Full Time -

2 days per week on-site in Washington, DC

Able to obtain Public Trust Clearance

H1/Greencard/Citizenship holders are acceptable

Salary Range: $135000

Job Description:

As a Cybersecurity Analyst, you will play a crucial role in supporting IT Security management by conducting technical review, analysis, reporting, and working with technical solutions in the areas of vulnerability management, issue analysis, and response development and execution. You will work closely with various IT systems and teams to ensure compliance with security policies and procedures, focusing on maintaining a strong security posture for our client.

Key Responsibilities:

Lead and manage technical projects with a focus on analytics and security.
Serve as a Subject Matter Expert (SME) in web application scanning and device scanning.
Utilize tools like Nessus, Security Center, Tenable.IO, and Qualys WAS for vulnerability management.
Collaborate with cross-functional teams to ensure project success.
Leverage ServiceNow for incident management and tracking.
Utilize SharePoint for documentation and collaboration.
Engage with Jira for issue tracking and resolution.
Review and create technical documentation, reports, and policies.
Oversee quality assurance processes related to analytics and security documentation.

Qualifications

Education & Experience:

Bachelor’s degree in a relevant field such as Computer Science, Information Security, or Data Analytics.
Minimum 7 years of related professional experience, with a strong background in analytics and security.
Proficiency in project management methodologies and tools.
Strong expertise in web application scanning and device scanning.
Proficiency in Nessus, Security Center, Tenable.IO, and Qualys WAS.
Proficiency in Excel data analytics.
Excellent technical writing skills with a proven track record in creating and reviewing technical documentation.
Strong understanding of quality assurance and security best practices.
Relevant certifications such as PMP, CISSP, CISM, or related certifications are a plus.
Effective communication, leadership, and presentation skills.
Strong problem-solving and analytical abilities.
A commitment to staying current with industry trends and security developments.

Desired:

Project Management / Scrum experience
PowerShell
Excel (Advanced Operations)
Azure DevOps
SQL Server Management Studio
Zero-trust Architectures

Location: WASHINGTON, DC, United States
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Hybrid Remote

Target Salary: $145,000 plus benefits
Description

We are seeking a technical Security Tools Team Lead to join our dynamic team in supporting a critical US government agency in the National Capital Region. This role presents an exciting opportunity to lead the operation, maintenance, and modernization efforts of various security tools within a collaborative environment, reporting directly to the Security Operations Manager.

Responsibilities:

Lead a team of security tool administrators responsible for the management and operation of key security technologies, including but not limited to AV / EDR, DLP, Web Proxy, Email Security, IDPS, and SIEM Technologies.
Oversee deployment, update, and upgrade plans for security tools and execute tasks accordingly.
Evaluate routine health checks reports, maintenance activities, updates, upgrades, and implementation of new capabilities.
Troubleshoot security tools issues, escalate as necessary, and collaborate with vendors to resolve technical challenges.
Support the deployment of new security tools as required.
Develop, execute, and enhance work instructions and technical documentation related to security tool updates, upgrades, and health checks.
Analyze performance issues of security tools using various diagnostic tools.
Maintain accurate and comprehensive documentation of work activities in diverse formats, including work instructions, change management requests, incident tickets, and email communications.
Drive efficiency improvements through process enhancements and automation initiatives.

This role does require 2 days per week in office.

Qualifications

Requirements:

Bachelor’s degree in a relevant field plus seven (7) years of related information security experience, or ten (10) years of relevant work experience.
Five to seven (5-7) years of hands-on experience working with various security tools and technologies, including SIEM platforms, antivirus solutions, endpoint detection and response solutions, DLP systems, web proxies, and intrusion detection/prevention systems.
Proficiency in operating systems administration (Windows and Linux) and scripting/automation (e.g., Python, PowerShell) with at least two (2) years of relevant experience.
Demonstrated experience in developing, executing, and enhancing work instructions and technical documentation pertaining to security tool administration.
At least two to three (2-3) years of experience in a leadership or supervisory role, overseeing a team responsible for managing security tools and systems.
Experience in mentoring and guiding junior team members, delegating tasks, and providing feedback on performance and development.
Familiarity with relevant cybersecurity regulations, standards, and frameworks (e.g., NIST, FISMA, HIPAA, GDPR) and experience ensuring compliance with regulatory requirements.
Possess industry-standard cybersecurity certifications such as Security+, CASP, CISSP, as well as vendor certifications from Cisco, Juniper, Palo Alto, Splunk, Microsoft, Red Hat, and others.
Must be able to communicate effectively, both verbally and in writing, and work autonomously with minimal supervision.
Proficiency in using Microsoft Word, PowerPoint, and SharePoint.

