Auto-apply to these information technology jobs

Telophase Corporation is seeking a motivated, career and customer-oriented senior Information Systems Security Officer (ISSO) to join our team. The ISSO shall ensure the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) in preparation for NIST RMF and 800-53 based independent security assessments and provide strong leadership in the development of a cyber security validation program for mission systems. Responsibilities: Support adoption and implementation of NIST-based standards across the organization in support of multiple mission system authorization boundaries including Cloud-based workloads Support all steps of NIST RMF with strong background in NIST SP 800-53 Revision 5 and 800-53A Participate in the selection of the organization's common security controls and in determining their suitability for use in the information system Review the 800-53 security and privacy controls regarding their adequacy in protecting the planned or operational information system Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization(A&A) packages, and support system authorization activities Implement and enforcing organizational information systems security policies, standards, and methodologies Evaluate security solutions to ensure they meet security requirements for processing unclassified/classified information; perform vulnerability/risk assessment analysis to support certification and accreditation. Red Team operations background such as penetration testing is bonus. Manage changes to the information system and assess the security impact of those changes. Required Skills & Experience: Education: Bachelor's or higher in computer science/ technical discipline preferred or equivalent work experience Years of related experience: 8+ years of experience is required as an ISSO/ ISSM including experience implementing, and enforcing information systems security policies, standards, and methodologies; creating security plans, policies & procedures, SSPs, and Risk Assessment Reports Technical Skills: FISMA, FedRAMP, NIST RMF (Risk Management Framework), NIST 800-53 Revision 5 controls, and strong understanding Security Control Assessment (SCA) processes. Good understanding of Windows and Linux operating systems and architecture. Good knowledge of public cloud providers such as Azure, AWS, and GCP highly desirable Experience with applications for Amazon AWS, Microsoft Azure, GCP or other cloud platforms for large-scale, multi-tenant, SaaS systems highly desirable Experience with security assessments of AWS/Azure/GCP environments preferred Experience with AWS/Azure/GCP service offerings preferred Skills and ideally certifications in public cloud providers (AWS, Azure, GCP) highly desirable Cloud Security experience (AWS/Azure/GCP), including both IaaS and PaaS models preferred Hands-on experience with public cloud services (AWS, Azure, GCP) preferred Hands-on experience in PaaS, SaaS, CI/CD, Docker, Jenkins, Puppet Chef, Ansible, Kubernetes preferred Strong understanding of and experience in AWS / Azure / GCP cloud architecture Experience developing applications for Microsoft Azure, Amazon AWS, Google or other cloud platforms for large-scale, multi-tenant, SaaS systems a bonus Clearance: Must have or be able to attain Public Trust or higher Desired Skills & Experience: Certifications: Cybersecurity certifications, such as CISSP, CISA, CISM, CISA, CEH, GCIH, GCIA, GCFA, GCFE, CDMP, OSCP, OSCE, CDP-DG or similar Work Type: Onsite location on a regular basis with some hybrid telework options. Note for staffing agencies: We are not accepting unsolicited resumes for this position. All inquiries must go through the Telophase team As an Equal Opportunity Employer, it is Telophase’s policy to recruit, hire, and provide opportunities for advancement in all job classifications without regard to race, color, religion, sex, national origin, age, citizenship, marital status, sexual preference, parental status, or disability.   Powered by JazzHR

Job Overview: We are seeking a qualified Information Systems Auditor to conduct a focused audit of our accounting servers and data backup infrastructure. This role will assess the effectiveness, reliability, and security of our current data backup and recovery processes, ensuring they comply with best practices and support business continuity objectives. The audit will specifically evaluate the backup strategies for our accounting systems, including their implementation, scheduling, monitoring, testing, and restoration capabilities. Key Responsibilities: Conduct a comprehensive audit of the current backup methods and policies for all Accounting-related servers and data repositories. Evaluate existing infrastructure, software, and tools used for backup and recovery, including offsite/cloud-based solutions. Assess the consistency, frequency, and completeness of backup processes, including full, incremental, and differential strategies. Test and validate data restoration procedures at various levels (file, database, server image, and full disaster recovery scenarios). Identify gaps or risks in backup integrity, scheduling, encryption, and retention policies. Review user access and security protocols related to backup data and restoration tools. Document all findings and provide actionable recommendations to improve backup reliability, security, and compliance. Collaborate with IT staff and third-party vendors (if applicable) to validate systems, access logs, and restoration capabilities. Produce a final audit report including an executive summary, technical findings, remediation priorities, and proposed action plan. Qualifications: Bachelor’s degree in Information Systems, Cybersecurity, Computer Science, Accounting Information Systems, or related field. 5+ years of experience in IT audit, systems administration, or cybersecurity with direct involvement in data backup and recovery. Strong understanding of accounting system infrastructures (e.g., Microsoft Dynamics GP). Familiarity with backup solutions (e.g., Datto,  AWS backup) and cloud/offsite backup best practices. Experience with risk assessments and business continuity planning. Certifications such as CISA, CISSP, or CRISC are highly desirable. Strong communication skills, including report writing and presenting findings to senior leadership. Powered by JazzHR

