/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems Design, implementation, configuration, and enforcement of security controls More ❯
trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations More ❯
trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations More ❯
operators and program offices in assessing acceptable risks to missions caused by cybersecurity deficiencies in systems and programs. • Utilizes all information collected to create and deliver an Operational Risk Assessment (ORA) and Asset Defense Plan (ADP) • Analyzes MRT-C results against mission system vulnerabilities and cyber threats to identify Key Terrain - Cyber for each USSF Mission. • Provides mission analysis … in-depth architecture against known vulnerabilities • Must have knowledge and experience to support analysis tasks • Must have extensive knowledge of Mission Assurance disciplines to include risk management, mission mapping, vulnerability assessments, and defensive cyber capabilities • Must have a detailed understanding of mission analysis techniques, FMA-C methodologies, and mission dependencies • Must have the ability to solve complex problems involving More ❯
Cyber Artifacts Management: Manage and assess cyber artifacts to ensure proper documentation and readiness for cyber assessments. • Cyber Testing: Develop, execute, and analyze cyber testing efforts including penetration tests, vulnerability assessments, and cybersecurity audits. • Risk Management Framework (RMF) Implementation: Guide and support the implementation of the RMF process, including categorizing information systems, selecting security controls, and managing security control … Security Technical Implementation Guides (STIGs) and maintain up-to-date security configurations. • Obtain ATO: Coordinate efforts across teams to prepare systems for ATO through proper documentation, risk assessments, and vulnerability remediation. • Collaboration: Work closely with program managers, engineers, and clients to ensure alignment with project goals and compliance with cybersecurity best practices. • Documentation & Reporting: Assist in the creation of … field. • Experience: 5+ years of experience in cybersecurity engineering, cyber risk management, or cyber testing. • Technical Expertise: Demonstrated experience with RMF, STIGs, and ATO processes. Hands-on experience with vulnerability management tools, penetration testing, and cyber defense technologies. • Communication: Strong ability to produce clear, concise technical reports, and provide briefings to clients and leadership. • Security: Experience working on classified More ❯
focused, and motivated candidate who can adapt to a constantly changing environment. What you will do - Manage and maintain a complex server-based enclave. Performing and mitigating system scans, vulnerability management activities, and active directory configuration. - Plan and implement IT enhancements needed for system optimization. - Identify and remediate hardware and/or software issues. - Create and update clear, concise … and accurate incident resolution documentation. - Support overlapping projects and maintain good inter-departmental relations. - Communicate and publish statuses of system outages, as needed. - Manage information assurance vulnerability alerts (IAVAs) and system security scanning of equipment suites in accordance with System Security Plans. - Actively identify and initiate IAVA responses and system security scans for remediation, deploy IAVA patches and/… and comprehension, development, integration, configuring data inputs and forwarders, data management, and/or monitoring. - Experience with Network Security Technologies such as Multiple Domain, PKI, SSP, and/or Vulnerability Assessment. - Experience with High Assurance Internet Protocol Encryptor (HAIPE) devices for in-line Network Encryption. - Experience with Puppet, Docker/Rancher, SALT. All are welcome At August Schell, we More ❯
Partner with development, operations, and security teams to integrate security protocols seamlessly into the software development lifecycle. Design, build, and maintain CI/CD pipelines incorporating automated security testing, vulnerability assessments, and compliance checks. Develop and manage infrastructure as code (IaC) configurations, ensuring secure and scalable cloud resources and infrastructure. Conduct security assessments, code reviews, and penetration testing to … Terraform, CloudFormation, or Ansible. Strong scripting skills in languages such as Python and Bash for automation and integration. Proficiency with static code analysis, dynamic application security testing (DAST), and vulnerability scanning tools like Fortify and Acunetix. Knowledge: In-depth understanding of security frameworks (e.g., OWASP, NIST) and best practices for mitigating vulnerabilities. Familiarity with common threat vectors and experience More ❯
Bedford, Bedfordshire, South East, United Kingdom Hybrid / WFH Options
Total IT
