Security Architect Jobs in Columbia, MD

Hiring for a Senior Information Security Architect position primarily focusing on AWS. This position requires deep expertise in Information Security principles including Business Security Architecture, Threat Modelling, Data Security (data encryption, masking, tokenization, data access controls), AWS Cloud and Systems architecture. This individual must be able to architect and ensure the security and compliance of the cloud environments based on enterprise cloud security policies, standards, procedures and industry best practices and frameworks (NIST, OWASP) • Candidate is expected to come to Reston, VA office once a week • Self-starter and Senior Architect who can lead the AWS Security architecture program in multiple projects simultaneously by collaborating with numerous stakeholders (Product owners, Enterprise Architect) Must Have 1 Public Cloud: AWS Experience Deep Expertise and proven Track record in AWS Architecture and AWS Services (Compute, IAM, RDS, Resource Policies, Network, Messaging, Data Storage, CI/CD, AI/ML, ETL, Serverless, ECS/EKS). Experience with AWS security pillars, best practices and well designed architecture. Experience in AI/ML is preferable. 2 Information Security Architecture Key experience: Application security, Threat Modelling, API Security, DevSecOps, Pipeline security, Infrastructure security, AuthN/Z, Encryption, Key Management, Data discovery and encryption, SIEM, CSPM, CWPP, Access Controls, Container Security • Industry security standards and frameworks (OWASP, NIST CIS, FED Ramp, ISO, SOX etc.). • Experience designing Architectures based on Security Standards and threat model the designs to identify issues and design mitigating controls. 3. Systems Architecture • Key experience: System Design, API Driven architecture, Open Standards, stateless, Resiliency, High Availability, System and SaaS Integrations. Nice to Have 1. AWS advanced Certification (Professional, Specialty), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or equivalent

Job Details: Job Title: Principal Information Security Duration: 6++ months with high possibility of extensions ** Principal Information Security Governance & Risk Management Description: The Principal, Information Security Governance & Risk Management supports Client's Information Security Division in effectively managing the Enterprise's Information Security risks and overall program. Responsible for the strategy, management and the overall execution of first line of defense information security risk management and governance activities at the enterprise. This role will collaborate with Client's business unit Sr. leaders across the enterprise to identify, mitigate and manage information security risks. Uses extensive industry and real world experience to lead information security governance and risk management activities, developing pragmatic solutions to address gaps in line with established risk appetites. Ensure information security governance and risk management activities align with strategic business initiatives, achieve business and quality objectives, mitigate risk and enhance operating procedures. Develop dashboards, metrics and reporting data to provide consultative guidance during monthly and quarterly governance committees. Promote operational efficiency and service excellence through appropriate risk controls, process improvements and training while reducing and mitigating financial losses. Responsibilities: • Lead the Information Security Program Risk Assessment. • Develop and lead a comprehensive Information Security Program Maturity Assessment and Risk Assessment initiatives in line with the enterprise goals and regulatory expectations. • Ensure the effective identification, mitigation and management of information security risks arising from business activities. In addition, provide guidance and advice to senior management on the status of their control environment related to standards compliance, risk identification and control issues. Identify critical areas to monitor and escalate issues and findings to appropriate stakeholders and governance committees. • As applicable, articulate implications of risks and issues related to data management and protection to sponsors and risk owners and, if necessary, assist with security exceptions or issue management • Translate control deficiencies into action plans and provide recommendations to enhance governance practices in alignment with risk and compliance frameworks. • Participate in Security-related special projects, councils, working groups, etc. as a Risk SME Text here • Perform other duties as assigned Qualifications and Education Requirements: • Bachelor's degree in Information Systems, Computer Science, Engineering, Business, Mathematics, Economics, or related field, or the equivalent combination of education, training and experience • A minimum of 12-15 years of experience leading risk and/or compliance related activities in financial services or other relevant industry, especially Operational Risk Programs • Deep knowledge and practical experience implementing NIST CSF in a medium to large financial institution. • Extensive knowledge of industry leading risk management frameworks such as COSO, COBIT, NIST CSF, ITIL) • Working knowledge of the MITRE attack framework • Extensive experience in the development of risk management frameworks along with the requisite implementation • Advanced knowledge of information technology systems, project processes, and application development • Advanced organizational, planning and time management skills • Advanced research, analytical, and problem solving skills • Advanced skill developing and implementing programs in a leadership role • Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy and tact • Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management and a strong EQ • Effective skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes • Advanced skill exercising initiative and using good judgment to make sound decisions. Desired Qualifications and Education Requirements: • Prior experience developing, implementing, and or assessing an information security program for a medium to large financial institution. • Prior experience implementing and/or assessing NIST Cybersecurity Framework (CSF) in a medium to large financial institution. • Graduate education in Business, Cyber/Information Security Risk, Information Systems, Computer Science, Engineering, Quantitative discipline or related field • Professional certifications including, but not limited to any of the following: FRM, PRM, CISA, CISM, CISSP, CGEIT, CRISC, CFE, CPA, CIA, CIPP, ISA, AWS and etc. • Professional or planned date for certification in Operational Risk, and/or specialized in Technology or Information Security • Knowledge of Client's instructions, standards, and procedures