At Veracity, we aim to be a different kind of insurance partner – one that is free from outside investors, venture capital, or the pressures of a corporate parent. Ours is a culture of empowerment – one that believes in effort, results, and accountability. We believe that transparency fosters trust, trust fosters growth, and that growth drives innovation. Our commitment to rigorous evaluation and relentless execution lead to rapid evolution. We answer only to the small business owners we serve, and this independence allows us to stay focused on what matters most: helping their businesses thrive by providing expert guidance and best-in-class insurance policies. We’re growing fast and want you to be a part of it! We’re seeking a talented, detail-oriented Information Security and Compliance Analyst to join our team. Reporting to the Technical Operations and Information Security Manager, this role is responsible for supporting the organization’s cybersecurity posture by maintaining and enhancing security policies, controls, and monitoring systems, and ensuring compliance with frameworks such as SOC 2 and PCI DSS to protect company and client data. Key Responsibilities Strengthen the organization’s cybersecurity posture by implementing, maintaining, and improving security policies, standards, and technical controls Monitor security tools and system activity to identify, investigate, and escalate potential threats or vulnerabilities Support vulnerability management, including performing scans, tracking remediation, and validating fixes Maintain accurate, audit-ready documentation and coordinate evidence collection for SOC 2, PCI DSS, and other compliance frameworks Support incident response processes, including triage, documentation, and post-incident follow-up Assist with user access reviews, control testing, risk assessments, and security awareness efforts Collaborate with IT, Engineering, and Compliance teams on secure configurations, remediation plans, and cross-functional security initiatives Participate in routine policy, procedure, and control reviews to ensure alignment with regulatory requirements and security best practices Maintain detailed logs and reports of security activities, metrics, and compliance obligations Identify opportunities to strengthen controls, streamline processes, and enhance overall security program maturity Required to perform other duties as requested, directed, or assigned Requirements and Qualifications Bachelor’s degree in information systems, IT, Cybersecurity, or a related field 2–3 years of experience in security compliance, auditing, or governance (SOC 2 experience preferred) Strong integrity, attention to detail, and accountability in handling sensitive or regulated information Proactive problem-solving skills with the ability to anticipate and address risks effectively Strong collaboration and communication skills with experience working across technical and compliance teams Ability to remain composed and effective under pressure, including during audits and security incident Perks Health, dental, and vision plans Amazing work-life balance with 4 weeks of Paid Time Off 10 Paid Company Holidays with 2 floating holidays 401K Programs with employer match Personal assistance programs for support in a healthy personal and work life Why Veracity? Here at Veracity, you’ll be part of a team of trailblazers and visionaries. We’re not just revolutionizing the way people “do” insurance; we are creating a whole new paradigm. Here, you will experience a vibrant and inclusive workplace where your ideas matter! With us, you have a chance to: Engage in groundbreaking projects that are reshaping the insurance landscape Collaborate with a group of dedicated, like-minded professionals Experience a culture that prioritizes growth and development Compensation Range: $75k/yr - $85k/yr We are proud to be an equal-opportunity employer. We are committed to providing equal opportunities to all qualified applicants, regardless of race, color, religion, sex, national origin, disability, or any other legally protected characteristics. If you need accommodation, please let us know during the interview process. Powered by JazzHR

Information System Security Officer Kegman Inc. is a Woman-Owned/Service-Disabled Veteran-Owned Small Business headquartered in Melbourne FL that provides engineering and technical support services to U.S. Government clients. We are seeking an Information System Security Officer (ISSO) to join our team at Patrick Space Force Base in Melbourne, FL. NOTE: This is not a remote/telework job. This job requires the selected applicant to have an active U.S. Government-issued security clearance at time of hire and, therefore, requires U.S. citizenship. The ISSO will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program. This position will document, implement, and assess security controls to perform system monitoring and compliance assessment activities. In addition, this ISSO will provide Risk Management Framework (RMF) support. Responsibilities Work as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO’s) using Microsoft products such as Word, Excel, PowerPoint, and Visio. Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals. Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities. Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the ISSM when changes occur that might impact system authorization posture. Support the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones. Coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment. Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M). Ensure integration of cybersecurity into, and throughout the lifecycle of the IT, on behalf of the ISSM and ISO. Ensure the development and implementation of an effective information security education, training, and awareness program. Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification. Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides). Reports security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling. Basic Qualifications Experience working in information assurance or cybersecurity roles supporting classified DoD environments Working knowledge of NIST 800-53 controls and RMF Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker) Preferred Qualifications Strong interpersonal and written/oral communication skills to coordinate with program/site leads as well as government staff and mission partners Experience working on/with Government contracts Detail-oriented team member who can consistently meet deadlines and is able to work independently as needed Able to multi-task and work with a diverse work group of vendors, executive managers, subcontractors, consultants, and other professionals. Education Bachelor’s degree in Cybersecurity or other related field and 3+ years of experience, or Master’s degree Or DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred) OTHER: U.S. citizenship required. Must pass a pre-employment drug test. Must have a fully adjudicated (not an interim) U.S. Government-issued security clearance at time of hire. Kegman Inc. is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. Kegman will abide by the requirements of 41 CFR 60741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. Please be aware many of our positions require an active security clearance. Security clearances are be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment that requires a security clearance will be subject to government security investigation(s) and must meet and maintain eligibility requirements for access to classified information. By submitting your résumé for this position, you understand and agree that Kegman may share your résumé, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions. Kegman maintains a drug-free workplace and performs pre-employment substance abuse testing where permitted by law. Powered by JazzHR

Location: Remote Clearance Required: Public Trust (Minimum Background Investigation – MBI) Employment Type: Full-Time Overview Lucayan Technology Solutions is seeking an experienced Lead Systems Information Engineer to support and lead the technical team responsible for the IRS Microsoft 365 (M365) Cloud Suite platform. The ideal candidate will bring deep expertise in Microsoft cloud technologies, strong leadership capabilities, and experience working within federal government environments requiring strict compliance, privacy, and security controls. Key Responsibilities Lead, manage, and support the technical operations of the IRS Microsoft 365 Cloud Suite environment. Perform system administration, maintenance, integration, troubleshooting, and optimization of M365 services. Oversee implementation and support of Power Platform, including PowerApps, Power BI, and Flow. Conduct security and privacy analysis in alignment with IRS and federal standards. Develop and maintain project documentation, including technical policies, procedures, and system configurations. Serve as the primary technical liaison, collaborating with internal teams, stakeholders, and IRS SMEs to ensure deliverables meet compliance requirements. Provide technical guidance and mentorship to team members. Quickly adapt to IRS-specific processes, security requirements, and compliance frameworks. Required Qualifications Minimum 5 years of experience supporting Microsoft 365 Cloud Suite in a large corporate or government environment. Experience supporting federal government clients or similar high-security environments (IRS experience is a plus). Expertise with Microsoft Power Platform (PowerApps, Power BI, Flow). Strong .NET development skills (C#, ASP.NET MVC, Entity Framework, JavaScript, HTML, CSS). Proficiency in PowerShell scripting for automation and administration. Experience with Exchange, Intune, Azure AD , and other Azure ecosystem tools. Experience with SharePoint Administration and PowerApps model-driven development. Excellent communication, problem-solving, and leadership skills. Security Clearance & Training Requirements Must have or be able to obtain a Public Trust (MBI) clearance. Must complete all IRS-required security, privacy, and compliance training. Preferred Qualifications Prior IRS support experience or familiarity with IRS modernization initiatives. Working knowledge of federal compliance frameworks (NIST, FISMA, Zero Trust, TIC). Microsoft certifications such as: M365 Enterprise Administrator Expert Power Platform Developer / Administrator Azure Administrator or Solutions Architect Experience leading remote technical teams. Work Environment Fully remote position with virtual collaboration across distributed teams. Fast-paced, compliance-driven environment supporting federal agencies. May require occasional off-hours support for maintenance or urgent system needs. Powered by JazzHR

