer and network security. This will include an understanding of topics related to encryption and cryptography. Responsibilities Below are some of the main areas of responsibility a Certified Ethical hacker is expected to assume: Ethical hacking and penetration testing Vulnerability assessment Malware analysis Work with other penetration testers and information security analysts Web application security Social engineering Database security Reverse engineering Network security Threat modeling and risk assessment Qualifications Below are the qualifications expected of a certified ethical hacker: Bachelor's degree in computer science, information technology security, or related field Security certifications, including the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) Demonstrable expertise in penetration tests, vulnerability assessment, and security monitoring Proficiency with the OSI model, TCP/IP, HTTP, SSL, and wireless networking Experience with common network infrastructure and security tools Familiarity with web applications, including HTTP and SQL injection attacks Knowledge of security testing methodologies in accordance with the EC-Council Ability to work in a fast-paced environment PLEASE NOTE: We are always looking for strong candidates to reinforce the VikingCloud Cyber Threat Unit. While positions may not be currently open, please use this application to send us your resume so that we have it on file and can follow up as required by our customer demand. We will let you know when a position opens up that may fit your background. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, political affiliation or opinion, medical condition, status as a veteran, and/or any other federal, state, or local protected class.

About Remote Remote is solving modern organizations' biggest challenge - navigating global employment compliantly with ease. We make it possible for businesses of all sizes to recruit, pay, and manage international teams. With our core values at heart and future focused work culture, our team works tirelessly on ambitious problems, asynchronously, around the world. You can find Remoters working from 6 different continents (Antarctica left to go!) and all of our positions are fully remote. We encourage every member of the Remote team to bring their talents, experiences and culture to the table to help us build the best-in-class HR platform. If you are energetic, curious, motivated and ambitious, be part of our world. Apply now and define the future of work!The position As Head of Growth Hacking you will own unconventional, high‑leverage growth, design and run guerrilla growth programs that create awareness, demand, and activation for the suite of Remote HR products. This role is for you if you enjoy hands-on, scrappy building and will use your deep network in startup ecosystems to drive revenue growth and find new commercial avenues. What you bring High agency Ex‑founder or first‑growth hire who has shipped scrappy plays from idea to measurable impact and revenue. Have public presence in founder communities or creator economy. Have a network among founders, operators, and investors Move fast with low dependency. Comfortable running multiple experiments in parallel. Actively defaults to using AI Fluent in written and spoken English. Key responsibilities Identify and prioritise opportunities for building brand awareness, especially across founder and startup communities and events. Develop and deliver both online and offline marketing campaigns to optimise growth and generate revenue. Drive efficiency and productivity across marketing channels. Launch scrappy, high‑signal experiments: such as community hijacks, product‑led virality and other non-traditional marketing campaigns. Measure and analyze outcome of strategies to help shape future GTM strategy. Nurture a close network of partners Own market research and competitive analysis. Practicals You'll report to: President Team: President Location: SF / Bay Area Start date: As soon as possible Remote Compensation Philosophy Remote's Total Rewards philosophy is to ensure fair, unbiased compensation and fair equity pay along with competitive benefits in all locations in which we operate. We do not agree to or encourage cheap-labor practices and therefore we ensure to pay above in-location rates. We hope to inspire other companies to support global talent-hiring and bring local wealth to developing countries. At Remote we have international operations and a globally distributed workforce. We use geo ranges to consider geographic pay differentials as part of our global compensation strategy to remain competitive in various markets while we hiring globally. Our salary ranges are determined by role, level and location, and our job titles may span more than one career level. The actual base pay for the successful candidate in this role is dependent upon many factors such as location, transferable or job-related skills, work experience, relevant training, business needs, and market demands. The base salary range may be subject to change. At Remote, we foster internal mobility as a key element of our culture of employee growth and development, supported by a compensation philosophy that guarantees pay equity and fairness. Therefore, all compensation changes associated with an internal move will be reviewed by the Total Rewards & People Enablement team on a case by case basis. Application process (async) Profile review Interview with the Recruiter Interview with Hiring Manager Interview with team members (async) Offer Benefits Our full benefits & perks are explained in our handbook at remote.com/r/benefits. As a global company, each country works differently, but some benefits/perks are for all Remoters: work from anywhere flexible paid time off flexible working hours (we are async) 16 weeks paid parental leave mental health support services stock options learning budget home office budget & IT equipment budget for local in-person social events or co-working spaces How you'll plan your day (and life) We work async at Remote which means you can plan your schedule around your life (and not around meetings). Read more at remote.com/async. You will be empowered to take ownership and be proactive. When in doubt you will default to action instead of waiting. Your life-work balance is important and you will be encouraged to put yourself and your family first, and fit work around your needs. If that sounds like something you want, apply now! How to apply Please fill out the form below and upload your CV with a PDF format. We kindly ask you to submit your application and CV in English, as this is the standardised language we use here at Remote. If you don't have an up to date CV but you are still interested in talking to us, please feel free to add a copy of your LinkedIn profile instead. Not only do we encourage folks from all ethnic groups, genders, sexuality, age, abilities, disability status and any other under-represented group to apply, but we prioritize a sense of belonging. We have 4 ERGs (Women, Disability, Queer, Minorities in Tech) who meet regularly with the People team. During your interviews and beyond, we ask & encourage anybody who needs an accommodation to request one from their recruiter. We will ask you to voluntarily tell us your pronouns at interview stage, and you will have the option to answer our anonymous demographic questionnaire when you apply below. As an equal employment opportunity employer it's important to us that our workforce reflects people of all backgrounds, identities, and experiences and this data will help us to stay accountable. We thank you for providing this data, if you chose to. At Remote, we embrace AI as a valuable tool while prioritizing human creativity and authenticity. We look forward to meeting candidates who balance innovation with genuine expertise and experience. To learn more about Remote's AI guidelines check see here. Please note we accept applications on an ongoing basis.