Security Governance

Senior Platform Engineer – API | Kong, Layer7, Apigee | Atlanta, GA Hybrid

Senior Platform Engineer – API

📍 Location: Atlanta, GA (Hybrid – 3 Days Onsite / 2 Days Remote)
🏢 Industry: Information Technology / Platform Engineering
💼 Employment Type: Full-Time
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: None
💰 Compensation: $105,000 – $160,000 Base Salary
🎯 Experience Level: Mid-Senior (5–7+ Years)

Overview

A global enterprise organization is seeking a Senior Platform Engineer – API to join its Middleware and Platform Engineering team.

This role will focus on designing, implementing, automating, and supporting enterprise API management platforms within a complex, globally distributed environment. The successful candidate will possess deep expertise in API gateways, API lifecycle management, security frameworks, automation, and cloud-native technologies.

As a senior member of the team, you will be expected to work independently on complex initiatives, collaborate with stakeholders across multiple regions, mentor junior engineers, and contribute to the modernization and optimization of critical API platforms.

Key Responsibilities

API Platform Engineering

  • Design, implement, and maintain enterprise API management platforms.

  • Support API gateway architecture and platform modernization initiatives.

  • Develop scalable, secure, and reliable API solutions.

  • Optimize API platform performance, availability, and resiliency.

API Lifecycle Management

  • Manage API design, publishing, versioning, governance, and retirement.

  • Establish and enforce API standards and best practices.

  • Support API onboarding and developer enablement initiatives.

  • Ensure consistency across enterprise API implementations.

Automation & DevOps

  • Automate API deployment, configuration, and operational processes.

  • Integrate API platforms into CI/CD pipelines.

  • Develop automation scripts using Python, Shell, or Ansible.

  • Support infrastructure-as-code and DevOps initiatives.

Security & Compliance

  • Implement API security policies and governance controls.

  • Manage authentication and authorization frameworks.

  • Support secure API design and deployment practices.

  • Ensure compliance with enterprise security standards.

Monitoring & Performance Management

  • Monitor API performance, availability, and usage trends.

  • Analyze metrics and implement performance improvements.

  • Troubleshoot complex platform and integration issues.

  • Support proactive capacity planning and platform optimization.

Collaboration & Leadership

  • Partner with architects, developers, product teams, and business stakeholders.

  • Mentor junior engineers and contribute to technical knowledge sharing.

  • Participate in platform strategy and continuous improvement initiatives.

  • Collaborate with global teams across multiple time zones.

Required Qualifications

Experience

✔ 5+ years of experience in API platform engineering, middleware engineering, or platform operations.

✔ Experience supporting enterprise-scale API management environments.

✔ Experience working within complex, globally distributed organizations.

Must-Have Technical Skills

API Management Platforms

Strong experience with one or more of:

  • Kong

  • Broadcom Layer7

  • Google Apigee

  • Equivalent API Management Platforms

API Gateway Technologies

  • API Gateway Architecture

  • Traffic Management

  • Rate Limiting

  • API Security Policies

  • API Governance

API Lifecycle Management

  • API Design

  • API Publishing

  • API Versioning

  • API Retirement

  • API Governance Frameworks

Authentication & Security

  • OAuth 2.0

  • JWT

  • OpenID Connect (OIDC)

  • API Security Best Practices

Automation & DevOps

Experience with:

  • Python

  • Shell Scripting

  • Ansible

Strong understanding of:

  • CI/CD Pipelines

  • DevOps Methodologies

  • Deployment Automation

  • Infrastructure Automation

Monitoring & Observability

Experience with:

  • Prometheus

  • Grafana

  • API Analytics

  • Performance Monitoring

  • Usage Monitoring

Cloud & Containerization

Exposure to:

  • Docker

  • Kubernetes

  • Cloud-Native API Platforms

  • Containerized Middleware Environments

Preferred Qualifications

  • Experience leading API platform initiatives.

  • Experience supporting global enterprise environments.

  • Strong troubleshooting and root-cause analysis skills.

  • Experience with platform modernization and cloud migration efforts.

  • Familiarity with enterprise integration patterns and middleware ecosystems.

Screening Questions

  1. Do you have professional experience with API management platforms such as Kong, Broadcom Layer7, Google Apigee, or similar technologies?

  2. Do you have experience designing and supporting API gateway architectures?

  3. Have you worked with API traffic management, rate limiting, and API security policies?

  4. Do you have experience managing the full API lifecycle, including design, publishing, versioning, and retirement?

  5. Have you implemented authentication and authorization frameworks such as OAuth 2.0, JWT, or OpenID Connect?

  6. Do you have experience automating API deployments using Python, Shell, or Ansible?

  7. Have you integrated API platforms into CI/CD pipelines and DevOps workflows?

  8. Do you have experience with API monitoring and analytics tools such as Prometheus or Grafana?

  9. Have you worked with Docker and Kubernetes in API or middleware environments?

  10. Are you authorized to work in the United States without current or future visa sponsorship?

Ideal Candidate Profile

The ideal candidate will:

  • Be a senior-level API platform engineer capable of operating independently.