What You Will Do At Independent Software, we are committed to building secure, mission-driven technology that protects what matters most. As an Information System Security Manager, you will provide expert-level oversight of security operations across complex systems and programs. You will help design, implement, and enforce information security policies that align with organizational goals and regulatory requirements. Your leadership will ensure systems remain secure throughout their lifecycle—from concept through retirement—while collaborating closely with engineers, program managers, and cybersecurity personnel.This role offers the opportunity to shape enterprise cybersecurity practices, lead high-impact security initiatives, and mentor the next generation of security professionals. You will be a key contributor to programs that support critical national priorities Key Responsibilities: Provide management support for the development, coordination, and enforcement of enterprise information assurance programs Oversee the operational security posture for assigned information systems or programs Lead the development and enforcement of system security policies, standards, and procedures Perform risk and vulnerability assessments to support security authorization decisions Provide day-to-day security operations support and oversight for ISSEs and ISSOs Manage and assess the security impact of changes to hardware, software, and firmware Review and manage documentation including System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation packages, and System Requirements Traceability Matrices (SRTMs) Analyze user needs to determine functional and cross-functional security requirements Gather and organize technical information relevant to organizational goals and security posture Facilitate issue resolution through Technical Exchange Meetings and integrated product teams Collaborate with engineering staff to ensure secure systems integration throughout the development lifecycle Serve as the program’s designated ISSM and provide daily oversight to ISSOs Advise and support Program Managers on cybersecurity strategy and program execution Enable the design and implementation of secure IT systems for future enterprise environments Required Skills and Qualifications: Twelve years of professional experience in the field of security authorization Demonstrated experience with current security tools, hardware and software security implementation, communication protocols, and encryption technologies Knowledge of commercial security products, risk management practices, security incident management, and PKI and authorization services Experience developing and managing system security documentation and artifacts Proven ability to manage security across multi-system environments, including secure collaboration with engineering, operations, and leadership teams Strong communication and leadership skills to interact with both technical teams and executive stakeholders Education and Experience: Bachelor’s degree in Computer Science, Cybersecurity, IT Engineering, or a related field from an accredited college or university In lieu of a degree, four additional years of relevant work experience may be substituted Certifications: Compliance with DoD 8570.01-M Minimum certification required: IAM Level II (e.g., CISSP, CAP, CISM) Clearance Requirement: Must possess an active TS/SCI with appropriate Polygraph to be considered for this role This position is contingent on contract award We’re an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Powered by JazzHR

Join our team at IDS Technology as an Information Warfare Exercise Design Specialist and immerse yourself in cutting-edge military exercises focused on Special Operations in the Information Environment. As a leader, you'll use your expertise to bring digital information to life, simulating a near-peer contested information environment to provide warfighters with real-life training. You'll work with US Military and other organizations to develop, plan, and coordinate scenarios, providing instruction, coaching, and subject matter expertise in the human domain and computer and network troubleshooting. With opportunities to travel to exercise sites and provide remote support, this role offers a dynamic and exciting environment to hone your skills and make a meaningful impact. Apply your knowledge of relevant technologies and expertise in SOF, Cyber, PSYOP, Intel, SPACE and Civil Affairs to this unique challenge. Embrace the chance to push the boundaries of Information Advantage, developing innovative solutions and advancing the field. Join us at IDS, where we believe in resolving conflict through innovative approaches and technical solutions.  Why IDS?   IDS believes in resolving conflict and building innovative approaches to do so. Combining operational expertise with an intimate understanding of today’s greatest challenges to bring our customers the technical solutions required for success in a complex and multi-domain world.   Synthetic Internet for Training and Exercises (SITE), a proprietary product of IDS Technology Government Services, is a digital training solution that provides a full-range, free-play, immersive, realistic, and scalable simulated Information Advantage environment where warfighters simultaneously train on full-spectrum cyberspace, Electronic Warfare, and social media analytics during integrated and multi-domain exercises.  Responsibilities:  Become the Subject Matter Expert on the SITE platform.  Maintain current knowledge of relevant technologies and subject areas.  Display subject matter expertise in SOF, Cyber, PSYOP, Intel, or Civil Affairs and its relevance to Multi-Domain Operations and/and Operations in the Information Environment.  Work with our technical team to learn how to build and design websites within SITE that enrich an exercise scenario’s Operational Environment.  Travel to exercise locations as required. Travel and accommodation to/at training locations are provided for the assignment period (typically 1-4 weeks).  Computer and networking troubleshooting with customers, including server connection diagnosis, token authentication errors, and basic user support. Be able to communicate issues to the remote Technical Support Team and Software Developers and manage troubleshooting ticketing from identification to resolution.   Perform research on various social media platforms; develop and incorporate replicated platforms and associated input/outputs into scenario planning, execution, and assessment.  Demonstrate that you know the problems clients are facing in the innovation and growth of Information Advantage with real examples from your experience. Convince customers that there are challenges they may not yet have identified (or at least understood could be solved)   Identify which of our use cases match the client’s pain points, enabling the customer to help compile a list of requirements, capabilities, MOP/MOEs, and improve their experience with SITE.  Surface new product development opportunities and/or issues with current solution & own feedback loop to the product team and roadmap   Monitor KPIs and ARR growth. Prepare reports, briefs, and documents to support event scenario development.  Oversee OPFOR (red) and population (grey) activity on social media and civilian internet activity, ensuring MSEL/scenario development is accurately portrayed online.  Demonstrate a strong understanding of layered effects between Kinetic Operations, Information Operations, Full-spectrum Cyberspace Operations, Electronic Warfare, SIGINT, SPACE, and MILDEC.  Understand and demonstrate the TTPs and concepts of social media weaponization.  Define and develop innovative Information Advantage capabilities that integrate advanced analytics and concepts of operation into the exercise scenario.  Plan and create visual information products that communicate assigned information objectives and illustrate assigned messages to inform OPSGRP and the training audience.  Gather open-source and controlled intelligence to develop a predictive understanding of adversarial strategies, priorities, and overlapping interests.  Plan, develop, and disseminate digital information content into the rotational scenario in a closed internet environment, such as tweets, blogs, news articles, propaganda, Facebook profiles, images, and videos.  Develop and publish Open-Source Enterprise style Daily Social Media Alerts to be used by training units and exercise control groups for scenario development and inclusion in AARs to demonstrate the tangible confluence of the physical and digital environments.  Establish a community and facilitate interaction to identify opportunities for collaboration and sharing.  Create presentations and marketing material to articulate the program.  Required Qualifications:  Active Top-Secret clearance. Those with “SECRET” clearance will be reviewed on a case-by-case basis  Ability to travel up to 50%  Familiarity with Direct Action, Counterterrorism, Unconventional Warfare, Foreign Internal Defense, Psychological Operations, Civil Affairs, Multi-Media Production, and Special Operations Forces.  Experience working with tactical to enterprise-scale clients, especially within USASOC.  Familiarity with exercise planning and management   Preferred Qualifications:  Degree from an accredited college; preferred degree in Computer Science or Information Technology  CompTIA Network+  CompTIA Sec+  Eight (8) years demonstrated experience in an intelligence discipline, civil affairs, ODA, Joint SOF, or psychological operations working in the DoD or IC, or six (6) years demonstrated experience working in a field related to OSINT research, J39X, non-standard communications, cyberspace operations, collection management, or analysis or the exploitation of publicly available information or social media.  Demonstrated working knowledge of computer networking, including Local Area Networks (LAN) and Cloud Networks  Special Operations Forces experience in both intelligence and operations  Computer Skills:  Advanced knowledge of Microsoft Office tools (Word, Excel, and PowerPoint).  Working knowledge of WordPress, VPNs, and HTML  Physical Demands:  Employee must be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require the ability to work on a desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries, and/or reports in written format. Must be able to communicate effectively with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 40 pounds. Regular and predictable attendance is essential.  Must be an effective communicator both verbally and in writing. Most positions require the ability to work on a desktop or laptop computer for extended periods of time. Computer activities include reading, reviewing, and analyzing information and providing recommendations, summaries, and reports in written or verbal format. Additionally, positions require the ability to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; as well as speak and hear.  Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds, but may vary depending on the position. Regular and predictable attendance is essential. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status, and any other characteristic protected by federal, state, and local law. If you are unable to apply through the portal and need to speak to someone about necessary accommodations to apply, please email accommodation@idsinternational.com and we will follow up with you. Do not submit resumes and applications through this email. Powered by JazzHR

