Job Listings

We are seeking to hire an Information Systems Security Engineer (ISSE) to support our DOE customer in Albuquerque, NM.   The primary responsibilities of the position are to utilize and configure existing cybersecurity tools to perform the monitoring, analysis, correlation and reporting of cybersecurity issues and incidents.    Other responsibilities are to provide guidance and recommendations for new tools based on changes in threats, architecture, technological advances, or organization mission; implementation of new tools and modifications to architecture; updates, maintenance, and monitoring of cyber security tools; analyze changes, events, and other potential incidents for risk to the environment; event analysis, incident determination, and incident management.  This security engineer reports directly to leadership; must have strong verbal and written communication skills for presentations related to activities.

We are seeking a mission-focused Senior ELK Data Engineer to support and contribute to our government customer’s success remotely!   The objective of this task order (TO) is to provide technical and program support services for the installation, maintenance, support, operations, and continuity transition process of an Elastic Search, Logstash, and Kibana (ELK) cloud-based solution for the DOT Enterprise Logging System.     The Cybersecurity and Information Assurance has four primary functional areas, Cyber Operations Services, Oversight & Compliance, including Security Assessments, Policy, Planning & Training, and Risk Management.  Each service area mandates specific knowledge, skills and technical expertise.     Support and assist in Cybersecurity and Information Protection Division (S83) Program to establish, implement and maintain technology and capabilities to ensure the effective management of Federal information technology resources. Cybersecurity and information technology engineering tasks following the systems engineering process, formally known as, the System’s Development Life Cycle (SDLC) to fully deliver and maintain an operational ELK solution.        Evaluate the delivered ELK solution as a system against the Federal initiatives, evolving threats, cybersecurity industry best practices, compliance information (e.g. Executive Orders, Binding Operating Directives, NIST special publications, DOT processes for supporting authority to operate (ATO) decision, ensuring compliance with cybersecurity control requirements (including applicable documentation), on-going recommendations for the mitigation of all threats and measurement of risk affecting the DOT environment.  Cybersecurity Engineering Support (Development):  - Expert services to install and manage Elasticsearch clusters in cloud environments,  - Support development and capacity planning for searching and analyzing indexed data.  - Implement secure data transport between the DOT Enterprise Logging System or other identified systems or components to include on premises and cloud hosted.    - Will present change proposals, as needed, for implementation and updates to internal change management or the DOT Change Control Board  - Engage with the shared services organization for network configuration, cloud services provisioning, authentication services, and certificate services.  Cybersecurity Engineering Support (Observability):  - Provide expert services to implement observability, from ingesting metrics, logs, Application Performance Monitoring (APM) and uptime data to a single data source  - Develop analysis and automation reacting to events using Kibana, machine learning, and alerting.  - Integrate multiple Indicators of Compromise (IOC) threat sources to develop correlation and automated notification to the DOT SOC that includes relevant artifacts.     - Provide expert services to use Kibana for both data visualization and analysis.   - Provide dashboards to analyzing time-series data to developing machine learning jobs.  - Provide dashboards using unique data sets from system logs, vulnerability assessment data, and other endpoint information sources.  Cybersecurity Engineering Support (Analysis):  - Expert services to use Kibana for both data visualization and analysis.  - Provide dashboards to analyzing time-series data to developing machine learning jobs.  - Dashboards using unique data sets from system logs, vulnerability assessment data, and other endpoint information sources; product should display minimal errors in data and visualizations  - Document methods of data collections, reporting applications sources, and processes using plain language, graphs, charts and other means for communications. 

Our staff provides cyber security support to the Department of Energy National Nuclear Security Administration.   We are seeking an Information System Security Officer (ISSO) to support and contribute to our government customer's success in Albuquerque, NM!   In this role, you will serve as a Principal Adviser on all matters involving the security of Information Systems (IS). You will have the detailed knowledge and expertise required to manage the security aspects of an information system and be assigned responsibility for the day-to-day security operations of the systems. You will assist in the development of the security policies and procedures and ensure compliance with those policies and procedures through ongoing monitoring and assessments. In close coordination with the Information System (IS) owner and the Information System Security Manager (ISSM), you will play an active role in the evaluation or risk associated with a system, enforcing and assessing the controls, monitoring the security impact of changes to the systems, and developing and updating the security documentation associated with the system.    Duties, Tasks & Responsibilities - Ensuring the implementation of DOE and NNSA cybersecurity policies and procedures for designated information systems - Conducting the Assessment and Authorization (A&A) activities for designated systems - Documenting the implementation of protection measures within the security plan for the systems - Ensuring the appropriate access is provisioned for users of designated systems - Identifying, assessing, and documenting threats and risks to designated systems - Capturing and maintaining information system security artifacts - Conducting cybersecurity tests and assessments and providing results of these activities to the ISSM - Evaluating the security impact and recommending implementation strategies for security significant changes to the assigned information systems - Identifying cyber security training needs in terms of job responsibilities or roles - Conducting information system risk assessments - Responding to and reporting of incidents related to their assigned information systems - Development of security processes and procedures to support the ISSM’s Cyber Security Program - Creating and maintaining disaster recovery and incident response plans and participating in associated training - Formally and informally presents information in group and individual settings