cyber security measures, best practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development of incident response protocols to enhance security posture. Offer technical guidance to team members, fostering a culture of continuous learning and improvement within … of the strategy plan Active innovation and improvement of internal policies and strategies Technical Skills Required: In-depth knowledge of Office 365 security features and best practices. Proficiency in vulnerability scanning tools and techniques. Solid understanding of networking principles, including TCP/IP, patching, and network security protocols. ISO27001 Implementation and understanding Exceptional report writing skills, with the ability More ❯
evaluating the effectiveness of implemented security controls across USAFA information systems in accordance with NIST SP 800-53A Rev. 5 and DoD RMF standards. Develop and maintain Security Assessment Plans (SAPs) for each assigned system, including assessment scope, testing schedule, security tools, control evaluation methods, and designated assessor personnel. Draft and coordinate Rules of Engagement (ROE) documents … for penetration testing and vulnerability scanning activities to ensure alignment with mission requirements and operational constraints. Conduct or oversee security control assessments for management, operational, and technical controls, leveraging interviews, evidence review, technical validation, and security testing. Document assessment results and risk impacts in the Security Assessment Report (SAR), providing a clear summary of control effectiveness, risk … posture, and any residual vulnerabilities. Support SAR preparation activities including: Vulnerability assessments and validation Security categorization reviews System Security Plan (SSP) analysis Risk issue resolution and remediation status reporting Preparation of SAR briefings, findings presentations, and meeting support materials Provide independent contributions to the Authorization to Operate (ATO) process by delivering the SAR, risk determinations, and supporting documentation for More ❯
Associate) CISSP GCED GCIH CCSP Responsibilities: Design, implement, configure, and enforce network security controls across routers, switches, firewalls, and endpoint devices Manage enterprise level of Active Directory (AD) Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool Configure and secure Cisco networking devices in accordance with DoD policies and Security Technical Implementation Guides (STIGs) Utilize packet … include the design, implementation, configuration, and enforcement of security controls on network, hardware, and software components and devices STIG implementation Management of enterprise level deployment of Active Directory Performing vulnerability assessments with the ACAS tool Configuration Cisco networking devices Analysis of network traffic utilizing tools such as Wireshark and tcpdump Troubleshooting network connectivity issues Implementation and management of firewalls More ❯
Associate) CISSP GCED GCIH CCSP Responsibilities: Design, implement, configure, and enforce network security controls across routers, switches, firewalls, and endpoint devices Manage enterprise level of Active Directory (AD) Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool Configure and secure Cisco networking devices in accordance with DoD policies and Security Technical Implementation Guides (STIGs) Utilize packet … include the design, implementation, configuration, and enforcement of security controls on network, hardware, and software components and devices STIG implementation Management of enterprise level deployment of Active Directory Performing vulnerability assessments with the ACAS tool Configuration Cisco networking devices Analysis of network traffic utilizing tools such as Wireshark and tcpdump Troubleshooting network connectivity issues Implementation and management of firewalls More ❯
Associate) CISSP GCED GCIH CCSP Responsibilities: Design, implement, configure, and enforce network security controls across routers, switches, firewalls, and endpoint devices Manage enterprise level of Active Directory (AD) Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool Configure and secure Cisco networking devices in accordance with DoD policies and Security Technical Implementation Guides (STIGs) Utilize packet … include the design, implementation, configuration, and enforcement of security controls on network, hardware, and software components and devices STIG implementation Management of enterprise level deployment of Active Directory Performing vulnerability assessments with the ACAS tool Configuration Cisco networking devices Analysis of network traffic utilizing tools such as Wireshark and tcpdump Troubleshooting network connectivity issues Implementation and management of firewalls More ❯