📍 Chantilly, VA | 🕒 Full-Time | 🔒 TS/SCI with Polygraph | Onsite Join Our Mission Lucayan Technology LLC is looking for an Information Systems Security Engineer (ISSE) with Space Systems experience to join our growing cybersecurity team in Chantilly, VA. In this role, you will be instrumental in safeguarding mission-critical systems, applying your expertise in ICD 503 compliance, secure systems design, and information assurance engineering. What You’ll Do Conduct information system security engineering throughout the lifecycle, from acquisition to operations. Integrate security requirements into system design and development using systems engineering methodologies. Collaborate with government stakeholders to ensure compliance with ICD 503 certification and accreditation. Provide hands-on expertise with networks, virtualization platforms, and enterprise operating systems. Lead or support technical activities in system integration, configuration management, and testing . Participate in space system security requirement reviews, working groups, and national-level security councils. Prepare and maintain security documentation, including System Security Plans (SSPs), CONOPS, POA&Ms, and configuration management plans . Qualifications Required: Active TS/SCI with Polygraph . Bachelor’s degree in Computer Science, Engineering, or related discipline. 8+ years of experience in information assurance and systems security engineering. Hands-on experience with operating systems (Windows, Linux, Unix, macOS) and virtualization (VMware, Xen, Hyper-V). Demonstrated knowledge of ICD 503 and security accreditation processes. Space systems security engineering experience. One of the following baseline certifications: CISSP, CISM, GCLP, CCSP . Preferred: Master’s degree in Computer Science, Cybersecurity, or related field. Experience with NIST Risk Management Framework (RMF) and continuous monitoring practices. Strong technical project management and leadership experience. Why You Should Join Lucayan At Lucayan Technology LLC, we specialize in cybersecurity, engineering, and program support for mission-critical federal and defense programs. Our engineers play a direct role in protecting national security systems, including space-based platforms and networks . By joining Lucayan, you’ll gain: The opportunity to contribute to high-impact national security missions . A collaborative environment working alongside government and industry experts. Professional growth through training, certifications, and advancement opportunities. A company culture built on integrity, mission-focus, and technical excellence . 👉 Apply today and help us secure the future of national defense and space systems! Powered by JazzHR

📍 Chantilly, Virginia | 🕒 Full-Time | 🔒 TS/SCI with Polygraph | Onsite Overview Lucayan Technology LLC is seeking a Cyber Defense IASAE Level II to join our growing team in Chantilly, VA. This role is focused on designing and securing information system architectures for a mission-critical Intelligence Community program. As part of Lucayan’s cybersecurity engineering team, you will play a key role in protecting networks, applications, and systems by applying ICD 503 standards, DoD IA policies , and best practices in cybersecurity architecture. What You’ll Do Design and secure end-to-end information system architectures . Engineer security solutions across networks, applications, and databases. Implement defense-in-depth strategies, including firewalls, VPNs, IDS/IPS, antivirus, switches, routers, and boundary protection . Support system development through ICD 503 certification and accreditation processes. Collaborate with government stakeholders to ensure compliance with NIST and NRO security policies . Integrate security engineering into all phases of the system lifecycle. Do you have what it takes? Requirements: Active TS/SCI with Polygraph . Bachelor’s degree in Computer Engineering, Cybersecurity, INFOSEC, Information Management, or Computer Science. 5+ years of IASAE experience. One of the following certifications: CASP, CSSLP, or CISSP (Associate). Preferred: Experience supporting senior government managers on IA issues. Familiarity with NRO policies and Risk Management Framework (RMF) . End-to-end system security engineering and integration experience. About Lucayan Technology LLC At Lucayan Technology LLC, we deliver mission-focused cybersecurity, engineering, and program management solutions to the Department of Defense and Intelligence Community . Our teams are trusted to safeguard some of the nation’s most sensitive systems, from enterprise networks to space-based platforms. By joining Lucayan, you’ll contribute directly to national security , work in a collaborative environment , and gain access to professional development opportunities that support your career growth. 👉 Apply today to become part of Lucayan’s expert cybersecurity engineering team and help us secure the future of national defense systems. Powered by JazzHR