  • Possess strong expertise across API gateways, API management, and security.

  • Be comfortable collaborating with global teams and stakeholders.

  • Demonstrate strong troubleshooting and problem-solving abilities.

  • Have experience automating platform deployments and operational processes.

  • Mentor junior engineers while remaining hands-on technically.

  • Thrive in highly complex enterprise environments.

  • Be flexible with occasional global collaboration outside standard business hours.

Candidate Snapshot

Requirement

Details

Experience

5–7+ Years

API Platforms

Kong, Layer7, Apigee or Equivalent

Security

OAuth 2.0, JWT, OpenID Connect

Automation

Python, Shell, Ansible

DevOps

CI/CD, Deployment Automation

Monitoring

Prometheus, Grafana

Containerization

Docker, Kubernetes

Location

Atlanta, GA

Work Arrangement

Hybrid (3 Days Onsite)

Compensation

$105K – $160K

Visa Sponsorship

Not Available

What Makes Someone Successful in This Role?

  • Deep expertise in enterprise API management platforms.

  • Strong understanding of API gateway architecture and security.

  • Ability to automate deployments and operational processes.

  • Experience working within global, cross-functional teams.

  • Strong troubleshooting and platform optimization capabilities.

  • Ability to balance hands-on engineering with mentoring responsibilities.

  • Excellent communication skills when engaging both technical and non-technical stakeholders.

  • Commitment to continuous improvement, platform reliability, and operational excellence.

 

Information System Security Officer (ISSO) – TS/SCI Full Scope Poly – Annapolis Junction, MD

Information System Security Officer (ISSO) – TS/SCI Full Scope Poly

📍 Location: Annapolis Junction, MD
🏢 Work Arrangement: 100% Onsite
💼 Employment Type: Full-Time
🔒 Security Clearance Required: Active TS/SCI with Full Scope Polygraph (NSA Preferred)
🇺🇸 Citizenship: U.S. Citizen Required
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: Available
💰 Compensation: $100,000 – $200,000 Base Salary

Overview

A leading government technology contractor is seeking Information System Security Officers (ISSOs) to support mission-critical classified programs within highly secure government environments.

This role is responsible for maintaining cybersecurity compliance throughout the Risk Management Framework (RMF) lifecycle, supporting system accreditation, continuous monitoring, vulnerability management, and ongoing cybersecurity operations.

The ideal candidate will possess strong RMF expertise, experience supporting classified environments, and the ability to work closely with System Administrators, System Owners, Information System Security Managers (ISSMs), Security Control Assessors, and Government stakeholders.

Key Responsibilities

Risk Management Framework (RMF)

  • Support the full RMF lifecycle for classified systems.

  • Develop and maintain RMF documentation and accreditation packages.

  • Coordinate Authority to Operate (ATO) activities.

  • Support security authorization and reauthorization efforts.

  • Ensure systems maintain compliance with cybersecurity requirements.

Security Compliance & Assessments

  • Conduct security control reviews and assessments.

  • Validate implementation of required security controls.

  • Monitor compliance against NIST and government standards.

  • Support internal and external cybersecurity audits.

Continuous Monitoring (ConMon)

  • Support ongoing Continuous Monitoring activities.

  • Review system configurations and compliance posture.

  • Analyze vulnerability findings and remediation efforts.

  • Track compliance status and corrective actions.

Vulnerability & Risk Management

  • Monitor vulnerabilities and security findings.

  • Coordinate remediation efforts with technical teams.

  • Assess risk and recommend mitigation strategies.

  • Support vulnerability management programs.

Stakeholder Collaboration

  • Work closely with:

    • System Administrators

    • System Owners

    • ISSMs

    • Security Control Assessors

    • Government Security Teams

  • Provide security guidance and compliance recommendations.

  • Support cybersecurity reviews and inspections.