The Software Security Developer has the overall responsibility to developing software applications, services, and systems (e.g., user-facing and back-end services). Manage source code using industry version control best practices. Research new techniques and technologies to stay current in software development methodologies and tools. Utilize code validation tools to ensure that source code is valid, is properly structured, meets industry standards, is secure, and is compatible with browsers, devices, or operating systems. Collaborate with stakeholders to define needs and/or specifications and develop proposed solutions. Test and integrate developed software applications into the operational baseline. Perform test driven development utilizing strong unit testing techniques to include test cases mimicking external interfaces and addressing all browser and device types. Modify or enhance existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance. Create technical models, architectural artifacts, and/or prototypes that include physical, interface, logical, or data models (e.g., model view controller (MVC) programming practices). Share actionable/valuable information with colleagues and leadership and engage with community as resident expert. Prepare reports and consult with customers or other stakeholders to advise on technical issues, provide operational support, respond to questions, and offer status updates. Develop DevOpsSec (CI/CD) pipelines and incorporate security protocols while deploying infrastructure as code (IaC). Required Skills/Experience: Bachelor's degree in science, technology, engineering, and math (STEM) field and nine (9) years IT security (Cybersecurity) experience; OR No Bachelor's Degree with eleven (11) or more years of IT security (Cybersecurity) experience Desired Skills/Experience: • Experience can be considered in lieu of degree. • Certified Application Security Engineer (CASE) Certification or Certified Secure Software Lifecycle Professional (CSSLP) Certification. • Certified Ethical Hacker (CEH) Certification or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP). • AWS Certified Solutions Architect Professional or AWS Certified DevOps Engineer Professional. • Experience with DevOpsSec pipeline tools including configuration management, requirements (e.g. JIRA), automated testing, automated deployments, blue green deployments, and branching strategy and implementation. • Experience in cloud computing including concepts, capabilities, and applications as they relate to storage, processing, and dissemination and overall security. • Demonstrated experience working with multi-disciplinary teams to fulfill stakeholder requirements. • Professional experience using a programming language such as Java, Python, JavaScript, or equivalent to build and design complex software applications. • Professional experience designing, developing, testing, and deploying software to include full stack web-based applications using industry standard DevOps tools. • Experience in applying agile development methodologies to develop software. • Experience building web application programming interfaces (API) using standards

The Company: As the Leader in Recruiting Intelligence, The Edens Group, LLC has been retained to identify and recruit a Chief Information Security Officer for a global cybersecurity company providing zero-knowledge security and encryption software covering functions such as password and passkey management, secrets management, privileged access management, secure remote access and encrypted messaging. This company is transforming cybersecurity for people and organizations around the world, as their cybersecurity software is trusted by millions of people and thousands of organizations, globally. Summary Description: The CISO supports the CEO and the CTO in managing the key facets of IT security and compliance within business requirements and other laws and regulations. He or she works with the various IT & business functions to evaluate the design and effectiveness of the current environment, both operational and technical, identifying risks, and areas of concern, and implementing appropriate solutions as needed. The CISO reports to the CEO. Principal Duties and Responsibilities: Develop and implement a comprehensive information cybersecurity strategy aligned with business objectives, internal controls, governance, and regulatory requirements. Provide strategic guidance on security initiatives and risk management to the executive team. Establish and maintain a security governance framework, including policies, procedures, and standards. Identify and assess security risks and vulnerabilities and develop strategies to mitigate them. Conduct regular security assessments, audits, and penetration testing to evaluate the effectiveness of security controls. Develop and manage incident response processes and plans. Oversee the implementation and management of security technologies and solutions, including firewalls, intrusion detection systems, and encryption protocols across all infrastructure. Coordinate with IT teams to ensure secure system architecture, data protection, and compliance with industry standards. Ensure compliance with relevant laws, regulations and industry standards (e.g., GDPR, HIPAA, PCI-DSS, SOC, ISO, FedRAMP, StateRAMP, IL-5). Oversee our yearly compliance audits, including (but not limited to) ISO 27001, 27017, and 27018, SOC 2, FedRAMP, StateRAMP and IL-5. Initiate and lead new security and product authorizations and certifications. Maintain up-to-date knowledge of emerging threats, vulnerabilities, and regulatory changes, adapting security strategies as needed. Manage relationships with external security vendors, auditors, and regulatory agencies. Build, lead, and mentor high-performing security, compliance, SecOps, and DevOps teams- fostering a culture of innovation and industry leadership. Manage and monitor governance, risk, and compliance activities - i.e. risk management. compliance, security training, and awareness programs for employees and stakeholders. Required / Desired Knowledge, Experiences and Skills: Minimum of 10+ years of enterprise Information Security leadership experience understanding and applying a balanced information security framework that supports a complex regulated multi-business unit company. Minimum of 10+ years of experience performing information security assessments, delivering successfully on assessment remediation plans, and navigating a company through the creation and execution of their information security roadmap. Proven track record in the Digital & Information Technology domain and solid experience in IT security services. A good & broad understanding of technical aspects of information and IT technology and core security components such as network, firewall, proxy, VPN, anti-malware, email protection and filtering, system security controls, vulnerability assessment, penetration testing, etc. “white-hat”-type experience a strong plus. Experience in multinational environments, ideally composed of mid-sized and small companies (i.e., with limited resources and low IT security maturity). Experience in SOC. A good grasp of PCI-DSS, HIPAA, ISO 27001, NIST, and other security norms, standards & frameworks. One or more of the following certifications a plus: CISM or CISSP. Microsoft Certified Systems Engineer: Security. GIAC Security Essentials. Intangible Characteristics Desired and Required: Leadership- Exhibits confidence in self and others. Inspires and motivates others to perform to the best of their ability. Effectively influences actions and opinions of others. Accepts feedback from others. Gives appropriate recognition to others. Seeks to effectively drive the decision-making process. Engaging, articulate, self-starter. Communication - Possesses the ability to convey information to others in a clear, decisive, and understandable way. Responsible for communicating with employees, customers, investors, and other stakeholders. Strategic thinking: Bring the ability to see the big picture and understand how your work fits into the company's goals and the long-term effects of your decisions and actions. Professionalism- Approaches others in a tactful manner. Reacts well under pressure. Treats others with respect and consideration regardless of their status or position. Accepts responsibility for their own actions and follows through on commitments. Standards of Excellence- Outstanding consultative and operational abilities and excellent interpersonal and presentation skills with executive-level customers and partners. Proactive, resourceful, and flexible in a fast-paced work environment, excellent work ethic including high results orientation, attention to detail, strong customer focus Education: Master's Degree in Computer Science or other Engineering discipline highly preferred Salary & Benefits: All candidates must be eligible to work in the US without sponsorship. No relocation assistance will be provided at this time. The compensation for this role is very competitive. The base salary is in the $ 300-400K range with a double-digit bonus, a commission bonus and an equity component. Additional Executive perks will be discussed as appropriate. If you thrive in a fast-paced, entrepreneurial environment, and enjoy shaping the landscape within a company, please email your resume to: The Edens Group, LLC Attn: Kelly M. Edens Cell: ************ E-mail: ***********************

Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual's passions, growth, wellbeing and belonging. We're a technology company that leads with our humanity-driving our business priorities alongside meaningful social, community, and societal impact. How You Will Contribute: Reporting to a Director of Cyber Security, we are seeking a highly motivated and experienced Network Security Architect to join our growing team. In this role, you will be responsible for working with our security and networking teams to advise on, design, implement, and maintain the security posture of Ciena's global network infrastructure. You will play a key role in protecting our critical assets and data from evolving cyber threats. Your expertise and guidance are essential in ensuring that all processes and systems meet our company's security risk tolerance. As a trusted advisor, you will gather business requirements and provide advice and oversight to ensure compliance with security risk tolerance for processes and systems. You will also set expectations for regional/business security postures and identify opportunities to enhance security against future trends and threats. Security Architecture Design and Implementation: In collaboration with the networking teams, design, implement, and maintain a secure network architecture aligned with industry best practices and regulatory requirements (NIST, ISO 27001, etc.). Define and implement security controls for all network layers, including access control, firewall management, intrusion detection/prevention, and data loss prevention. Develop and maintain network security documentation, including diagrams, policies, procedures, and standards. Security Assessment and Risk Management: Participate in regular network security assessments, vulnerability assessment, and assist in penetration testing to identify and mitigate potential risks. Analyze and assess networking security threats and vulnerabilities, developing mitigation plans and recommending appropriate security controls. Develop and maintain a risk register, prioritizing risks and recommending remediation actions. Security Incident Response: Participate in the incident response processes, including incident detection, analysis, containment, eradication, and recovery. Help to develop and maintain incident response playbooks and procedures. Assist in post-incident reviews and implement improvements to security controls. Technology Research and Evaluation: Stay informed of emerging security technologies and threats, evaluating and recommending new security solutions to enhance Ciena's security posture. Conduct proof-of-concept testing for new network security technologies and solutions. Collaboration and Communication: Collaborate closely with various teams, including network operations, IT infrastructure, Research and Development, and application development, to integrate network focused security best practices into existing and new systems. Communicate security risks and recommendations to various stakeholders, including senior management. Policy and Governance Creation: Act as a technical writer to create, revise, and maintain security documentation and policies related to network security. Assist in ensuring that governance policies are practical, clear, and attainable. Mentorship and Training: Mentor junior security team members, providing guidance and training on network security best practices. Contribute to the development and delivery of security awareness training programs for Ciena employees. The Must Haves: Must be a US Citizen Bachelor's degree in computer science, Information Security, or a related field. 7+ years of experience in network security, with at least 3 years in an architectural role. Strong understanding of networking protocols (TCP/IP, UDP, DNS, Routing protocols etc.) and network security technologies (Firewalls, SDWAN, Wireless, IDS/IPS, VPN, SIEM, etc.). Strong technical writing skills for policy and governance creation Experience with cloud security best practices and solutions (AWS, Azure, GCP). Experience with security frameworks and compliance requirements (NIST, ISO 27001, etc.). Strong analytical, problem-solving, and communication skills. Assets: Relevant security certifications (CISSP, CCNP Security, etc.) are highly desired. Pay Range: The annual pay range for this position is $121,700 - $194,300. #LI-BS1 Pay ranges at Ciena are designed to accommodate variations in knowledge, skills, experience, market conditions, and locations, reflecting our diverse products, industries, and lines of business. Please note that the pay range information provided in this posting pertains specifically to the primary location, which is the top location listed in case multiple locations are available. Non-Sales employees may be eligible for a discretionary incentive bonus, while Sales employees may be eligible for a sales commission. In addition to competitive compensation, Ciena offers a comprehensive benefits package, including medical, dental, and vision plans, participation in 401(K) (USA) & DCPP (Canada) with company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company-paid holidays, paid sick leave, and vacation time. We also comply with all applicable laws regarding Paid Family Leave and other leaves of absence. Not ready to apply? Join our Talent Communityto get relevant job alerts straight to your inbox. At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination. Ciena is an Equal Opportunity Employer, including disability and protected veteran status. If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require. RequiredPreferredJob Industries Other

We are looking for a Cybersecurity Engineer to support our government customer located in Washington, DC. is 100% on site. Description of responsibilities: Responsible for supporting the operations of cybersecurity personnel, applications, and appliances employed to defend the cyber terrain, to include but not limited to: Firewall management Host intrusion detection/prevention systems management Security information and event management (SIEM, e.g. audit log review and analysis) Vulnerability scanning Incident response Technical analysis & trouble shooting assistance Support the agency with project tracking with the integrated master schedule Project presentations to the agency change boards. Other duties as assigned. Required degree/education/certification: Bachelor of Science in computer science or related field or four to seven (4-7) years of experience in the cybersecurity field. Required to be certified IAT or IAM level III (CASP, CCNP, CISA, CISSP, CISM) Required skills and experience: In-depth knowledge of systems engineering, systems security operations, incident response methodologies, general user behaviour analytics, and general personnel management. Required citizenship and clearance: U.S. Citizenship required. Must have an active Top-secret clearance. What are the 3-4 non-negotiable requirements of this position? PowerShell & Bash experience. Networking experience/Firewall Configuration (both tied together). Authentication Configuration, - DNS/IP configuration.

