Perform vulnerability assessments, penetration testing, and security audits to identify and address potential threats to information systems.. Expertise in vulnerability assessment tools (e.g., Nessus, Qualys) and penetration testing.. Familiarity with cloud security principles (AWS, Azure, GCP) and securing cloud-based infrastructures.. Proficiency with security tools such as SIEM (Security Information and Event Management), IDS/IPS, and endpoint protection systems.. Certifications such as CISSP, CISM, CISA, or other recognized information security certifications.
Experience with international security programs and relevant certifications (CISSP, CISM, CEH, etc. Proficiency in incident response, SIEM, firewalls, and compliance frameworks (NIST, ISO, GDPR, etc. This is a fully onsite role, ideal for a well-rounded IT professional with a strong foundation in cloud security, deep experience with Microsoft Azure, and hands-on expertise in CrowdStrike Falcon.. Manage and optimize CrowdStrike Falcon for endpoint protection, threat intelligence, and incident response. CrowdStrike experience is required - configuration, policy tuning, and incident response
You will design, develop, and implement cutting-edge cybersecurity solutions. From managing Azure NSGs and VPNs to deploying Zero Trust strategies and leading key security initiatives, your work will directly impact the safety and integrity of our systems across the enterprise. Strong background in SIEM (tuning, reporting), IAM , cloud security , and enterprise systems. Hands-on knowledge of TCP/IP, HTTP, TLS/SSL , and common network security protocols. Certifications required: CompTIA Security+ , CISA.
Our CREST accredited Security Operations Center (SOC) combines advanced monitoring services and threat detection capabilities with best-in-class business risk assessment to provide the optimal incident response approach for every client. We integrate threat intelligence, event monitoring, security analytics and incident response, while catalyzing machine learning and automation orchestration to detect targeted cyberattacks. In 2022, we launched a sales hub in the Mid Atlantic, marking our full expansion into the US market. Proficient understanding of diverse cybersecurity technologies, including SIEM, EDR, IDS/IPS, Firewall, Vulnerability Management, Identity and Access Management, and the Zero-Trust approach, among others.. Understanding of the MITRE ATT&CK Tactics/Techniques/Sub-Techniques and mitigation strategies
The Sr. Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team.. Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilities. Experience with Intrusion Detection and Prevention Systems (IDS/IPS), Firewall and Network Log analysis, Security Information and Event Management (SEIM) tools, threat intelligence services, and malware analysis. Certified Information Security Manager (CISM) certification. FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
The Cybersecurity Incident Response Lead will oversee the incident response and threat intelligence programs to safeguard critical assets and data.. Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues.. Ensure adherence to cyber risk management regulations, including FFIEC and other applicable laws.. Relevant industry certifications (CISSP, CISM, GIAC) are strongly preferred.. Technical Knowledge : Strong knowledge with information security technologies such as SIEM, SOAR, EDR, NDR, etc.
Vaco Technology is currently seeking a Cybersecurity Manager for a 6M C2H opportunity located in Downtown Dallas, TX (onsite 3-4 days per week).. MDR Platforms - 24/7 Monitoring / Threat Intelligence / Incident Response / Forensics/Analysis / Compliance Support, etc.. Cloud Security (AWS / Azure / GCP) - Cloud-Native Security Tools / Best Practices Focus. Cybersecurity Technologies - Firewalls / Cloud Firewalls (Meraki) / SIEM / IDS / Endpoint Protection Tools. Certifications - CISSP / CISM / CISA / CRISC (strongly preferred)
The Tier 2 Incident Response Engineer will provide advanced intrusion detection and incident response services, ensuring the rapid identification, analysis, and containment of security threats.. This position mainly and primarily supports overnight shift-work (5pm – 8am), weekend, federal and state holiday coverage for the 24x7 Cybersecurity Operations Center.. The Tier 2 Incident Response Engineer works for, and is under the daily management of, the Cybersecurity Operations Center team lead.. 3+ years’ experience with cybersecurity principles, including intrusion detection, incident response, and threat intelligence.. 3+ years’ experience in leveraging threat intelligence to anticipate and mitigate risks.