Required Qualifications

Security Requirements

✔ Active TS/SCI Clearance

✔ Active Full Scope Polygraph (NSA Preferred)

✔ U.S. Citizenship Required

Cybersecurity & RMF Experience

Experience supporting:

  • Information Assurance (IA)

  • Cybersecurity Compliance

  • ISSO Functions

  • Classified Information Systems

Strong understanding of:

  • Risk Management Framework (RMF)

  • Authority to Operate (ATO)

  • Security Control Assessments

  • Continuous Monitoring (ConMon)

  • Risk Assessment Methodologies

RMF & Compliance Tools

Experience with one or more of:

  • LATTEART

  • XACTA

  • BISCOTTI

  • WATCHCAT

  • STE

Experience with:

  • Compliance scanning tools

  • Configuration assessment tools

  • Vulnerability management platforms

NIST Framework Knowledge

Strong familiarity with:

  • NIST SP 800-53 Rev. 3 and/or Rev. 5

  • NIST SP 800-37

  • Security Controls

  • RMF Documentation Requirements

Required Documentation Experience

Candidates should have experience creating, reviewing, or maintaining:

Security Documentation

  • System Security Plans (SSP)

  • Plans of Action & Milestones (POA&M)

  • Security Plan Findings (SPF)

  • Exception Documentation

Risk & Compliance Documentation

  • Risk Assessment Reports (RAR)

  • Security Assessment Reports (SAR)

  • Business Impact Assessments (BIA)

  • Configuration Management Plans (CMP)

  • Contingency Plans (CP)

  • After Action Reports (AAR)

Preferred Qualifications

Government & Classified Environment Experience

  • Classified Government systems

  • Security audits and inspections

  • Compliance reviews

  • Vulnerability remediation programs

Stakeholder Coordination

Experience coordinating with:

  • Authorizing Officials (AO)

  • Security Control Assessors (SCA)

  • ISSMs

  • System Owners

Technical Knowledge

  • Operating System Security

  • System Administration Concepts

  • Vulnerability Management

  • Configuration Management

Preferred Certifications

Highly desired certifications include:

  • CompTIA Security+

  • CISSP

  • CAP

  • CASP+

  • CISM

Must-Have Requirements

Clearance

✅ Active TS/SCI Clearance

✅ Active Full Scope Polygraph

Cybersecurity

✅ RMF Experience

✅ ATO Experience

✅ Continuous Monitoring (ConMon)

✅ Security Control Assessments

Documentation

✅ SSP Development

✅ POA&M Management

✅ Security Compliance Documentation

Soft Skills

✅ Strong Written Communication

✅ Strong Organizational Skills

✅ Risk-Based Decision Making

✅ Collaboration & Stakeholder Management

Screening Questions

  1. Do you currently hold an active TS/SCI clearance with a Full Scope Polygraph?

  2. Was your Full Scope Polygraph issued by NSA?

  3. When was your most recent Full Scope Polygraph completed?

  4. How many years of ISSO, Information Assurance, or Cybersecurity compliance experience do you have?

  5. Have you supported the full RMF lifecycle, including ATO activities?

  6. Which RMF compliance tools have you used (XACTA, LATTEART, BISCOTTI, WATCHCAT, STE)?

  7. Have you developed or maintained SSPs, POA&Ms, SARs, or RARs?

  8. What experience do you have with NIST 800-53 and NIST 800-37?

  9. Do you have experience supporting classified Government systems?

  10. Do you hold any cybersecurity certifications such as Security+, CISSP, CAP, CASP+, or CISM?

Ideal Candidate Profile

The ideal candidate will:

  • Hold an active TS/SCI Full Scope Polygraph.

  • Have strong ISSO or Information Assurance experience within classified environments.

  • Possess deep knowledge of RMF, ATO, and Continuous Monitoring processes.

  • Be highly detail-oriented and documentation-focused.

  • Have experience working with government cybersecurity compliance tools.

  • Understand vulnerability management and risk mitigation practices.

  • Effectively collaborate with technical and non-technical stakeholders.

  • Balance mission requirements with cybersecurity compliance obligations.

Candidate Snapshot

Requirement

Details

Clearance

Active TS/SCI + Full Scope Poly

Citizenship

U.S. Citizen

Experience Level

Mid-Level to Senior

Frameworks

RMF, NIST 800-53, NIST 800-37

Compliance

ATO, ConMon, Security Controls

Documentation

SSP, POA&M, SAR, RAR, CMP, CP

Tools

XACTA, LATTEART, BISCOTTI, WATCHCAT, STE

Certifications

Security+, CISSP, CAP, CASP+, CISM (Preferred)

Location

Annapolis Junction, MD

Work Arrangement

100% Onsite

Travel

None

Compensation

$100K – $200K

Relocation

Available

Why This Opportunity?

Mission Impact

Support highly classified national security programs and critical government systems.

Cybersecurity Leadership

Play a key role in accreditation, compliance, risk management, and cybersecurity governance activities.

Career Growth

Work alongside highly skilled cybersecurity professionals supporting some of the nation's most sensitive environments.