are seeking a highly motivated Cyber-Security Engineer to safeguard our critical data and infrastructure from cyber threats by implementing and maintaining robust security solutions. Key Responsibilities Security Assessments & Vulnerability Management: Identifying weaknesses in systems and networks through vulnerability assessments and penetration testing. Implementing Security Solutions: Putting in place firewalls, intrusion detection systems (IDS), and other tools to More ❯
complex topics related to a variety of cyber threats. As required the Red Analysts (cyber) travel domestically and abroad to provide expert expertise and direct support of geographically separate vulnerability assessments. Specifically, the Red Analysts (cyber) are responsible for researching and identifying positions, access points, relationships, organizations, and other potential vulnerabilities in support of DoD Red Team operations. This … includes identifying adversarial cyber information for program objectives, identifying gaps in cyber architecture and developing cyber courses of actions on vulnerability assessments. Further, the Red Analysts (cyber) provide advice to tactical partner elements and red team personnel in planning adversarial cyber assessments. They are also responsible for implementing specialized training, advanced analytic skills and tools, and maintaining knowledge of … s cyber capabilities. Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist Red Team Program Leader collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary cyber More ❯
processes and procedures used by the Prime OEM Contractor/Subcontractor that develop software for the F-22 weapon system. • Track the F-22 system(s) documentation through the Assessment and Authorization (A&A) process ending with a signed authorization letter from the Authorizing Official. • Evaluate the technical implementation of the security design to ascertain security software, hardware, and … to understand and classify the criticality, risk of occurrence, and feasibility of mitigation strategies for legacy and support systems. The Contractor shall support and review existing and future cyber vulnerability assessments of new and legacy systems and recommend prioritized mitigation strategies. • Apply knowledge of industry cyber resiliency strategies to F-22 cyber resiliency efforts. • Contribute to and participate in More ❯
Bedford, Massachusetts, United States Hybrid / WFH Options
SkyBridge Aviation
Key Responsibilities: • Conduct comprehensive cybersecurity assessments in support of RMF accreditation for Air Force systems. • Develop and maintain cybersecurity documentation including System Security Plans (SSPs), POA&Ms, and Security Assessment Reports (SARs). • Perform control validation, security control testing, and system vulnerability assessments. • Support the Authorization and Accreditation (A&A) process in compliance with DoDI 8510.01 and NIST … 8570.01-M IAT Level III certification (e.g., CASP+, CISSP, or equivalent) • 7+ years of cybersecurity experience, including RMF and control assessments • Experience with DoD cybersecurity policies, NIST standards, and vulnerability management tools • Three (3) years of experience in a Certification and Accreditation/A&A role • Demonstrated experience with STIGs, SRGs, POA&Ms and cybersecurity best practices, as well More ❯
efforts for TRADOC G2 operations at Fort Eustis, VA, ensuring compliance with DoD Risk Management Framework (RMF), DISA STIGs, and cybersecurity policies. This role requires expertise in system accreditation, vulnerability assessments, and incident response, managing complex IT infrastructures within SCIF and open storage environments to protect critical mission data against cyber threats. Responsibilities Develop and enforce information assurance policies … and procedures. Perform risk assessments and vulnerability analyses for IT systems. Manage system accreditation processes, including RMF compliance. Oversee security audits and incident response activities. Provide guidance and mentorship to junior information assurance personnel. Qualifications Active DoD Top Secret/SCI clearance required. Bachelor's degree in cybersecurity, IT, or related field preferred. 8-13 years' experience CISSP, CISM More ❯
expert (SME) for OT systems during audits, inspections, and vendor engagements. • Evaluate new technologies and develop risk-based strategies to enhance OT cybersecurity and system reliability. • Support penetration testing, vulnerability assessments, and patch management activities in live and test environments. • Participate in a 24/7 on-call rotation to support critical infrastructure operations. Qualifications: • Bachelor's degree in … on experience deploying and configuring firewalls, switches, and routers. • Experience troubleshooting issues across all OSI model layers. • Familiarity with server virtualization (hypervisors, VMs, bare metal deployments) preferred. • Experience with vulnerability scanning and cyber tools in an OT environment is a plus. • Familiarity with the Purdue Model for ICS networks is strongly preferred. • Strong technical documentation and communication skills required. More ❯