Summit Federal Services, LLC (SFS) with headquarters in Oakland, Maryland, is a fast growing woman owned Small Business and HUBZone company with an outstanding record of performance providing more effective and efficient acquisition, business process, training, IT, administrative and security services to multiple federal agencies. SFS/Merito is looking for a Information Systems Security Manager to spearhead their client organizations information security program.  The ISSM will lead the development and implementation of security measures, ensuring compliance with industry regulations, frameworks, and company policies. The ideal candidate will bring expertise in cybersecurity, risk management, and information systems security compliance to protect the organization’s critical assets Location: Winston-Salem, NC, hybrid  (Remote for first 5 months then reports onsite) Job Type:  Contract Reports To:  Corporate Compliance Manager & Facility Security Officer Pay : Based on experience Key Responsibilities: •    Lead the establishment and maintenance of classified networks and operating systems. •    Develop and maintain technical documentation and security policies for IT equipment within open storage areas. •    Determine technical Information Assurance (IA) requirements and conduct cyber risk assessments, including vulnerability analysis and implementation of mitigation solutions in alignment with RMF standards. •    Author and manage security documentation for system authorization, continuous monitoring, and information systems lifecycle management (e.g., Authorization to Operate (ATO), System Security Plan (SSP), Plans of Action and Milestones (POAM). •    Provide guidance and technical expertise in the creation of solutions for complex security problems, requiring deep knowledge of systems security. •    Ensure that security controls are implemented effectively and continuously throughout the information systems lifecycle. •    Utilize cybersecurity tools to provide ongoing security monitoring for infrastructure in accordance with Department of Defense (DoD) requirements. •    Perform system audits, vulnerability risk assessments, and investigations into security incidents or violations related to information assurance. •    Conduct regular training and awareness programs on cybersecurity best practices and risk mitigation strategies for all system users. •    Other duties as required. Basic Qualifications: •    U.S. Citizenship. •    Active Secret Clearance. •    Prior experience as an ISSM or ISSO, with strong familiarity in establishing classified networks and information systems. •    Experience as a COMSEC Custodian and in handling security controls for classified information systems. •    Proficiency in cybersecurity frameworks and risk management practices, including the Risk Management Framework (RMF) and DoD compliance requirements. Preferred Qualifications: •    Relevant certifications such as CISSP, CISM, or Security+ •    Familiarity with cybersecurity tools, auditing processes, and incident response frameworks.   Summit Federal Services, LLC is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. Summit Federal Services, LLC also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. Powered by JazzHR

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age. The ISSO plays a critical role in ensuring security compliance, system resilience, and secure modernization of infrastructure and applications. This position requires deep technical expertise in systems engineering, cloud computing, and artificial intelligence (AI) technologies, combined with extensive governance, risk and compliance experience. RESPONSIBILITIES: Provide cybersecurity oversight for major customer applications and general support systems. Apply ISSO expertise across hybrid enterprise environments, including cloud-native platforms (AWS, Azure, Google Cloud Platform), containerized workloads, and virtualized infrastructure. Integrate AI/ML-driven security tools (threat detection, anomaly detection, behavioral analytics, predictive risk modeling) into security operations and compliance frameworks. Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as: Standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment, E-Authentication Determination, Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), Risk Assessment Plan, System Security Plan (SSP) and Configuration Management Plan and Section 508 of the Rehabilitation Act Plan Plan of Action & Milestones (POA&Ms) Policy waiver and Risk Acceptance request Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures NIST SP 800-37, Rev 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, DHS 4300A Policy and Handbook, CBP Information Systems Security Policies and Procedures Handbook (HB 1400-05D), and internal CBP (i.e., Office of Information Technology, Security Operations Division, etc.) security policies and practices Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones, (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool in use to implement and manage the NIST Risk Management Framework. Complete all activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform all required actions to maintain system authorization under OA once the system is admitted to the Program Assist the Government with the reporting and management of system level security violations and incidents and technical security evaluation of threats and vulnerabilities involving new/enhanced technology. Provide oversight to vulnerability scanning processes and procedures and security patch management/flaw remediation processes and procedures. Assist with the development of cyber security SOPs, playbooks, work instructions, and other procedures and processes to mature cyber security capabilities with consideration for cloud security architectures and AI-enabled systems. Ensure cloud-based systems and AI applications align with Zero Trust principles and customer policy. Lead technical security evaluations of threats, vulnerabilities, and risks specific to cloud workloads and AI-driven technologies. Support the development of cybersecurity SOPs, playbooks, and AI/automation-enhanced workflows to mature SOC capabilities. QUALIFICATIONS: Must be a US Citizen. Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline (Master’s preferred). 8–12 years of IT/cybersecurity experience (or 6+ years with a Master’s). 5+ years as an ISSO supporting major federal information systems/applications. Strong systems engineering foundation with proven cloud computing expertise (AWS, Azure, GCP, or equivalent). Hands-on experience with AI/ML tools for cybersecurity, such as anomaly detection, automated risk scoring, or AI-driven SOC platforms. Working knowledge of auditing security controls, risk management, and compliance reporting. Superior writing, communication, and critical analysis skills. Deep understanding of Information Assurance, Information Management, and NIST Risk Management Framework (RMF). PREFERED QUALIFICATIONS: ISC2 Certified Information Systems Security Professional (CISSP) ISC2 Certified in Governance, Risk and Compliance (CGRC) ISACA Certified Information Security Manager (CISM) CompTIA Certified Advanced Security Practitioner (CASP+) Cloud certifications (AWS Certified Security, Azure Security Engineer Associate, Google Professional Cloud Security Engineer). Experience designing/assessing AI governance frameworks, bias/risk mitigation, and secure AI model deployment. TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States. “TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.” Powered by JazzHR