As a Sr Network Security Engineer, you will be responsible for implementing and maintaining the security infrastructure of our network systems both on-prem and in the cloud. The ideal candidate should possess in-depth knowledge of network security technologies including CloudFlare Magic Transit (a plus) and WAF, F5 ASM and AFM, DDOS, Palo Alto next gen firewalls, and AWS security groups and firewalls, strong network troubleshooting abilities, and a proactive approach to mitigating risks. Contributes to enhancement of the Palo Alto Next Gen firewalls and migration off of Checkpoint firewalls.. Strong knowledge of network security principles, protocols, and technologies, such as firewalls, IDS/IPS, VPNs, encryption, authentication, access control, WAF, DDOS. Experience with network monitoring and security tools, such as SIEM, packet analyzers, vulnerability scanners, and penetration testing tools.
This role focuses on threat mitigation, penetration testing, and incident response to protect against evolving cyber threats.. The ideal candidate will be an ethical hacker with up-to-date knowledge of cybersecurity trends, capable of handling threat hunting and ensuring system security and compliance.. Key Responsibilities: Conduct penetration testing to identify and mitigate vulnerabilities.. 2+ years of expertise in penetration testing and vulnerability assessment.. 2+ years of experience in threat intelligence and incident response.
About Secureworks Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.. This involves supporting customers by managing the technical and non-technical aspects of incident response, conducting investigative analysis using digital forensics methods to determine the nature, scope, and root cause of cyber incident activity, formulating recommendations for security posture enhancement, and developing tailored remediation plans.. These services include cyber threat hunting to help customers identify unknown compromise activity and gaps in their cybersecurity controls, as well as workshops, training courses, and exercises to help customers improve their incident response capabilities.. Serve as subject matter expert in digital forensics and incident response (DFIR).. Perform complex incident response investigative analysis and develop assessments based on the analysis of host, network, and cloud digital artifacts.
Zachary Piper Solutions is seeking Security Operations Center (SOC) Analysts for positions supporting a cabinet-level government agency.. The SOC Analyst will be responsible for protecting enterprise networks and data systems leveraging skills such as network security monitoring, incident response, and threat hunting.. Responsibilities of the SOC Analyst: Lead intricate security incident response initiatives, including threat actor tracing and post-breach scrutiny, employing network flow data, packet capture analysis, and security event logs to thwart unauthorized access and activity.. Craft and interpret snort rules adeptly, leveraging Splunk and other network security technology for thorough incident investigation and effective resolution.. Necessary Qualifications for the SOC Analyst: At least three years of cyber security experience in SOC/CIRT roles with a proven history in end-to-end incident response and advanced threat handling.
Lead Assessment & Authorization (A&A) processes to ensure compliance with the DoD Risk Management Framework (RMF) and other security frameworks.. Prepare detailed technical security reports and brief senior leadership on cyber risk posture.. Required Qualifications:Top Secret Security Clearance with SCI eligibility.. Hands-on expertise in configuring security tools such as:SIEM solutions (Splunk, ArcSight, QRadar) Endpoint protection platforms (HBSS, ACAS) Network security tools (firewalls, IDS/IPS, VPNs) Proficiency in secure software development practices, DevSecOps methodologies, and cloud security frameworks.. Experience leading penetration testing efforts, Red Team exercises, and cyber threat-hunting operations.
Zero Trust Identity and Access Management Specialist The Opportunity: As an Identity and Access Management (IAM) Subject Matter Expert (SME)at Booz Allen, you’ll play a critical role in the world of identity and access management and zero trust.. You’ll collaborate with security and IT leadership to design, implement, and maintain a Zero Trust security posture across IT infrastructure and IAM systems and conduct security assessments to identify vulnerabilities in existing infrastructure and access controls.. You'll develop and implement Zero Trust principles within both infrastructure and IAM domains, including network segmentation, micro-perimeters, Multi-Factor Authentication (MFA), Just-in-Time (JIT) access, and Principle of Least Privilege (POLP).. Configure and manage infrastructure security tools, such as firewalls, intrusion detection and prevention systems, and IAM solutions, such as identity providers, access control systems, and user provisioning tools.. You will integrate Zero Trust principles into infrastructure and application security policies, working collaboratively with application owners and develop and maintain comprehensive security documentation, including policies, procedures, and best practices for both infrastructure and IAM. As a SME you'll stay up-to-date on the latest Zero Trust advancements, and industry best practices for infrastructure and IAM security.