Excellent Benefits

  • 3 Weeks PTO

  • 11 Federal Holidays

  • Medical & Dental Coverage

  • Life Insurance

  • STD & LTD Coverage

  • 401(k) with Company Match

  • Long-Term Career Development

This opportunity is ideal for an ISSO, Information Assurance Analyst, Cybersecurity Compliance Analyst, RMF Analyst, Information Security Specialist, Security Control Assessor Support Specialist, or Cybersecurity Governance Professional with an active TS/SCI Full Scope Polygraph seeking to support mission-critical government programs.

 

Information System Security Engineer (ISSE) – TS/SCI Full Scope Poly – Annapolis Junction, MD

Information System Security Engineer (ISSE) – TS/SCI Full Scope Poly

📍 Location: Annapolis Junction, MD
🏢 Work Arrangement: 100% Onsite
💼 Employment Type: Full-Time
🔒 Security Clearance Required: Active TS/SCI with Full Scope Polygraph (NSA Preferred)
🇺🇸 Citizenship: U.S. Citizen Required
🎓 Certification Required: DoD 8570/8140 IASAE Level II Compliant Certification
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: Available
💰 Compensation: $100,000 – $200,000 Base Salary

Overview

A leading government technology contractor is seeking Information System Security Engineers (ISSEs) to support mission-critical classified government programs.

This role focuses on integrating cybersecurity engineering principles throughout the entire system lifecycle, including system design, implementation, accreditation, continuous monitoring, and sustainment. The ISSE will play a critical role in Risk Management Framework (RMF) execution, Assessment & Authorization (A&A) activities, security control validation, and ongoing cybersecurity compliance.

The ideal candidate will possess a strong blend of cybersecurity engineering, RMF expertise, technical security assessment experience, and security architecture knowledge within highly secure classified environments.

Key Responsibilities

Risk Management Framework (RMF)

  • Support the full RMF lifecycle for classified information systems.

  • Develop and maintain RMF documentation and security artifacts.

  • Assist with Authority to Operate (ATO) activities and sustainment.

  • Support Assessment & Authorization (A&A) efforts.

  • Maintain body-of-evidence packages for accreditation activities.

Security Engineering

  • Implement and validate security controls.

  • Perform Security Control Traceability and technical validation.

  • Support system boundary definition and security architecture development.

  • Conduct technical security assessments and risk analysis.

  • Recommend security improvements and mitigation strategies.

Compliance & Continuous Monitoring

  • Participate in Continuous Monitoring (ConMon) activities.

  • Conduct compliance assessments and security reviews.

  • Analyze vulnerability scan results and remediation efforts.

  • Verify remediation effectiveness and identify false positives.

  • Ensure ongoing compliance with cybersecurity requirements.

Vulnerability Management & Hardening

  • Support vulnerability management programs.

  • Implement and validate STIG compliance.

  • Support patch validation and security compliance efforts.

  • Assist with system hardening initiatives.

  • Coordinate remediation activities with technical teams.

Stakeholder Collaboration

  • Work closely with:

    • ISSOs

    • ISSMs

    • Security Control Assessors (SCAs)

    • System Owners

    • System Administrators

  • Support accreditation, compliance, and cybersecurity engineering efforts across mission systems.

Required Qualifications

Security Requirements

✔ Active TS/SCI Clearance

✔ Active Full Scope Polygraph (NSA Preferred)

✔ U.S. Citizenship Required

Certification Requirement

✔ DoD 8570/8140 IASAE Level II Compliant Certification

Examples include:

  • CISSP

  • CASP+

  • CCSP

  • CSSLP

Cybersecurity & RMF Experience

Strong experience with:

  • Risk Management Framework (RMF)

  • Assessment & Authorization (A&A)

  • Authority to Operate (ATO)

  • Security Control Implementation

  • Security Control Validation

  • Continuous Monitoring (ConMon)

NIST Knowledge

Strong familiarity with:

  • NIST SP 800-37

  • NIST SP 800-53 Rev. 3 and/or Rev. 5

  • Security Control Frameworks

  • RMF Compliance Processes

RMF & Compliance Tools

Experience with one or more of:

  • LATTEART

  • XACTA

  • BISCOTTI

  • WATCHCAT

  • STE

Additional experience with:

  • Compliance scanning tools

  • Configuration assessment tools

  • Vulnerability management platforms

Core ISSE Skill Areas

Security Engineering

  • Security Control Implementation

  • Security Control Validation

  • Security Architecture Support

  • System Boundary Definition

Compliance & Accreditation

  • Assessment & Authorization (A&A)

  • RMF Artifact Development

  • Accreditation Package Support

  • Body of Evidence Management

Vulnerability Management

  • Vulnerability Analysis

  • Remediation Tracking

  • Patch Validation

  • STIG Compliance

  • Security Hardening

Risk Management

  • Technical Risk Analysis

  • Compliance Validation

  • Continuous Monitoring (ConMon)

  • Security Assessment Support

Preferred Qualifications

Government & Classified Environment Experience

  • Classified Government cybersecurity programs.