About us: Gen3 Technology Consulting is an SBA-certified Woman-Owned Small Business (WOSB) providing a diverse set of technology services and solutions to federal and commercial clients. Founded in 2017, Gen3 leverages over 25 years of information technology management and leadership experience to help our clients define, plan, manage, and achieve their strategic vision while protecting their critical IT assets. We attract and retain the highest caliber of talent by supporting an inclusive work environment, cultivating growth and leadership both professionally and personally, and encouraging work-life balance. We strive to make it our priority to be compassionate, family-friendly, respectful, and flexible. About the role: Gen3 seeks an Information Security Analyst to provide advanced cybersecurity analysis supporting Cybersecurity Information Protection Enhancement (CIPEC) program operations, data inventory and tagging policy testing, security assessments, monitoring, and compliance activities. Location: Remote, US Key Responsibilities: Conduct security assessments, Annual Security Compliance Assessments support, risk reviews, and compliance validation. Analyze Data Inventory and Tagging alerts, data movement events, exfiltration patterns, and incident response workflows. Assist with data labeling, sensitivity tagging, and audit trail improvements. Support the development of training, communications, guidance, procedures, and governance documents. Conduct data-flow analysis, document findings, and provide recommendations for improved protection s. Minimum Qualifications: Bachelor of science or engineering in computer science, and/or related fields. 7–10 years cybersecurity analysis experience. At least one of the following certifications or similar: CompTIA Security+, CISSP, CISM, CEH, CISA, or CISM. Familiarity with data loss prevention, data inventory and tagging, SIEM, encryption, identity and access management, and cloud security. Strong skills in documentation, incident analysis, and security operations. *Pending Award What's In It for You (full-time Gen3 employees): Competitive compensation. Comprehensive health, vision, and dental benefits. Generous PTO and 11 days of paid Federal Holidays. $3k annual tuition reimbursement. 401(k) with a matching plan. Pet insurance. Life and AD&D insurance. Short-term and Long-term disability insurance. Employment Eligibility: Eligible to work for any employer in the United States without requiring sponsorship. Most of our positions require a government security clearance, you must be a US Citizen or Green Card holder for consideration. Certain positions require at least three (3) of the past five (5) years of residence in the United States. Other Requirements: A minimum of three (3) out of the past five (5) years of residency in the United States is mandatory. Candidates must possess either an active green card or citizenship. Prospective employees offered a position must have work authorization that does not necessitate employer-sponsored visa sponsorship, both presently and in the future. Those selected for this role may undergo a government security investigation and must meet the eligibility criteria for accessing classified information or be eligible for security clearances. Location: Gen3 is currently focusing its hiring efforts in these states: Alabama, Arizona, Colorado, DC, Florida, Georgia, Kentucky, Maryland, Missouri, North Carolina, New Jersey, New York, Ohio, Oklahoma, Oregon, Pennsylvania, Texas, Virginia, and Wisconsin. Veteran and HubZone-friendly employer. E-Verify Employer. EOE Statement: Gen3 is an equal opportunity employer. We adhere to all federal regulations and ensure that our hiring practices are based solely on merit. We do not discriminate against any applicant based on race, color, sex, sexual orientation, gender identity, religion, national origin, disability, or veteran status. All qualified applicants will receive consideration for employment. Accommodation: Please contact the recruiting team at recruiting@gen3technology.com if you would like to request a reasonable accommodation during the application or interviewing process. Powered by JazzHR

Business Technology Integrators (BTI) is a Service-Disabled Veteran-Owned Small Business (SDVOSB) with more than 25 years of experience delivering innovative IT solutions to the Federal Government. We specialize in supporting mission-critical programs across defense and federal agencies, with a focus on cybersecurity, program management, and enterprise IT solutions. Position Overview BTI is seeking an experienced Information Systems Security Officer (ISSO) to support the DISA TIBI program. The ISSO will ensure that all information systems meet security requirements and remain compliant with Department of Defense (DoD) and Federal security standards. This role requires hands-on expertise with security frameworks, risk management, and compliance, as well as the ability to work closely with technical teams and government stakeholders. Key Responsibilities Serve as the Information Systems Security Officer (ISSO) for the DISA TIBI program. Ensure compliance with all applicable DoD cybersecurity policies, including RMF (Risk Management Framework). Support accreditation and authorization processes for information systems in accordance with DoD and federal requirements. Develop, update, and maintain security documentation (System Security Plans, POA&Ms, risk assessments, etc.). Monitor information systems for security vulnerabilities and implement appropriate mitigations. Coordinate with Government security officials, system owners, and program leadership to ensure security controls are in place and effective. Provide guidance, assistance, and training on security requirements to technical teams and junior staff. Participate in audits, inspections, and continuous monitoring activities. Required Qualifications Active Secret Clearance (minimum, required). Minimum of 8 years of demonstrated experience as an ISSO supporting a U.S. Government Agency or Department of Defense (DoD). Active CompTIA Security+ certification (must be documented and current). Proven knowledge of DoD cybersecurity requirements, policies, and frameworks (e.g., RMF, NIST, STIGs). Strong communication and collaboration skills with the ability to work across diverse technical and government teams. Experience maintaining security compliance documentation and supporting audits/assessments. Preferred Qualifications Experience supporting DISA or other DoD organizations. Additional cybersecurity certifications such as CISSP, CISM, or CAP. Bachelor’s or Master’s degree in Information Security, Cybersecurity, Computer Science, or a related field. Why Join BTI? Be part of a Service-Disabled Veteran-Owned Small Business dedicated to supporting national security and defense operations. Play a critical role in ensuring cybersecurity compliance for a mission-critical defense program . Collaborate with talented IT and cybersecurity professionals in a supportive team environment. Competitive salary and comprehensive benefits package. Apply today to join BTI as an ISSO and help drive the security success of the DISA TIBI program. Powered by JazzHR

Job Title: Information Security Analyst, IntermediateCompany: Innovatus Technology ConsultingLocation: Patuxent River, MDSecurity Clearance: TOP SECRET (Required)Job Type: Full-Time About Innovatus Technology Consulting: Innovatus Technology Consulting is a leading provider of innovative IT solutions, specializing in delivering secure, cutting-edge technology services to government and commercial clients. We are committed to safeguarding critical systems and data through advanced cybersecurity practices.Job Summary: We are seeking an experienced Intermediate Information Security Analyst to join our team. The successful candidate will hold an active TOP SECRET security clearance and be responsible for planning, implementing, upgrading, and monitoring security measures to protect computer networks and information. This role involves ensuring robust security controls are in place to safeguard digital assets and critical electronic infrastructure. The analyst may also conduct cyber forensic analysis to respond to cyber threats across hardware and software environments. Key Responsibilities: Plan, implement, and upgrade security measures to protect computer networks, systems, and sensitive information. Monitor and assess security controls to ensure they effectively safeguard digital files and vital electronic infrastructure. Conduct cyber forensic analysis to investigate and respond to cyber threats, incidents, or breaches in hardware and software environments. Identify vulnerabilities and recommend mitigation strategies to enhance network and system security. Collaborate with cross-functional teams to ensure compliance with security policies, standards, and regulations. Stay current with emerging cyber threats, vulnerabilities, and industry best practices to maintain a proactive security posture. Assist in developing and maintaining incident response plans and procedures. Provide detailed reports and documentation on security incidents, forensic findings, and mitigation efforts. Why Join Innovatus Technology Consulting? Opportunity to work on mission-critical projects with a direct impact on national security. Collaborative and innovative work environment with opportunities for professional growth. Competitive salary and comprehensive benefits package including, health, dental, $401k and more. Powered by JazzHR