Clearance Requirement: All candidates must be eligible to obtain a US Public Trust Clearance.

Eligibility Criteria:

Current IRS MBI security clearance is desired. Must be a U.S. citizen with the ability to obtain a MBI (Minimum Background Investigation) Security Clearance from the IRS.

Job Description:

This Linux System Administrator will be responsible for the day-to-day administration of the Linux server infrastructure with included but are not limited to the following:

Maintain all internet requests inclusive to DNS, RADIUS, Apache, MySQL, PHP.
Taking regular back up of data, create new stored procedures and listing back-up is one of the duties.
Analyzing all error logs and fixing along with providing excellent customer support for Webhosting, ISP, and LAN Customers on troubleshooting increased support troubles.
Communicating with the staff, vendors, and customers in a cultivated, professional manner always must be one of his characteristics.
Enhance, maintain, and create the tools for the Linux environment and its users.
Detecting and solving the service problems ranging from disaster recovery to login problems.
Installing the necessary systems and security tools. Working with the Data Network Engineer and other personnel/departments to analyze hardware requirements and makes acquiring recommendations.
Troubleshoot, when a problem occurs in the server.

Qualifications:

Bachelor of Science, or equivalent education.
Strong Linux admin experience at a large enterprise environment (Redhat Enterprise is preferred)
Bachelor’s degree plus six (6) years of experience as a Linux Systems Administrator, master’s degree plus four (4) years of experience, or four (4) additional years of experience in lieu of a degree.
Must be client focused, display interpersonal skills and be an effective team member.
Must work closely with IRS and Prime Contractor Team members supporting the Data Center Operational Maintenance.

Required Skills:

Advanced Linux Administration experience
Strong UI (front end) development skill using Node.js and other JavaScript frameworks such as Angular.
Backend Java development experience for OpenShift (or other containers) running environment.
Apache and Tomcat Web Services for Windows/Red Hat Linux applications
Perl Scripting
PowerShell and Azure CLI Expertise
VMWARE knowledge for Server management backup/restore.

Desired Skills:

Azure and AWS capabilities for Server Deployment
Azure Fundamentals Certificate and Administrator Associate Certificates
Azure Security Operations Analyst Associate preferred
Azure Security Engineer Associate preferred
Azure Data Fundamentals Preferred
Disaster Recovery and Resource Management Concepts
Azure DR concepts
- Or –
Azure Solutions Architect Expert Certification
Disaster Recovery and Resource Management Concepts

Work Location:

The Primary work location will be remote with Telework. However, travel may be required to customer location when required by the end-client, as described under the section below on Travel.

2 days per week on-site in Washington, DC

Able to obtain Public Trust Clearance

Job Description

We are looking for a ServiceNow Developer to join our team in Washington, DC. The ServiceNow Developer’s primary responsibilities include providing the design and delivery of technical solutions and custom application development within the ServiceNow environment. Candidate must have a strong understanding of software engineering and ServiceNow’s IT Service Management (ITSM) platform. This individual needs to have a solution-driven mindset to best work through the deliverables around the needs of the organization. Excellent communication and documentation skills are extremely important for this individual to be successful!

This role requires on site work in Washington, D.C. 2 days per week.

Primary Responsibilities

Developing, designing, configuring and rolling out new application modules, workflows and catalog requests.
Designing and delivering technical solutions that are developed on the ServiceNow platform for all internal employees.
Provide software configuration and customization including, but not limited to: screen tailoring, workflow administration, report setup, data imports, integration, custom scripting and third party software integrations.
Create integrations and process automation using API and data integration processes between ServiceNow and other services.
Create and maintain Service Catalog Items and Knowledge Bases.
Work with IT Service Management Team and other key client stakeholders within IT and the Business.
Understand business requirements for ServiceNow – Architect integrations with ServiceNow using LDAP, Single Sign-on, Mid server, Web-services, Email and several in-house applications and technologies – Participate in sizing the application for future growth and scalability.
Perform technical configurations, application maintenance and house-keeping activities.
Design security of the application, and own data security function.
Trouble-shoot technical issues related to ServiceNow application configuration and other technical issues.
Find opportunities to improve the platform.
Understand the large scale thinking and apply the same for designing solutions.