Network & Cloud Security – Secure infrastructure, applications, and cloud environments (AWS, Azure, Google Cloud).. Identity & Access Management (IAM) – Implement MFA, RBAC, and IAM best practices.. Information Security & IT Risk Management. Identity & Access Management (IAM, MFA, RBAC). Relevant security and networking certifications such as CISSP, CRISC, or CISM.
Develop and implement comprehensive global security architectures encompassing hybrid cloud, encryption, network security, VPN technologies, operating systems, single sign-on (SSO), zero trust architecture, role-based access control and other advanced security measures. Perform penetration testing planning, analyzing, remediation recommendations, and dashboarding.. Experience in web application penetration testing and web services (API) penetration testing, mobile application security testing.. Web Application Security Assessment - In-depth knowledge of web application attacks and defense strategies (SQL injection, XSS cross-site scripting, CSRF, logic flaws, etc. Experienced in vulnerability Assessments using Automated Scanners such as Nessus/Qualys and Manual Security Testing Kali Linux / Metasploit and other infrastructure security testing tools
Zachary Piper Solutions is seeking a PKI Cyber Consultant to join a long-term DOD program located in Ft Meade, Maryland.. The PKI Cyber Consultant will help the government better understand PKI policies and how to configure an environment using specific policies and directives.. Brief senior leadership on defensive strategies, threat analysis, and enterprise-wide PKI policies.. IAT II Certification such as Sec+ or CySa+. Active Top Secret Clearance with SCI eligibility
On the AWS Penetration Testing team, you will be responsible for the delivery of continuous assessments.. Perform penetration testing complex proprietary software and hardware for AWS services. - Minimum of 3 years of experience in security testing (Penetration testing, Vulnerability testing, Red teaming, bug hunting or CTF experience). - Minimum of 3 years of experience with manually auditing source code (One or more of: Java, Ruby, Python, JavaScript, Rust, C, others) to find security issues.. - Minimum of 3 years of professional experience with security engineering practices such as in web application security, network security, authentication and authorization protocols, cryptography, automation and other software security disciplines.
Incident Response & Digital Forensics: Analyzing, mitigating, and documenting security incidents using forensic tools.. Software and Application Security: Secure coding practices, threat modeling, and vulnerability management.. Cloud Security: Identity and access management (IAM), secure architecture, and data protection in cloud environments.. The Beacom College of Computer and Cyber Sciences currently offers five undergraduate programs: Artificial Intelligence, Computer Game Design, Computer Science, Cyber Operations, and Network and Security Administration.. DSU holds three prestigious designations from the National Security Agency (NSA) and the Department of Homeland Security (DHS) as National Centers of Academic Excellence (CAE) in Cyber Defense, Cyber Operations, and Cyber Research.
4+ years of experience in the cybersecurity industry, with demonstrated roles in SOC, Incident Response, Threat Intelligence, Malware Analysis, IDS/IPS Analysis, or related functions.. Proficient in Endpoint Detection and Response (EDR) tools and capabilities, with hands-on experience using CrowdStrike, Microsoft Defender, and other major vendors.. Strong understanding of cyber adversarial frameworks like MITRE Telecommunication&CK and Lockheed Martin s Cyber Kill Chain.. Hands-on experience hunting for Indicators of Compromise (IOCs) in SIEM and EDR tools such as Securonix, Microsoft Defender, Microsoft Purview, Microsoft Sentinel, Palo Alto XSOAR, ThreatConnect, and Recorded Future.. Certifications such as Network+, Security+, CISSP, CISM, GCIH, GCFA, and/or cloud-specific certifications like AWS Cloud Practitioner, AWS Certified Security - Specialty, and Microsoft Certified: Azure Security Engineer Associate