We are seeking a Information Systems Specialist II (Mid) to support our Department of Transportation (DoT) customer in Washington, DC!   Selected incumbent will support in the area of information system cybersecurity management ensuring security posture and compliance tasks, to include but not be limited, program and information system / application support ensuring security in all phases of system engineering process, supporting information system / application Risk Management Framework (RMF) task(s) in accordance with NIST Special Publication 800-37, addressing and documenting system requirements (controls). Support in contingency planning, incident handling, risk analysis and mitigation IT security and privacy baseline compliance, respond to and support security assessments (internal and self-conducted) and other audits requests, and develop and adhere to approved Information System Continuous Monitoring (ISCM) plans in accordance with supporting DOT policy, standards, and guidelines.   Duties, Tasks & Responsibilities   - Provide support to the continuous monitoring process, assessing and evaluating Information System (Hardware and Software) inventory to detect vulnerabilities, identifying critical and high weakness via insecure application development techniques, inherited controls from Common Control Provider including FedRAMP cloud service providers (CSP), networked enclaves, and provide remediation or corrective actions to improve the security posture. - Provide support in tracking and ongoing evaluation of weakness, vulnerabilities in DOT’s Continuous Diagnostic and Mitigation (CDM), other identified security tool suite or other detection reports, issued corrective action plans, re-mediating addressing issues affecting the security posture of applications information system infrastructure. - Provide cybersecurity expertise to support cybersecurity in the System’s Development Life Cycle (SDLC) process, including supporting processing for requirements review in development phases (Agile, Spiral, DEVSECOPS or Waterfall model), annual Security Assessment and Authorization (SA&A), and Information System Continuous Monitoring (ISCM). - Develop / update information system’s data for Privacy Impact Assessments (PIAs), Privacy Threshold Analyses (PTAs), and System of Record Notices (SORNs). This includes interfacing/coordinating with the System Owner (SO) that originates/has responsibility for the document to ensure the PIA/PTA/SORN contains appropriate information to be approved/adjudicated by DOT Privacy Office for inclusion in System Authorization package. - Assist the System Owner, Information Owner, Component Privacy Officer and Information System Security Manager (ISSM) in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M’s) in accordance with DOT policy, guides and procedures. - Develop Draft Plan of Action and Milestones (POA&M) for observed control level deficiencies or gaps control implementation(s) in accordance with DOT policy, guides and procedures. - Conduct quality assurance reviews of existing POA&Ms to ensure completeness, accuracy and identified solutions are cost effective. - Support the information system contingency planning process in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities and ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the Information Systems Contingency Plan (ISCP).

We are seeking a mission-focused Sr. VoIP DVTC Engineer to support and contribute to our government customer’s success in Washington, D.C. or Reston, VA!   Duties, Tasks & Responsibilities: - Being the go-to person in the UC and VTC team to solve complex operational issues. - Providing support, analysis, research, and advice into exceptionally complex voice/video/data problems and related performance issues. - May lead subsets of team members on solving specific problems/challenges. - Perform specialized and technical tasks associated with the most current and cutting-edge technologies. - Evaluates requirements and help develops solutions that address both operation and future requirements sets. - Document data flows by diagrams network topologies, interconnections, firewalls, and security gateways. - Develops and documents rack elevations, power requirements for component deployment and use. - Collaborates with LAN/WAN teams on bandwidth requirements, utilization, and performance needs. - Works with technical writers to create comprehensive design and configuration documentation, installation procedures, operating instructions and troubleshooting guides. - Works with testers to evaluate test criteria and expected outcomes, create and automate test cases, test data, test scripts, and exercise unit tests on lab hardware and software. - Works with technical writers to evaluate OEM training materials and develop customer- or site-specific supplements to vendor materials. - Managing projects and develop new operational processes. - Coaches and reviews the work of lower level professionals. - Work with the team and influences others regarding system design, solutions, and procedures.

We are seeking a JAVA Engineer - AWS Certified to support a USDA contract. This position is 100% Remote   The contract supports a variety of customers with DEVOPS, DEVSECOPS, and Architecture support.   Must be AWS Certified Must have Bachelors Degree or be CSSLP Certified or obtain Certification within 6 months Must be Security+ Certified or able to obtain Certification within 6 months. **Training and exams for CSSLP & Security+ are paid for by the company**   Duties, Tasks & Responsibilities - The software engineer candidate is responsible for the design and implementation of a distributed enterprise application with external and internal interfaces utilizing Micro-services and business automation patterns - Design, develop and test enterprise web services APIs and back-end services - Creation of custom software within an agile team environment

We are seeking a mission-focused 3rd Shift SrNetwork Administrator to support the design, development, and deployment of a new DevOps infrastructure and advanced cybersecurity capabilities in Pensacola, FL.   We are supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment including introducing new cyber capabilities to address emerging threats. The Sr. Cyber Security Incident Responder will support our customer in the detection, response, mitigation, and reporting of cyber threats affecting the client networks.   Duties, Tasks & Responsibilities - Collaborating within Agile Scrum teams as a key contributor responsible for the implementation of advanced cybersecurity capabilities, including the selection of hardware and software and the design of infrastructure services required to enable the cybersecurity capabilities. - Maintaining current knowledge of hardware and software applications. - Work with engineering to develop high quality technical documentation, including user guides, test plans, and contract deliverable items and supporting product line training. - Backup and restore network device configuration - Break fix actions/O&M - Upgrading network equipment - Port Open Requests- Implement firewall policies - Sustainment of CISA networking architecture - Expected to do some installation work. Cable/equipment - Monitors the status of the network and responds to issues/ticket requests that occur