Qualifications

Required Skills and Education:

Bachelor’s and eight (8) years or more experience; Masters and six (6) years or more experience; or subsequent work experience.
6+ years of ServiceNow development skills with 6+ years of experience in an enterprise-level environment.
Experience supporting the customization, administration, and configuration of the ServiceNow tool.
Experience with HTML, Angular, and JavaScript.
Experience with Service Catalog and Service Portal within ServiceNow.
Experience with the Tokyo release or later.
Functional knowledge of ITSM processes and CMDB in ServiceNow.
Working with creation and customization of the core applications such as Incident, Problem, Change, Service Portal, and Service Catalog Automation System/Process Automation (Orchestration).
Prior experience integrating ServiceNow to other applications and ability to adapt existing methods and procedures to create possible solutions to complex problems.
Ability to plan resource requirements from high level specifications.
Strong communications skills and the ability to explain complex concepts in plain language.
Proficient understanding of code versioning tools such as Git / Serena / SVN.
Must be able to obtain a Public Trust Clearance.

2 days per week on-site in Washington, DC

Able to obtain Public Trust Clearance

H1/Greencard/Citizenship holders are acceptable

Salary Range: $145,000

Job Description:

We are looking for an experienced Information System Security and Privacy Officer (ISSPO) to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Governance, Risk and Compliance by providing direct support to Agencies Information System Security and Privacy Officer (ISSPO) in managing and documenting the ongoing security posture of the agency. The ISSPO will support the Program Manager and work collaboratively with other Information Systems Security Analysts, IT SMEs and System Administrators to conduct analysis, mitigation, remediation, and monitoring to ensure compliance with agency policies and procedures. The ISSPO will lead, and guide efforts associated with obtaining and maintaining RMF Authorities to Operate (ATO) for systems within the customer’s multi-faceted network infrastructure, spanning multiple platforms residing on multiple security enclaves. Specifically, this job will consist of the following:

Provide Risk Management Framework (RMF) and Authorization and Accreditation (A&A) activities such as developing and maintaining systems Authority to Operate (ATO) package documentation.
Establish procedures & processes to ensure tracking and mitigation of risks identified during the ATO process.
Provide data categorization guidance to system owners.
Develop and update Interconnection Security Agreement documentation as needed.
Support customer responses to ongoing information system audits.
Develop and update System Security Plans (SSPs) and supporting documentation.
Assisting with tailoring of security control baselines for general support system and other FISMA reportable systems, including cloud systems utilizing FedRamp controls.
Collecting and validating control implementation statements from subject matter experts.
Oversee development of security and privacy control implementation statements per NIST SP 800-53 and agency security policy standards.
Assist with the migration to NIST SP 800-53 Rev 5, identifying gaps and providing understanding of new requirements to technical teams for implementation.
Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
Review and assess POA&M outputs, recommending additional work or closure.
Support the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
Document and communicate control deficiencies for POA&M consideration.
Assist in developing security policies, ensuring compliance, and updating documentation.
Provide information for status reports, briefings, schedules, and project plans in written and oral form.

This role requires on site work in Washington, D.C. 2 days per week.

Qualifications

EDUCATION & EXPERIENCE:

Undergraduate degree with eleven years of experience or Graduate degree with nine years of experience in IT Infrastructure, IT Security, and/or Governance, Risk and Compliance (GRC).
One or more current Security certifications (CISSP, CISM, Security+).