cFocus Software seeks a Sr. Information Management Specialist to join our program supporting the Department of Defense (DoD). This position is remote. This position requires the ability to obtain a Secret clearance. Qualifications: Six (6) years of professional experience in a broad-base Automatic Data Processing (ADP) services environment This position requires a DoD IAM III level certification Duties: Develop, implement, and maintain information and records management policies, processes, and systems in alignment with DoD and Navy regulations. Oversee the organization, classification, and lifecycle management of digital and physical information assets. Ensure compliance with Department of the Navy (DON) and National Archives and Records Administration (NARA) records retention schedules. Support data governance and configuration management efforts to maintain data integrity and traceability. Coordinate with IT and cybersecurity teams to ensure the protection of classified and sensitive information. Manage the creation, maintenance, and disposition of records in accordance with approved Navy information management procedures. Implement metadata standards, tagging, and indexing strategies to facilitate efficient data retrieval and analysis. Support audit and inspection readiness activities related to records and information management compliance. Train and mentor staff on information management procedures, security protocols, and document control systems. Maintain and update document repositories and electronic filing systems to ensure accessibility and compliance. Develop reports and metrics to track compliance, data quality, and information lifecycle activities. Serve as the subject matter expert (SME) for information management, providing guidance to stakeholders and leadership. Collaborate with program managers and contracting officers to ensure contract deliverables and documentation are properly archived and retrievable. Participate in continuous improvement initiatives to enhance information sharing, collaboration, and data governance capabilities. Ensure secure and compliant handling, transmission, and storage of controlled unclassified and classified information. Powered by JazzHR

Chief Information Security Officer (CISO) Vistrada is looking to hire strong Chief Information Security Officers (CISO). The CISO will provide strategic cybersecurity guidance and oversight to Vistrada clients by leading and managing their cybersecurity programs to help protect their infrastructure, data, people, and customers. Candidates should have extensive knowledge of cybersecurity best practices, industry standards, and regulations. They should also have strong communication, leadership, and project management skills, as well as the ability to work collaboratively with internal and external stakeholders. Job Responsibilities and Common Duties Include: Apply consultative and leadership skills to build high rapport with clients and team members. Provide expert security advisory, compliance and security program oversight, oversee security/compliance assessments, and prepare high-quality reports (including gap analysis, POAM, recommendations, and remediation planning). Lead and manage a team of security analyst(s) providing oversight, direction, expertise, and mentoring. Provide virtual chief information security officer services. Support clients on a fractional owner model. Act as an extension of client’s information security management and governance function. Develop, implement, and oversee information security programs. Assess, identify requirements for, and make recommendations on security controls and technologies. Develop security roadmaps and plans of action. Vendor and third-party risk management program support and due diligence. Develop business continuity and incident response plans. Focus on key performance indicators, metrics, security dashboards. Assist With Business Development. Work with potential new clients to understand and define business and technology needs, provide subject matter expertise to answer client’s questions and concerns, and identify and align services with client’s needs. Support statements of work, identify resource requirements, assumptions, estimates, and assist with responses to Requests for Proposals (RFPs). Identify client’s security and technology needs and identify business development opportunities as outcomes of assessment activities. Develop expert level content, participate in panel discussions and public speaking events, and attend conference exhibitor opportunities. Architect high quality security solutions to the needs of clients.   Perform other duties that may be assigned by management.  Required Experience / Skills: 10+ years of CISO experience working in related field(s). Expert knowledge of cybersecurity frameworks and regulations including: NIST, ISO, CMMC, PCI, COBIT, DFARS, HIPAA, etc. Hands-on incident response coordination and oversight experience. Strong understanding of IT Risk and components, including application, infrastructure, network, and vendors. Bachelor’s degree in Computer Science, Accounting, MIS, or comparable work experience. Develop and present management level materials to effectively communicate and message to stakeholders. Relevant certifications such as CISA, CISM, or CISSP, or similar experience. The annual pay range for this role is $150,000 - 200,000. Company Background:   Vistrada is a business, technology and management services firm dedicated to helping clients plan, design and implement initiatives supporting Cybersecurity, Business Transformation, Integrated Risk Management, and Managed Services. Vistrada provides seasoned expertise and a flexible team structure allowing agility and responsiveness to support client’s evolving needs. Our company operates nationally today with resources centered around NYC, Albany NY, Austin TX, Chicago, IL and Salt Lake City, UT. We have many resources who operate remotely and onsite as needed in a wider geography. Our business organization has four verticals and multiple cross competencies headed by leaders with more than 20+ years of experience on average Powered by JazzHR