At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Messaging Services, Security & Access Control Management, Identity & Access management and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central Information Security point of contact for Platform Messaging Services Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Data Security, Vulnerability Management, Network Architecture and Design, API security, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Work with line of business to identify risks with new and existing vendor relationships Develop strategic objectives curated towards the line of business to support Cyber initiatives About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews At least 5 years of experience with software design, networking, or cloud infrastructure At least 4 years of experience with cloud security engineering At least 2 years of experience with Messaging systems Preferred Qualifications: Bachelor's Degree 7+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience with Application Security Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in a regulated environment At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Plano, TX: $204,900 - $233,800 for Sr Manager, Cyber Technical Richmond, VA: $204,900 - $233,800 for Sr Manager, Cyber Technical San Francisco, CA: $245,900 - $280,600 for Sr Manager, Cyber Technical San Jose, CA: $245,900 - $280,600 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Vertekal is a forward-leaning technology company dedicated to pushing the boundaries of innovation for both our employees and our national security customers. We believe in the transformative power of AI and cybersecurity to solve complex challenges, drive efficiency, and secure the future. By investing in cutting-edge research and tools, we enable our teams to deliver mission-critical solutions that safeguard our nation's most valuable assets. Join us and become part of a culture that values bold ideas, professional growth, and a shared commitment to excellence. Responsibilities As the Senior Information Systems Security Engineer (ISSE), you will be at the forefront of our cybersecurity initiatives, working closely with our DevOps Engineering team to ensure cloud assets meet rigorous security standards throughout the entire Risk Management Framework (RMF) lifecycle. You will: Lead efforts to move cloud environments from RMF Step 1 through Step 6, ensuring compliance milestones such as IATT and ATO are achieved. Develop and maintain Certification Test Plans, System Security Plans, and other authorization artifacts necessary for system accreditation. Collaborate with the DevOps Engineering Team to onboard assets to the Enterprise Security Services (ESS), ensuring alignment with organizational security requirements. Review software packages for vulnerabilities, coordinating with customers to provide justifications if necessary, in support of production environment deployments. Manage cloud assets within ServiceNow (SNOW), including creating and maintaining assets, submitting Project Change Requests and Interconnection requests, and ensuring all security controls meet the latest NCSRD requirements. Coordinate with DevOps engineers to conduct ACAS credential scans and analyze logs via Splunk. Apply DISA STIGs for continuous monitoring and efficient vulnerability management. Serve as a subject matter expert on cybersecurity best practices, working cross-functionally to ensure our cutting-edge AI solutions remain secure and compliant in a fast-evolving threat landscape. Qualifications Active TS/SCI clearance with Polygraph (mandatory). 10+ years of experience in Information Assurance/Cybersecurity, with a proven track record of RMF application, especially for cloud-based systems. Hands-on experience obtaining IATT and ATO approvals, including the creation of Certification Test Plans, System Security Plans, and other accreditation documentation. Experience with AWS and managing Cloud assets, demonstrating a strong understanding of authorization boundaries and internal/external connections for secure and compliant deployments. Practical background with ServiceNow (SNOW) for asset management, Project Change Requests, and Interconnection requests in accordance with NCSRD controls. Familiarity with ESS onboarding processes, ACAS scanning, and Splunk for continuous monitoring. Excellent communication, collaboration, and problem-solving skills to work effectively across technical and leadership teams. Bachelor's degree in Information Assurance, Cybersecurity, Computer Science, or a related field (or equivalent experience). If you're passionate about AI-driven cybersecurity and want to tackle critical challenges in a dynamic, mission-focused environment, apply now to join Vertekal and help us shape the future of national security.

Clearance Requirement: TS/SCI Full Scope Poly Position Type: Full-time We are seeking a highly skilled Information Systems Security Engineer (ISSE) to join our team. The ISSE will be responsible for conducting technical security assessments, validating system security requirements, and designing robust security architectures. The ideal candidate will have extensive experience in information assurance (IA), risk management, network security, cryptography, and cloud computing. This role requires a deep understanding of NSA/CSS, DoD Risk Management Framework (RMF), and NIST RMF compliance processes. Key Responsibilities: Perform or review technical security assessments of computing environments to identify vulnerabilities, ensure compliance with IA standards, and recommend mitigation strategies. Validate and verify system security requirements and define security architectures. Design, develop, implement, and integrate security solutions for networking, computing, and enclave environments, including those with multiple classification levels. Embed IA controls into systems deployed to operational environments. Collaborate with system architects and developers to implement appropriate security functionality aligned with Agency security policies and enterprise solutions. Develop and enforce trusted relationships among external systems and architectures. Conduct risk assessments and threat mitigation strategies throughout the program life cycle. Contribute to security planni-ng, risk management, and compliance efforts for systems and networks. Review certification and accreditation (C&A) documentation, ensuring completeness and compliance. Apply expertise in system security engineering, including areas such as: Security design and engineering life cycle Cross-domain solutions and cryptographic implementations Authentication and authorization mechanisms Risk management and incident handling Intrusion detection and response Configuration control, change management, and auditing IA principles (confidentiality, integrity, non-repudiation, availability, and access control) Security testing and validation Support security authorization activities in compliance with NSA/CSS NISCAP, DoD RMF, NIST RMF, and NSA/CSS business processes for security engineering. Required Qualifications: 20+ years of experience as an ISSE supporting programs of similar scope and complexity. Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related field from an accredited institution. A Master's degree in a related field may substitute for 2 years of experience (reducing requirement to 18 years). Four (4) additional years of ISSE experience can substitute for a bachelor's degree. DoD 8570 IASAE Level 3 compliance is required, including both: CISSP (Certified Information Systems Security Professional) ISSEP (Information Systems Security Engineering Professional) Strong experience with manual review of network diagrams, network device configurations, and VPN termination points. Working knowledge of software TLS security and security assessment frameworks. Ability to conduct RMF reviews for unclassified/classified networks, providing countermeasures for secure communications. Familiarity with security standards and frameworks (NIST, DoD, NSA, etc.). Expertise in crypto, networking, and cloud computing security. Experience writing security assessment reports, technical documentation, and administrative reports. Strong leadership, analytical, and problem-solving skills. Preferred Qualifications: Experience with cloud security, zero-trust architecture, and container security. Prior work within NSA, DoD, or other federal security-focused organizations. Hands-on experience in penetration testing, threat hunting, or forensic analysis. Strong knowledge of intrusion detection systems (IDS), firewalls, SIEM tools, and endpoint security solutions. Why Join Us? Work on mission-critical projects that enhance national security. Opportunity to collaborate with top cybersecurity experts. Competitive salary, benefits, and career growth opportunities. If you meet the qualifications and are looking for an exciting challenge, apply today!

Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Job ID 2410542 Date Posted 2024-09-17 Category Security Subcategory Security Schedule Full-time Shift Day Job Travel Yes, 10 % of the Time Minimum Clearance Required TS/SCI Clearance Level Must Be Able to Obtain None Potential for Remote Work No Description SAIC is seeking a SAP Security Analyst to provide comprehensive security support services for the R&E Special Access Program Central Office (SAPCO) and various program management offices across OUSD(R&E). The role demands proficiency in program protection and security management of Department of Defense (DoD) Special Access Programs (SAPs). This position will deliver a wide array of products and services covering all security disciplines. This position will be fully onsite at the Pentagon in Arlington, VA. Responsibilities Include Personnel Security Manage SAP personnel security processes, including assessing eligibility for SAP access, preparing nomination packages, waivers, or letters of compelling need, maintaining SAP databases, and managing/reporting/tracking SAP access suitability information. Industrial Security Assess security compliance of contractors on SAP contracts, review contractor requests for facility accreditations, and determine security requirements for sensitive tests and activities. Physical Security Prepare and assess SAP facility accreditation packages, manage facility folders, develop facility Standard Operating Procedures (SOPs), Memorandums of Agreement/Co-Use Agreements (MOAs/CUAs), and facility close-out packages, and develop risk mitigation strategies for threats. Information Security Oversee classification management, manage Top Secret accountability and media control, author Security Classification Guides (SCGs) and security policies, handle technology transfers, foreign disclosures, security training, and investigate security incidents. Qualifications Extensive experience and proficiency in managing security protocols and protective measures specific to Department of Defense Special Access Programs. Bachelor's Degree & 5+ years of related experience; OR Master's Degree & 4+ years of experience Must possess an active Top Secret security clearance with eligibility for Sensitive Compartmented Information (SCI) access. Proven ability to effectively communicate with senior executives, including skills in preparing and presenting briefings and reports. Demonstrated skills with the ability to work and collaborate effectively in and contribute to a small team environment. Must possess a minimum of five (5) years of relevant SAP security experience with three (3) cumulative years managing multi-discipline security programs for DoD SAPs. Preferred Requirements Hold certifications such as Certified Information Systems Security Professional (CISSP) or Certified Protection Professional (CPP). Experience in strategic planning and execution within a security framework to support senior-level decision-making. SAIC accepts applications on an ongoing basis and there is no deadline. Covid Policy SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference! We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more! We are seeking a Senior Cybersecurity Analyst/Information Security Manager for an opportunity in Washington, DC. All applicants must have an active Top-Secret clearance and SCI/Q-eligibility. Experience: An individual must demonstrate a minimum of five (5) years of experience in planning, coordinating, and implementing security measures to protect the confidentiality, integrity, and availability of information systems and their data. Individuals must also have a minimum of two (2) years' supervising experience in a cyber/IT security role. Individuals must demonstrate proficiency in developing, monitoring and conducting testing of cybersecurity plans and controls using government approved tools and methods. The individual will document test results, develop and recommend corrective actions, and develop and document residual risk and risk assessment statements. Individuals must have a thorough understanding of cyber policies/practices to include National Institute of Standards and Technology Special Publications. Individuals require extensive knowledge of security assessment and authorization (SA&A) policy, procedures, and processes, including, but not limited to, NIST 800-37, 800-53, CNSSI and other Federal requirements. This individual must demonstrate proficiency in developing and revising Security Policies (for example, Privacy Plan, Configuration Management Plan, etc.). This individual must also be able to create baseline documentation and develop and review policies. This individual must be knowledgeable in Incident Response practices, vulnerability management, Plan of Action and Milestone management, Zero Trust Architecture, cloud requirements and assessments, Continuous Diagnostics Mitigations/Continuous Monitoring, etc. Education: Bachelor's degree from an accredited university or college in Information Technology with an emphasis in Cybersecurity or Information Assurance or similar degree. Certifications: GIAC Information Security Professional (GISP), ISC2 Certified Information Systems Security Professional (CISSP) or equivalent

Thorlabs is pleased to play a role in advancing science through the components, instruments, and systems we design and manufacture. We believe that science and innovation have great potential to improve the world around us and are committed to advancing photonics (i.e., light-based) technologies that positively impact our customers, employees, and communities. Via educational outreach and more sustainable business practices, we continuously invest in a brighter future. We recognize that each of our employees is a unique individual with the ability to contribute to our success and seek to find great people who will thrive in our fun, fast-paced culture. The Information Security Manager (ISM) is responsible for developing, managing, and executing the organization's Governance, Risk, and Compliance (GRC) initiatives. This role focuses on aligning the organization with regulatory compliance frameworks such as PCI-DSS, CMMC 2.0, and ISO27001. The ISM drives security best practices, mitigates risks, and ensures adherence to critical industry standards. Although the location of the position is in Jessup, MD, from time to time it may be required to undertake duties at other Thorlabs locations. Essential Job Functions include the following, but are not limited to: Governance and Policy Management Develop, review, and update information security policies, standards, and procedures in line with best practices and regulatory requirements. Ensure compliance with laws, regulations, and standards, including PCI-DSS and CMMC certification. Communicate effectively with stakeholders to address compliance challenges and ensure transparency. Risk Management Define Key Risk Indicators (KRIs) and produce metrics to assess the organization's security posture. Conduct risk assessments, identify vulnerabilities, and prioritize risk mitigation strategies. Collaborate with IT and business units to integrate risk management practices into daily operations. Compliance Leadership Lead and maintain compliance efforts for PCI-DSS, CMMC, and other regulatory frameworks. Serve as a Subject Matter Expert (SME) for PCI-DSS and CMMC, supporting teams in meeting compliance requirements. Manage relationships with external auditors and oversee certification audits. Incident Management and Response Support incident response efforts by ensuring proper governance, documentation, and adherence to compliance requirements. Provide guidance on compliance and governance implications of security incidents and remediation efforts. Audit and Reporting Coordinate and lead internal audits and manage external audits related to security and compliance programs. Prepare reports and dashboards for executive management, highlighting key metrics on governance, risk, and compliance activities. Organize and provide evidence for third-party audits while ensuring successful responses. The Company retains the right to change or assign other duties to this position. Physical Activities: This is largely a sedentary role; however, it may require the ability to lift, bend or stand as necessary. The employee may occasionally lift or move objects up to 25 pounds. Requirements Experience: 10+ years of professional experience, including 5+ years in information security with a focus on GRC. Proven experience with regulatory frameworks (e.g., ISO27001, NIST, CMMC, PCI-DSS, GDPR). Familiarity with GRC tools (e.g., RSA Archer, ServiceNow GRC). Experience in cloud security governance for providers like Azure or AWS. Project management experience, particularly in compliance and audit initiatives. Education: Bachelor's Degree in Information Security, Computer Science, IT, Business Administration, or a related field (or equivalent experience). Specialized Knowledge and Skills: Strong knowledge of risk management methodologies, security frameworks (e.g., NIST 800-53, ISO 27001), and controls. Hands-on experience with vulnerability management tools (e.g., Qualys, Nessus, Rapid7) and attack surface management solutions is a big plus. Exceptional communication skills to collaborate effectively with diverse teams and explain complex concepts to non-technical stakeholders. Expertise in managing internal and external audits for security certifications, including PCI-DSS and CMMC readiness. Other: Compliance with International Traffic in Arms Regulations (ITAR). Job Type - Full Time $115,000 - 143,000 d.o.e. Thorlabs values its diverse environment and is proud to be an Equal Employment Opportunity/Affirmative Action Employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law. Benefits Thorlabs offers a complete benefits package that includes medical, dental and vision insurance, company paid life insurance, a generous PTO package, a 401(k) plan, and tuition reimbursement just to name a few..