  • Large-scale enterprise systems.

  • Mission-critical environments.

Technical Infrastructure Exposure

Experience supporting:

  • Enterprise Linux environments

  • Network infrastructure

  • Cloud environments

Stakeholder Coordination

Experience collaborating with:

  • ISSOs

  • ISSMs

  • Security Control Assessors

  • System Owners

  • Engineering Teams

Must-Have Requirements

Clearance

✅ Active TS/SCI Clearance

✅ Active Full Scope Polygraph

Certification

✅ IASAE Level II Certification

Cybersecurity

✅ RMF Experience

✅ A&A Experience

✅ ATO Experience

✅ Security Control Validation

Compliance

✅ Continuous Monitoring

✅ Vulnerability Management

✅ STIG Implementation

Documentation

✅ RMF Artifacts

✅ Accreditation Packages

✅ Security Documentation

Screening Questions

  1. Do you currently hold an active TS/SCI clearance with a Full Scope Polygraph?

  2. Was your Full Scope Polygraph issued by NSA?

  3. When was your most recent Full Scope Polygraph completed?

  4. Which IASAE Level II certification do you currently hold (CISSP, CASP+, CCSP, CSSLP, etc.)?

  5. How many years of ISSE or cybersecurity engineering experience do you have?

  6. Have you supported the full RMF lifecycle, including A&A and ATO activities?

  7. Which RMF tools have you used (XACTA, LATTEART, BISCOTTI, WATCHCAT, STE)?

  8. Do you have experience implementing and validating security controls?

  9. Have you supported STIG implementation, vulnerability remediation, and compliance validation?

  10. Do you have experience supporting classified government systems?

Ideal Candidate Profile

The ideal candidate will:

  • Hold an active TS/SCI Full Scope Polygraph.

  • Possess an active IASAE Level II certification.

  • Have strong cybersecurity engineering experience within classified environments.

  • Be highly knowledgeable in RMF, A&A, and ATO processes.

  • Understand security architecture, control implementation, and compliance validation.

  • Have experience supporting vulnerability management and STIG compliance.

  • Demonstrate excellent analytical, troubleshooting, and documentation skills.

  • Balance mission objectives with cybersecurity requirements and risk management practices.

Candidate Snapshot

Requirement

Details

Clearance

Active TS/SCI + Full Scope Poly

Citizenship

U.S. Citizen

Experience Level

Mid-Level to Senior

Certification

IASAE Level II Required

Frameworks

RMF, NIST 800-37, NIST 800-53

Compliance

A&A, ATO, ConMon

Security

Control Implementation & Validation

Documentation

RMF Artifacts & Accreditation Packages

Tools

XACTA, LATTEART, BISCOTTI, WATCHCAT, STE

Location

Annapolis Junction, MD

Work Arrangement

100% Onsite

Travel

None

Compensation

$100K – $200K

Relocation

Available

Why This Opportunity?

Mission Impact

Support highly classified systems that directly contribute to critical national security missions.

Cybersecurity Engineering Focus

Move beyond compliance into hands-on security engineering, architecture support, security control validation, and accreditation activities.

Technical Growth

Gain exposure to advanced RMF processes, security engineering practices, vulnerability management, and enterprise cybersecurity operations.

Strong Benefits Package

  • 3 Weeks PTO

  • 11 Federal Holidays

  • Medical & Dental Coverage

  • Life Insurance

  • STD & LTD Coverage

  • 401(k) with Company Match

  • Long-Term Career Development

This opportunity is ideal for an Information System Security Engineer (ISSE), Cybersecurity Engineer, RMF Engineer, Security Compliance Engineer, Cybersecurity Architect, A&A Specialist, or Security Controls Engineer with an active TS/SCI Full Scope Polygraph and IASAE Level II certification seeking to support highly sensitive government programs.

 

SOC Analyst – Montvale, NJ | Hybrid Cybersecurity & Vulnerability Management

SOC Analyst

📍 Location: Montvale, New Jersey
🏢 Work Model: Hybrid – 3 days onsite / 2 days remote
🏠 Employees work remotely every Friday + receive 40 additional remote days annually
💼 Employment Type: Full-Time
📈 Seniority Level: Associate / Mid-Level
🎓 Education: Bachelor’s Degree preferred
🔐 Industry: Cybersecurity / Manufacturing / Enterprise IT

💰 Compensation & Benefits

  • Salary Range: $90,000 – $110,000

  • Full benefits package

  • Hybrid flexibility

  • Collaborative and supportive IT/security environment

🚀 Overview

A growing enterprise organization is seeking a SOC Analyst to strengthen its cybersecurity operations through security monitoring, alert investigation, and vulnerability management.