Information System Security Officer – Top Secret Clearance | Philadelphia, PA Cambridge International Systems, Inc. Join a dynamic global team united by shared values: commitment, integrity, and perseverance. At Cambridge, you’ll work alongside top talent worldwide, tackling some of today’s most complex and critical challenges in defense and security. We are currently seeking an Information System Security Officer to support operations in Philadelphia, PA. This is a full-time, CONUS position requiring an active DoD Top Secret clearance. This position is contingent upon contract award in October 2025. What You’ll Do Serve as an ISSO supporting RMF compliance and cybersecurity for DoD systems. Implement and monitor security controls, ensuring adherence to NIST 800-53 and DoD policies. Conduct vulnerability assessments, threat analyses, and continuous monitoring using tools like ACAS, STIG Viewer, and eMASS. Support incident response activities, including isolating assets, collecting data, and reporting findings. Maintain RMF documentation (SSPs, POA&Ms, RARs) and ensure system accreditation packages remain current. Collaborate with system owners, administrators, and the ISSM to sustain system security posture. Track, report, and resolve cybersecurity findings while preparing for audits and inspections. What You’ll Bring Required Qualifications: Education & Experience: Bachelor’s degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university Technical Expertise: Six (6) years of experience implementing and coordinating cybersecurity policies across organizational levels, ensuring compliance with DoD and federal standards. Proven expertise conducting vulnerability assessments, threat analyses, and risk mitigation activities. Demonstrated ability to support cyber incident response — including isolating affected assets, performing initial investigations, collecting data, and providing detailed status reports. Certifications: Meets DoD IAM Level II baseline requirements — holding one or more of the following: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP OS/CE Qualification: As directed by Privileged Access Agreement and DFARS 252.239-7001 requirements. Must have a current and active DoD Top Secret security clearance. Proficient with modern IT tools and infrastructure technologies Travel & Passport Some overnight stays possible. Work Environment Compliance with vaccination and medical requirements for TDY/OCONUS roles as per Vaccine Recommendations by AOR | Health.mil . Office setting: Primarily an office-based role in Philadelphia, PA Standard desk/computer work with flexibility for walking and movement on site Must be able to work in an office environment, sitting at a desk, looking at a computer for most of the workday. Work is physically comfortable; the employee has discretion about sitting, walking, standing, etc. May be required to travel short distances to offices/conference rooms and buildings on site. Background & Security Employment is contingent upon successful background investigation Drug screening may be required for federal contract compliance Benefits & Perks We believe in investing in our team—both professionally and personally: Medical, dental, vision, life, accident, and critical illness insurance 401(k) immediate vesting and match Paid time off and company holidays Generous tuition & training support Relocation assistance Sign-on and performance-based bonuses Employee referral program Access to Tickets at Work, EAP, wellness initiatives, and more Join Us If you're driven by mission, technology, and teamwork—we want to hear from you. Cambridge is growing, and this position is just one of many opportunities on our global team. Know someone perfect for the role? Referrals are welcome—both employees and non-employees may qualify for a bonus. Apply today and help shape the future of secure cloud computing for national security. About Cambridge International Systems At Cambridge, innovation grows through diversity. We are proud to be an equal opportunity employer, committed to creating an inclusive and supportive work environment for all. Learn more at www.cbridgeinc.com . Powered by JazzHR

Mantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in the long-term career development of every employee! We are currently looking for the next ISSO to join our team of experts! What you will be doing: Mantis Security is seeking for immediate placement a highly qualified and technical Information Systems Security Officer (ISSO) to lead the Assessment and Authorization (A&A) for multiple analytic mission systems. The ISSO must be proficient in standard A&A activities, and will generate and maintain the complete security body of evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF). The ISSO will work with the software engineers and cloud engineers to ensure applications and systems are developed to meet required security controls, as well as to promote proper security configuration. The candidate should possess 8570 IAT Level II baseline certifications and have working knowledge of the Risk Management Framework (RMF), along with other Intelligence Community (IC) and DoD policy and guidance (ICD 503, CNSSI-1253, etc.). All candidates must have current TS/SCI eligibility with the ability to obtain a CI polygraph to be considered. Duties Include: Support to the Assessment and Authorization (A&A) and all Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems Work with software engineers, DevOps engineers, release managers, and project management to follow A&A and ATO processes, and ensure Minimum Viable Product (MVP) and full releases are compliant and meet security requirements for continuous delivery to an AWS production environment Ensure validity and accuracy review of all associated security documentation Create and maintain System Security Plan (SSP), Security CONOPS, Security Test Plan (STP) and Security Test Procedures, document and maintain implementation details of NIST 800-53 security controls Plans and performs security functional testing, creates and maintains STPs, supports security assessments Utilize Xacta to maintain Security Body of Evidence (BoE) files and to work through the A&A process for each system release cycle Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation Manage the plan of action and milestones (POA&Ms) by working with project managers and engineers to develop schedules and engineering actions that mitigate open findings Monitor and audit operational systems for proper use Must have: Bachelor’s degree with 9 years of experience, or Master’s degree with 7 years of experience, or no degree with 13 years of experience DoD 8570 IAT Level II certification requirements (one of CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP) Must have current TS/SCI eligibility or Active TS/SCI Must be able to obtain a CI polygraph Nice to have: Proficiency with Xacta IA Manager (or Xacta 360) We believe that our strength is in our employees. We offer employees the chance to work with great people on projects of high importance and are committed to providing the best culture that foster’s technical innovation and personal growth. To help our staff achieve a productive work-life balance, we offer a full range of highly competitive benefits for our employees and their families. For more information visit our website at https://www.mantissecurity.com Powered by JazzHR

About the Role MetroSys is seeking a skilled Information Security Engineer II to support and lead efforts around vulnerability management within a dynamic, enterprise-scale environment. This individual will be instrumental in identifying and addressing security vulnerabilities across systems, networks, and applications. The ideal candidate brings a deep understanding of vulnerability scanning tools, remediation prioritization, and collaborative risk mitigation strategies. You will work closely with cross-functional teams to enhance the organization’s security posture and help ensure compliance with industry standards. If you thrive in fast-paced environments and are passionate about cybersecurity, this is an exciting opportunity to grow and make an impact. Key Responsibilities Lead the end-to-end vulnerability management lifecycle : scanning, analysis, prioritization, reporting, and remediation tracking. Perform regular vulnerability assessments and support remediation efforts in collaboration with infrastructure and application teams. Track and assess emerging threats and zero-day vulnerabilities using vendor bulletins and threat intelligence feeds. Generate reports and dashboards to communicate risk posture and mitigation progress to technical and executive stakeholders. Maintain and optimize vulnerability scanning tools to ensure full visibility and accurate detection across the environment. Assist in security incident response involving known or suspected exploited vulnerabilities. Support regulatory and compliance audits (e.g., PCI, NIST, HIPAA ) by providing documentation and metrics. Continuously improve processes, documentation, and tooling in the vulnerability management program. Qualifications Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). 3+ years of experience in information security, with a strong emphasis on vulnerability management. Hands-on experience with scanning tools (e.g., Tenable, Qualys, Rapid7). Solid understanding of network architecture , operating systems (Linux, Windows), and web applications . Familiarity with CVSS scoring , risk modeling, and remediation prioritization frameworks. Ability to work with scripting or automation tools (Python, PowerShell, Bash) is a plus. Excellent communication and problem-solving skills; ability to clearly explain security findings to non-security audiences. Experience with compliance frameworks such as PCI DSS, NIST, HIPAA , or ISO 27001 . Relevant certifications are a plus (e.g., CISSP, Security+, LFCS, RHCSA ). Powered by JazzHR