Washington DC On-Site Clearance Required: TS/SCI with Polygraph People Centered. Data Driven Elder Research Inc. is a Data Science consulting firm specialized in providing analytic solutions to clients in Commercial and Government industries. Providing analytic solutions to hundreds of companies across numerous industries, our team enjoys a great variety in the type of work they do and exposure to a wide range of techniques and tools. We are trusted advisors to our clients, building lasting relationships and partnering as preferred analytics providers. We use a variety of programming languages and tools to create analytic solutions, often fitting within our clients environment and needs. Join our team and find great opportunities to hone your analytic skills, work on complex problems with amazing teammates, and gain valuable analytics consulting experience.? Summary of Position: As a security systems engineer, you shall provide support to ensure the secure development, deployment and maintenance of the sponsor s tools, including managing accreditations and authorization processes, identifying and mitigating security risks, and collaborating with stakeholders. Essential Functions: Active TS/SCI security clearance with the required polygraph Bachelor s degree in a related field with a minimum of 12 years of relevant experience; or a Master s degree with 10 years of experience; or a Doctorate with 8 years of experience. Proven experience in supporting A&A and information assurance processes. Strong understanding of DISA STIGs and hands-on experience with STIG Viewer. Comprehensive knowledge of current security risks, protocols, and best practices. Proven experience in supporting A&A and information assurance processes. Strong understanding of DISA STIGs and hands-on experience with STIG Viewer. Comprehensive knowledge of current security risks, protocols, and best practices. Job Specifications/Requirements: Lead the Assessment and Authorization (A&A) and information assurance processes in accordance with Risk Management Framework (RMF) guidelines. Ensure the secure development and maintenance of tools, including managing accreditations and authorization processes; identifying and mitigating security risks and collaborating with stakeholders. Provide consultation, analysis and recommendations on system architecture, system configuration and data flows throughout the life cycle of tool development; including testing, operations, maintenance and decommission. Provide support services that include assisting project personnel in the identification and implementation of appropriate information security controls applicable to their systems, recommending mitigation strategies for vulnerabilities, recommending system exceptions and/or Plan of Action and Milestones, and assisting in the remediation of risk findings identified by Security. Maintain close liaison with ISSM office, with a focus on synthesizing ISSM guidance for streamlined and low-risk implementation for systems. Work with team to write and successfully execute Risk Mitigation Framework (RMF) and Plans of Action and Milestones (POA&Ms) to address cyber security issues and liens Serve as the office representative to relevant Cloud and Security related groups. Engage with C2E: Cloud Services Providers and provide recommendations for integration with customer tools as appropriate. About Elder Research, Inc Elder Research is a fast growing consulting firm specializing in predictive analytics. Being in the data mining business almost 30 years, we pride ourselves in our ability to find creative, cutting edge solutions to real-world problems. We work hard to provide the best value to our clients and allow each person to contribute their ideas and put their skills to use immediately. Our team members are passionate, curious, life-long learners. We value humility, servant-leadership, teamwork, and integrity. We seek to serve our clients and our teammates to the best of our abilities. In keeping with our entrepreneurial spirit, we want candidates who are self-motivated with an innate curiosity and strong team work. Elder Research believes in continuous learning - along with providing time for professional development, each week the entire company attends a Tech Talk . Elder Research provides a supportive work environment with established parental, bereavement, and PTO policies. By prioritizing a healthy work-life balance - with reasonable hours, solid pay, low travel, and extremely flexible time off - Elder Research enables and encourages its employees to serve others and enjoy their lives. Elder Research, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Elder Research is a Government contractor and many positions require US Citizenship.