This role combines Security Operations Center (SOC) responsibilities with hands-on vulnerability analysis and remediation coordination across enterprise infrastructure and endpoint environments.

The ideal candidate is analytical, collaborative, proactive, and highly communicative with experience supporting enterprise security operations.

🔧 Key Responsibilities

Security Operations

  • Monitor, triage, and investigate alerts from:

    • SIEM platforms

    • Endpoint protection tools

    • Security monitoring systems

  • Distinguish legitimate threats from false positives

  • Document findings and communicate results clearly

  • Assist with alert tuning and optimization efforts

Vulnerability Management

  • Support enterprise vulnerability scanning and assessments

  • Analyze vulnerability findings and prioritize remediation activities

  • Research CVEs and provide:

    • Exploitability analysis

    • Business impact context

    • Remediation guidance

  • Track remediation progress and validate fixes

Collaboration & Communication

  • Partner closely with:

    • Infrastructure teams

    • IT leadership

    • Cybersecurity teams

  • Maintain strong communication and visibility around risks and remediation efforts

  • Proactively identify opportunities for improvement

Continuous Improvement

  • Assist with:

    • DLP and information protection controls

    • System hardening initiatives

    • Documentation and runbook development

  • Explore enhanced capabilities within existing security tooling

✅ Required Qualifications

  • Bachelor’s degree in:

    • Cybersecurity

    • Computer Science

    • Information Technology

    • Related discipline
      OR equivalent practical experience

  • 3–5 years of experience in:

    • Security operations

    • Vulnerability management

    • Endpoint protection analysis

  • Strong understanding of:

    • CVEs

    • Risk prioritization

    • Vulnerability remediation processes

  • Excellent communication and collaboration skills

⭐ Preferred Skills

  • Experience with:

    • SIEM platforms

    • Enterprise log analysis

    • Endpoint detection & response (EDR) tools

  • Familiarity with:

    • Active Directory

    • Group Policy

    • Security baselines

  • Scripting or reporting experience:

    • PowerShell

    • Python

    • Power BI

  • Security certifications are a plus but not required

🎯 Ideal Candidate

  • Hands-on SOC or cybersecurity analyst with enterprise experience

  • Strong communicator who proactively keeps stakeholders informed

  • Comfortable balancing:

    • Security investigations

    • Vulnerability analysis

    • Cross-functional collaboration

  • Curious, self-driven, and eager to improve security operations

📝 Screening Considerations

  • Do you have experience with:

    • SOC operations

    • Vulnerability management

    • Endpoint security tools?

  • Have you worked with SIEM or enterprise detection platforms?

  • Are you comfortable working in a hybrid environment in Montvale, NJ?

  • Do you have experience coordinating remediation efforts with infrastructure teams?

🌍 Work Environment

  • Hybrid work schedule:

    • 3 onsite days

    • 2 remote days

  • Additional remote flexibility throughout the year

  • Collaborative enterprise IT and cybersecurity team

  • Occasional travel between NY/NJ locations may be required

📈 Why Join

  • Broad exposure across enterprise cybersecurity operations

  • Opportunity to influence security tooling and processes

  • Supportive, highly collaborative IT culture

  • Strong focus on learning, ownership, and continuous improvement

 

Cyber-Physical Security Manager – Integrated Cyber & Physical Security | Kansas City

Cyber-Physical Security Manager

📍 Location: Kansas City, Missouri (Hybrid / Flexible WFH)
💼 Employment Type: Full-Time
✈️ Travel: Occasional
🎓 Education: Bachelor’s Degree Required
🚚 Relocation Assistance: Possible for the ideal candidate

Role Overview

This role sits at the intersection of cybersecurity, physical security, and smart infrastructure. As Cyber-Physical Security Manager, you will design, govern, and evolve integrated security systems that protect people, facilities, data, and operational technologies across corporate and project sites.

You’ll act as a technical authority and strategic advisor, translating cybersecurity frameworks into real-world physical and operational security solutions—while partnering closely with IT Security, SOC, Crisis Response, and facilities leadership.