REQUIRED SKILLS:

Expert knowledge of RMF accreditation packages and all steps of the RMF process.
Experience in Security, Privacy Assessment and Authorization (SPA&A) activities and ATO package creation.
Experience working with RMF and NIST SP 800-53 (Rev 4/5)
Knowledge of cyber-attack patterns, tactics, techniques, and procedures.
Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
Familiarity with IT Audits using FISCAM processes and procedures.
Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST SP 800-53, and IT control processes.
Experience with GRC frameworks/tools (RSAM, CSAM) and SA&A tools (Xacta).
Very strong technical understanding of Windows and Linux platforms.
Experience taking IT and network system(s) through the ATO process.
Ability to tailor information security processes and tools, based on ever evolving and changing landscapes, doctrine, and risk scenarios.
Comprehensive knowledge performing and identifying impacts as well as consideration of existing risk mitigation strategies.
Experience with auditing control implementations and communicating risks associated with control deficiencies or gaps.
Experience with SharePoint lists and workflows, and general project management tools.
Ability to work effectively independently as well as within a team environment.
Fluency in both spoken and written English, including the ability to work with highly technical and specialized content. Must be able both prepare and deliver such content, verbally and in writing, but also comprehend such content from others, in both spoken and written form.
Ability to work in a fast-paced environment while maintaining outstanding customer service skills.
Must be flexible with work schedule during surge periods of support.
Ability to document processes as needed.
Proficiency in explaining complex policies and protocols in simple terms.
Stays updated on IT trends and security standards.
Demonstrates excellent analytical thinking and problem-solving skills to be able to assess potential risks and develop possible solutions.

Candidates for consideration must be eligible to obtain and maintain a Public Trust clearance.

DESIRED SKILLS: A solid understanding of IT security controls, tools, and concepts. Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc. is also desired.

2 days per week on-site in Washington, DC

Able to obtain Public Trust Clearance

H1/Greencard/Citizenship holders are acceptable

Salary Range: $125000

Job Description:

We are looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance support by providing direct support in managing and documenting the ongoing security posture of the agency. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. Specifically, this job requires the following:

Develop and maintain IT security controls per NIST SP 800-53 and Agency Security Policy standards.
Collect and validate control implementation statements from subject matter experts.
Consult with experts to ensure work instructions align with agency security standards.
Conduct risk assessments for security issues and propose resolutions.
Document and communicate control deficiencies for POA&M consideration.
Support Continuous Security Monitoring for compliance with agency Security Policy
Assist in developing security policies, ensuring compliance, and updating documentation.
Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
Review and assess POA&M outputs, recommending additional work or closure.
Support IT Governance, Risk, and Compliance activities, including standards management.
Provide information for status reports, briefings, schedules, and project plans in written and oral form.

This role requires on site work in Washington, D.C. 2 days per week.

Qualifications

EDUCATION & EXPERIENCE:

Undergraduate degree with nine years or Graduate degree with 7 years of IT control or IT security experience in a technical environment with a variety of IT systems.
One or more current Security certifications (CISSP, CISM, Security+).
Experience serving in an information system engineer/administrator role implementing security controls.

REQUIRED SKILLS:

A solid understanding of IT security controls, tools, and concepts.
Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc.
Understanding of OMB M-22-09 and EO 14028
Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
Experience implementing security measures within information systems engineering projects.
Understanding of web application security concepts, such as OWASP Top 10 vulnerabilities.
Knowledge of cloud security principles and best practices, particularly for major cloud platforms like AWS, Azure, or Google Cloud.
Familiarity with GRC frameworks/tools (Archer, eMASS, CSAM) and SA&A tools (Xacta).
Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
Proficiency in network security principles, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure network architectures.
Strong understanding of operating systems (e.g., Windows, Linux/Unix) and their security features and vulnerabilities.
Knowledge of encryption protocols and techniques, such as SSL/TLS, AES, RSA, etc.
Familiarity with security assessment tools and techniques, including vulnerability scanning, penetration testing, and ethical hacking.
Experience with security information and event management (SIEM) systems for log analysis and threat detection.
Fluency in spoken/written English for technical content, with strong communication skills.
Experience producing high-quality deliverables with minimal edits, quick review, and feedback on federal security doctrine.
Ability to thrive in a fast-paced environment, outstanding customer service skills.
Ability to document processes, explain complex policies in simple terms.
Familiarity with latest IT trends, security standards, excellent analytical thinking, and problem-solving skills.

Candidates for consideration must be eligible to obtain and maintain a Public Trust clearance.