Join Our Team at T-Rex Solutions: ISSO (Ft. Meade, MD) Are you ready to make a significant impact by supporting critical national security infrastructure? T-Rex Solutions is looking for a highly skilled ISSO to join our dynamic team at Ft. Meade, MD. About the Role In this role, you'll be part of a collaborative team to decompile, design, develop, debug, and test software for enterprise level applications in a Windows and Linux environment. You'll perform requirements analysis to drive requirement specifications and perform design reviews with team members and government stakeholders. Package embedded software products for release to government customers. What You'll Do Provide support for developing, implementing and enforcing information systems security policies, standards, methodologies and documentation. Manage changes to systems and assesses the security impact of those changes. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP). Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave Obtain C&A for ISs under their purview Serve as the Approval Authority for ISs under their control Hardware inventory updates & change log updates, software inventory updates and change log status, work various secure the enterprise (STE) activities Review Xacta notices, complete SEAR audit log records, review and address POAM for IAVAx Coordinate with system owners and system administrators, perform various SSP efforts, review scans & work with system owners & system administrators to address and remediate issues, address computer incident security reports, begin authorization for new systems and reauthorization for legacy systems What We're Looking For Fifteen (15) years' experience or more Bachelor's degree in Computer Science or related discipline from an accredited college or university is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor 's degree. A Master's Degree in a technical discipline combined with a Bachelor's Degree, not in a technical discipline, satisfies the requirement for a Bachelor 's Degree in a technical discipline OR a Master's Degree in a technical discipline substitutes for two (2) years of required experience. DoD 8570 compliance with Information Assurance Management (IAM) Level I or higher is required (ex. CAP, Security+, etc.) Active TS/SCI with an appropriate polygraph is required. Poly must be current within last 4 years. Why T-Rex? Since 1999, T-Rex Solutions has been delivering innovative, data-centric mission services to the Federal government. We specialize in Cloud & Infrastructure Services, Cybersecurity, and Big Data Engineering, and we are looking for top talent to help drive our mission forward. We offer a competitive compensation package that includes salaries (based on experience and qualifications), along with comprehensive benefits such as: Generous Paid Time Off (PTO), available immediately upon hire. Paid parental leave and family-friendly health, vision, and dental plans. 401(k) plan with company match, fully vested after just 60 days. Annual training budget, tuition reimbursement, and professional development opportunities. T-Rex is more than just a job; we are committed to fostering a work culture that supports your personal and professional growth. T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors. In compliance with pay transparency guidelines, the annual base salary range for this position is $125,000.00 - $215,000.00. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.

Solutions 3 LLC is supporting a U.S. Government customer on a large mission critical development and sustainment program to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution. Solutions 3 LLC is seeking an experienced and technically proficient Information Security Manager III to support this critical customer mission by performing investigations to characterize the severity of breaches, developing mitigation plans, and assisting with the restoration of services. This position requires support during assigned shifts, including nights/weekends Eligibility: Must be a US Citizen Must have an active TS/SCI clearance Must be able to obtain DHS Suitability prior to starting employment 5+ years of directly relevant experience in information security Responsibilities Include: Providing support to plan, coordinate, and implement the lab's information security Providing support for facilitating and helping the lab identify its current security infrastructure and defining future programs, design and implementation of security related to lab systems Assisting the efforts of security staff to design, develop, engineer and implement solutions to security requirements Responsible for implementing and developing the DHS IT security Gathering and organizing technical information about the lab's mission goals and needs, existing security products, and ongoing programs Performing risk analyses which also includes risk assessment Providing support to plan, coordinate, and implement the lab's information security Providing support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems Possessing and applying expertise on multiple complex work assignments which are broad in nature, requiring originality and innovation in determining how to accomplish tasks Has the ability to apply a comprehensive knowledge across key tasks and high impact assignments Planning and leading major technology assignments Evaluating performance results and recommending major changes affecting short-term project growth and success Functioning as a technical expert across multiple project assignments Required Skills: Knowledge of Computer Network Defense (CND) policies, procedures, and regulations Knowledge of defense-in-depth principles and network security architecture Knowledge of boundary protection and enclaving Knowledge of authentication and access management technologies Knowledge of several of the following areas is required: Understanding of business security practices and procedures; current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current lab infrastructure technology Ability to serve as an Information System Security Officer (ISSO Must be able to work collaboratively across physical locations Desired Skills: DHS experience Cybersecurity skills including threat hunting Advanced knowledge of RMF framework Experience working ATO's Desired Certifications: CISSO, CISM, CISSP Required Education: BS Information Management, Cybersecurity, Computer Science, or related degree; or HS Diploma and 7+ years information security experience

We are seeking an experienced Systems Security Engineer, you'll directly impact a variety of client mission areas by supporting a Chief Information Security Officer client organization with the development and maintenance of an enterprise-wide Information Security program and assisting with the development of information security policy. You'll apply your vast knowledge to enterprise-wide problems across a myriad of mission areas. The role involves daily senior level engagement with various mission leads and systems owners regarding system security architecture through various technical working groups. This role resides in our Delivery Department and reports to our Program Manager. This position is located onsite in Annapolis Junction, MD with little to no travel requirement. SIXGEN supports cyber and intelligence missions by serving government and commercial organizations as they overcome global cybersecurity challenges. Our highly skilled operators conduct research and assessments based on real-world threats. We simulate adversaries and malicious actors to report details and actionable findings on critical assets and infrastructures. Our program planners advise mission owners to bring rapid solutions to intelligence mission leaders. Using innovative processes, tools, and techniques, we predict and overcome cybersecurity vulnerabilities. Our successes are supported by our diverse team of experienced, technical talent. SIXGEN, Inc. is an Equal Opportunity/Veterans/Disabled Employer. Required Skills and Experience: 8+ years of experience as an ISSO, ISSE, or ISSM Experience with requirements gathering and analysis, and client and stakeholder engagement through working groups and technical exchange meetings Knowledge of Supply Chain Risk Management (SCRM) Knowledge of system or security architecture Ability to work both individually and in a team environment in an Enterprise-level organization TS/SCI w/ Full Scope Poly HS diploma or GED Additional Details Job Location: Annapolis Junction, Maryland Clearance Requirement: TS/SCI w/ polygraph Travel: No travel anticipated Compensation & Benefits Competitive salary Employer-paid health insurance premiums (medical, dental, vision) Employer-paid short/long term disability insurance and basic life/AD&D insurance 401K with a 4% employer contribution Professional development reimbursement options available (training, certification, education, etc) Flexible and remote work policies for most positions Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually 11 paid holidays per calendar year At SIXGEN, we are committed to fair and equitable compensation practices. The anticipated salary range for this role is $163,000 - $179,000 per year, depending on experience and qualifications. This range reflects our compensation philosophy, which takes into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness. In addition to base salary, employees may be eligible for other forms of compensation to include our growth incentive program, incentives and benefits. The final salary offer will be determined after a thorough review of the candidate's background and alignment with the role. Please note that this range is subject to change and should be considered as a guideline rather than a definitive figure. We are committed to fostering an inclusive culture that values diversity in our people, reflecting the communities we serve and our customer base. We strive to attract and retain a diverse talent pool and create an environment where everyone is empowered to be their authentic selves at work. SIXGEN is an Equal Opportunity Employer. We ensure that all applicants are considered for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, projected veteran status, or any other protected group or class.