What You’ll Own

  • Design & Architecture

    • Design scalable, resilient cyber-physical security architectures across corporate and project environments

    • Produce technical specifications for:

      • Access control systems

      • Intrusion detection

      • Video surveillance

      • ICS / OT / IoT and smart building technologies

  • Framework Translation & Compliance

    • Translate security frameworks (e.g. ISO 27001, NIST SP 800-82) into technical requirements, procedures, and standards

    • Ensure systems align with federal credentialing and critical infrastructure requirements

  • Risk & Resilience

    • Lead cyber-physical security risk assessments, aligned with enterprise information security risk methodologies

    • Identify vulnerabilities across IT, OT, and physical domains and define mitigation strategies

  • Security Operations & Monitoring

    • Partner with Security Operations Center (SOC), Crisis Management, and Emergency Response teams

    • Enhance monitoring, detection, and response capabilities across physical and cyber environments

    • Integrate physical security platforms with centralized monitoring workflows

  • Enterprise & Smart Building Integration

    • Lead integration of physical security systems with IT and OT platforms

    • Ensure smart building technologies comply with enterprise IT security policies and governance

  • Strategy & Program Development

    • Partner with IT Security leadership to define and execute cyber-physical security strategy

    • Develop and maintain:

      • Security programs

      • Standards & playbooks

      • Operating procedures & checklists

    • Proactively evolve security capabilities to address emerging threats

  • Vendor & Stakeholder Management

    • Own vendor relationships through detailed scopes of work and performance oversight

    • Evaluate and onboard new vendors in line with defined security and operational standards

    • Collaborate cross-functionally with facilities, office management, IT, and security teams

What We’re Looking For

  • 7–10+ years of experience across cyber security, physical security, or integrated security environments

  • Strong background designing and managing enterprise-scale security systems

  • Experience working with OT, ICS, IoT, or smart building technologies

  • Hands-on experience translating security frameworks into operational controls

  • Proven ability to work cross-functionally with IT, facilities, operations, and executive stakeholders

  • Strong documentation, governance, and program-building skills

  • Comfortable operating as both technical expert and strategic advisor

Nice to Have

  • Experience supporting SOC environments or security monitoring platforms

  • Background in critical infrastructure, construction, large facilities, or multi-site enterprises

  • Familiarity with vendor selection, RFPs, and managed security services

Compensation & Benefits

  • 💰 Base Salary: $107,000 – $134,000

  • Comprehensive benefits package including:

    • Medical, Dental, Vision Insurance

    • Paid Time Off

    • Retirement Plan

    • Flexible work arrangements

    • Relocation assistance (if applicable)

Additional Details

  • Security Clearance Required: No

  • Visa Sponsorship: Not available

  • Work Model: Hybrid / Flexible WFH

  • Employment Type: Full-Time

Ideal Candidate Profile

  • Strategic thinker with hands-on technical depth

  • Comfortable owning end-to-end security programs

  • Collaborative, detail-oriented, and proactive

  • Passionate about protecting people, assets, and systems in complex, real-world environments

 

Staff Product Security Engineer | Medical Devices | Limerick, Ireland | Onsite

🔐 Staff Product Security Engineer

📍 Location: Limerick City, Munster, Ireland (Onsite – minimum 4 days per week)
🏢 Industry: Medical Devices / Healthcare Technology
🧠 Level: Mid–Senior
💼 Employment Type: Full-Time
✈️ Travel: Occasional
🛂 Visa Sponsorship: Not available
💶 Salary Range: €85,000 – €95,000
🎁 Benefits: Full benefits package

🚀 The Opportunity

An innovative global medical technology organisation is seeking a Staff Product Security Engineer to play a critical role in shaping and strengthening product security across next-generation healthcare solutions.

This is a highly visible position offering the opportunity to:

  • Influence security strategy across product portfolios

  • Embed secure-by-design principles across the full product lifecycle

  • Lead security maturity improvements

  • Work cross-functionally with R&D, Quality, Regulatory, and IT

  • Protect products in an evolving threat landscape

If you're passionate about cybersecurity, product resilience, and impact-driven work in healthcare, this role offers both purpose and technical depth.

🎯 Key Responsibilities

  • Lead and develop a high-performing Product Security function

  • Define and guide product security strategy aligned with regulatory and enterprise cybersecurity objectives

  • Embed secure-by-design practices, threat modelling, and proactive vulnerability management

  • Partner with R&D, Quality, Regulatory, and IT teams to ensure security is integrated throughout the product lifecycle

  • Conduct product security risk assessments and support remediation strategies

  • Support product security documentation, including governance and compliance artefacts

  • Review technical designs and source code; provide clear, actionable recommendations

  • Support incident response and vulnerability management efforts

  • Implement best practices for:

    • Encryption & PKI

    • Authentication & access control

    • Audit logging

    • Secure hardening

    • Patch management

    • Vulnerability monitoring

  • Track and report security posture using meaningful metrics

  • Ensure adherence to development policies and quality management systems

🧠 Required Experience & Qualifications

  • Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience)

  • 5+ years experience in:

    • Security architecture

    • Secure software development

    • Systems and architecture design

  • Experience working in regulated environments with strong QMS adherence

  • Proven experience leading or mentoring teams

  • Strong understanding of:

