- BOOZ, ALLEN & HAMILTON, INC. (Alexandria, VA)
- …or ACAS, including Tenable.sc or Nessus + Experience implementing and evaluating NIST SP 800-53 security controls and supporting RMF processes + Experience with ... compliance systems such as eMASS, STIG Viewer, and SCAP tools + Knowledge of how to interpret and apply STIGs to support secure configuration baselines, remediation plans, and POA & M lifecycle management + Active TS/SCI clearance; willingness to take a… more
- Chenega Corporation (Washington, DC)
- …+ Familiarity with federal IT policies, procedures, and regulations (eg, FedRAMP, NIST ) applicable to cloud and AI solutions. _Preferred Qualifications:_ + Microsoft ... Certified: Power Platform Developer Associate (PL-400) or higher. + Experience in a federal government OCIO environment. + Experience with Dynamics 365 CE/CRM. + Knowledge of Azure AI services and their integration with Copilot Studio. + Experience with Agile… more
- DXC Technology (Albany, NY)
- …and App-ID. Familiarity with security frameworks and compliance standards (eg, NIST , ISO 27001, PCI-DSS). + Excellent analytical, problem-solving, and communication ... skills. + Palo Alto certifications (eg, PCNSE) strongly preferred. + The candidate must be US based. **Preferred Skills:** + Experience with automation and scripting (Python, Ansible) for firewall management. + Knowledge of cloud-based firewall deployments… more
- Leidos (Port Hueneme, CA)
- …+ In-depth understanding of Committee on National Security Systems (CNSS), NIST 800 Series Special Publications, Joint Special Access Program Implementation Guide ... (JSIG), and DoD Intelligence Information System Joint Security Implementation Guide (DJSIG). + Proficient with one or more malware prevention tools such as HBSS or Microsoft Defender. + In-depth knowledge of and operations of a security information event… more
- Leidos (Hickam AFB, HI)
- …experience in C4ISR, IT, or Information Assurance activities Proven experience applying NIST RMF methodologies At least 3 years using security control management ... tools TS/SCI clearance required at start of employment CISSP certification or equivalent senior-level information assurance accreditation Maintain an IAM Level III Certification Preferred Qualifications Knowledge of US Air Force operations and the Pacific… more
- Palo Alto Networks (Washington, DC)
- …needed + Able to conduct cyber risk assessments using frameworks or standards like NIST CSF, ISO 27001/2, PCI, CIS Top 20, CMMC, or other industry measurement tools ... + Conduct cloud penetration testing engagements to assess specific workloads (ie, AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client… more
- DoorDash (New York, NY)
- …security operations related frameworks and standards (eg, MITRE Att&ck and NIST ) + Excellent verbal and written communication, presentation, and stakeholder ... management skills Applications for this position are accepted on an ongoing basis Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only We use Covey as part of our hiring and/or promotional process for jobs in NYC and… more
- Chemung Canal Trust Company (Elmira, NY)
- …end user and system breaches or potential infection/attacks. + Participate in performing NIST Risk Assessments for core and critical systems to identify areas of ... weakness or vulnerability. + Work with vendors on improvements to products or new product/service research. + Assist with administering various security appliances and devices (web/content filtering, SIEM, vulnerability scanner/trends, etc.) + Assist with… more
- HCA Healthcare (Nashville, TN)
- …Skilled in assessing security solutions against industry standards (ISO 27001, NIST , CIS, PCI-DSS) and delivering actionable recommendations to strengthen compliance ... and resilience + Develop Security Reference Architectures, Position Papers and Implementation Guidance + Consult on evolving security capabilities in technology areas such as Endpoint, Network, Identity, Data, Mobile, Application, Cloud, OT, AI etc. + Foster… more
- Cambridge International Systems Inc (Charleston, SC)
- …platforms to support continuous monitoring and ongoing authorization programs (eg, RMF, NIST frameworks). + Establish frameworks to quantify and measure cyber risk, ... enabling risk-based decision-making across the enterprise. + Security Architecture & Risk Assessment: + Evaluate business strategies to determine cybersecurity requirements, aligning them with current information security standards and best practices. +… more