The Security Engineering team provides engineering and technical security services which improve the security posture of Verisign and its business partners. We develop and promote practices and solutions that protect Verisign, Verisign employees and data. We are hiring a Systems Engineer with a security background. The ideal candidate will bring a depth of experience managing, implementing, and integrating hybrid security tools and has a passion for continuous learning on the latest industry trends and emerging technologies. This role works closely with cross-functional teams, including IT, security, and business units, to drive project success and align technical solutions with business needs. As an Information Security Engineer, you will be responsible for the implementation, management, and support of diverse cyber tools and infrastructure systems. You will lead the setup of Proof of Concepts (PoCs) to evaluate innovative technologies and play a key role in maintaining our security posture through effective Configuration Management and Patch Management practices. This position requires a deep understanding of Information Security principles and the ability to work across multiple teams to achieve project goals. Key Responsibilities: * Lead the implementation and administration and troubleshooting of cybersecurity tools and solutions, ensuring alignment with industry best practices and organizational security policies * Provide advanced technical support for IT infrastructure, including servers, networks, and storage systems, ensuring high availability and performance * Design, set up, and evaluate PoCs to assess the feasibility and effectiveness of modern technologies in enhancing our security and infrastructure capabilities * Oversee the deployment and management of diverse cybersecurity tools, including intrusion detection systems (IDS), firewalls, endpoint protection, and SIEM solutions * Design, implement, optimize, and maintain SIEM solutions to monitor, detect, and respond to security events and incidents * Oversee the deployment and configuration of Tenable VM solutions or equivalent tool, ensuring thorough and accurate scanning across all assets * Analyze vulnerability data to assess risk, prioritize remediation efforts, and provide actionable insights to the IT and security teams * Create and maintain detailed reports and dashboards within Tenable, offering clear visibility into the organization's vulnerability landscape * Design, implement, and manage automated security workflows, playbooks, and response actions using Splunk SOAR (Security Orchestration, Automation, and Response) or equivalent tool REQUIREMENTS: * Bachelor's degree in information technology, Computer Science, or a related field (or equivalent experience) * 8+ years of experience in Security Engineering, Information Security, Infrastructure Support, or a combination of all * Extensive experience developing content, integrating and triaging cybersecurity tools (e.g. Splunk-ES, Tenable, Network Security Solutions, endpoint protection) * Strong background in infrastructure support, including server, network, and storage administration in a Linux and VMWare Environment * Proficiency in setting up and managing Proof of Concepts (PoCs) * In-depth knowledge of Configuration Management and Patch Management practices * Excellent problem-solving abilities, break/fix troubleshooting, effective communication skills, the ability to pick up complex subject matter quickly, and the ability to work independently or as part of a team This position is based in our Reston, VA office and offers a flexible, hybrid work schedule The pay range is $135,800- $183,800. The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job-related knowledge, skills, experience. Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.

Information System Security Officer The Opportunity: Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies and law enforcement. In all of this "cyber noise", how can these organizations understand their risks and how to mitigate them? The answer is you-build your knowledge as an Information Security Risk Specialist who knows how to break down complex threats into manageable plans of action. As an Information Security Risk Specialist on our team, you'll work with engineering and cybersecurity specialists as well as client leadership to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from SMEs and engineers to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, whitepapers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission-critical systems, what tools to use, and how to improve the security of the SOC. This is your opportunity to take an active role in information security while growing your skills by being immersed in the technical aspects of securing the network. Join us as we protect this client's cybersecurity enterprise environment. Join us. The world can't wait. You Have: 5+ years of experience in a cybersecurity role Experience providing operational security guidance and information system validation using the National Institute of Standards and Technology Risk Management Framework and local security policies for application infrastructure Experience with Authority to Operate package development Knowledge of Cloud-based infrastructure and DevSecOps principles and practices Ability to use and operate security tools, including Tenable Nessus, SecurityCenter, IBM Guardium, HP WebInspect, or Network Mapper Top Secret clearance HS diploma or GED and 11+ years of experience with Information Technology, or Bachelor's degree and 5+ years of experience with Information Technology Nice If You Have: Knowledge of security controls and monitoring in container-based environments Knowledge of Cloud-based networking TS/SCI clearance with a polygraph Bachelor's degree in Science, Technology, Engineering, or Mathematics Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $75,600.00 to $172,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law. DRE1RequiredPreferredJob Industries Other

Center 1 (19052), United States of America, McLean, VirginiaDirector, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to lean into solutions or know when to pull in additional experts and or escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like generative AI security, cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOps, micro-segmentation, Customer Servicing platforms and technologies, PCI and other business and regulatory cybersecurity compliance frameworks. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Develop and communicate a technology first, risk-based and data-driven strategy and roadmap for our generative AI security Act as a central point of contact for your line of business to the rest of Capital One's Information Security and Risk Management Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Platform Security, Application Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, architecture solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Partner with enterprise cyber, tech and product security teams to provide technical and cybersecurity architectural leadership, where necessary to drive innovative solutions that help improve security Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: Bachelor's Degree At least 5 years of people leadership experience At least 7 years of experience in cybersecurity or information technology At least 5 years of experience performing security risk assessments and security architecture reviews Preferred Qualifications: 7+ years experience providing guidance and oversight of security concepts Master's Degree in Computer Science, Information Systems, or Engineering 5+ years experience in securing Generative AI platforms and applications 5+ years experience building software utilizing public cloud (AWS, GCP, Azure) 5+ years experience with cloud security strategy, architecture and engineering 2+ years experience securing customer servicing agents platforms 2+ years experience with Agile methodologies 2+ years experience with Application Security, Threat Modeling, Penetration Testing or Vulnerability Management 3+ years experience integrating SaaS products into an Enterprise Environment 2+ years experience with securing container services 2+ years of financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) 2+ years experience in Offensive or Defensive Security techniques 3+ years experience in cybersecurity, privacy, or technology industry standards (ISO 27001/27002, NIST CSF and 800 series, GLBA, GDPR, FFIEC, or PCI-DSS) At this time, Capital One will not sponsor a new applicant for employment authorization for this position. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).