    • Encryption algorithms and PKI

    • Embedded device security

    • Networking and threat models

    • Dynamic and static code analysis tools

  • Excellent written and verbal communication skills

  • Strong collaboration and stakeholder management abilities

🧩 Technical Skills Snapshot

Domain

Experience

Product Security

Secure-by-design, threat modelling, vulnerability management

Cryptography

Encryption, PKI

AppSec

Static/Dynamic analysis, secure SDLC

Embedded Security

Yes

Networking

Security controls, common threats

Documentation

SAP, SharePoint, DocuSign or similar

Regulated Environments

Medical / highly regulated industries

Tools

Microsoft Office, security tooling

🏢 Work Style & Culture

  • Strong emphasis on onsite collaboration (minimum 4 days/week in office)

  • Cross-functional, high-impact environment

  • Focus on innovation, continuous improvement, and ownership

  • Opportunity to influence product direction at a strategic level

📌 Candidate Snapshot

Attribute

Details

Role

Staff Product Security Engineer

Location

Limerick, Ireland

Experience

10–15 years ideal

Leadership

Yes (influence & team leadership expected)

Domain

Medical device security

Environment

Regulated, high-compliance

Work Model

Onsite-first

🌍 Why This Role Matters

Your work will directly contribute to:

  • Protecting patient safety

  • Strengthening cybersecurity in healthcare systems

  • Ensuring regulatory compliance

  • Driving security maturity across critical medical technologies

This is a career-defining role for someone who wants both technical depth and meaningful impact.

 

Information Systems Security Engineer (ISSE) & Information Systems Security Officer (ISSO) | TS/SCI FS Poly | $220K–$260K | Annapolis Junction, MD

Job Title: Information Systems Security Engineer (ISSE) & Information Systems Security Officer (ISSO)
Location: Annapolis Junction, Maryland (100% Onsite)
Clearance Required: TS/SCI with Full Scope Polygraph (FS Poly)
Compensation: $220,000 – $260,000 base salary
Employment Type: Full-time
Relocation Assistance: Possible for ideal candidate
Benefits: Full benefits offered
Visa Candidates: Not considered

Overview:

We are hiring two experienced cybersecurity professionals for an exciting and mission-critical government program based in Annapolis Junction, MD. Both roles require active TS/SCI with Full Scope Poly (poly must be within the past 5 years and from a Maryland Intelligence Customer). While both positions are integral to the security posture of the program, each requires a different focus, background, and certification path.

1. Information Systems Security Engineer (ISSE)

Role ID: 727
Seniority Level: Mid to Senior
Clearance: TS/SCI w/ FS Poly (mandatory)
Certifications Required:

  • CISSP (Required)

  • ISSEP (Preferred or willing to obtain during crossover if CISSP has been held for 2+ years)

Key Responsibilities:

  • Develop and implement system security designs and architectures for complex, large-scale systems.

  • Lead security risk assessment and mitigation throughout the system development lifecycle.

  • Conduct system security planning, vulnerability testing, and compliance verification.

  • Analyze and implement secure communication protocols, encryption tools, and secure OS configurations.

  • Collaborate with engineers across integration, testing, and development teams to ensure compliance with classified information handling.

  • Use tools such as Nessus, NMAP, Wireshark for threat identification and remediation.

  • Support RMF, risk management activities, and IA (Information Assurance) processes.

Preferred Experience:

  • Bachelor’s or Master’s in Cybersecurity, Information Assurance, or related field.

  • Experience with Defense-in-Depth principles, secure software architecture, and penetration testing tools.

  • Proficient in scripting languages and secure configuration management.

2. Information Systems Security Officer (ISSO)

Role ID: 643
Seniority Level: Mid to Senior
Clearance: TS/SCI w/ FS Poly (mandatory)
Certifications Required:

  • IAT Level II or IAM Level II certification (Required)

    • Examples: Security+ CE, CASP+, CISSP, CISM, or similar

Key Responsibilities:

  • Act as ISSO for a large-scale software development and IT operations program.

  • Enforce security policies and maintain operational security posture of systems.

  • Manage documentation for system Certification & Accreditation (C&A) and Security Plans (SSPs).

  • Conduct vulnerability remediation, IAVA compliance, and configuration management for system security.

  • Support day-to-day information system operations, network security, and audit readiness.

  • Coordinate with ISSM and other security stakeholders to ensure secure system integration and lifecycle support.

Preferred Experience:

  • 10+ years as an ISSO in complex, standalone, or connected environments.

  • Experience maintaining SSPs, performing incident response, and managing vulnerability scans.

  • Familiarity with tools supporting IAVA management, CM, and system auditing.

  • Bachelor’s degree in a related field and 12+ years of overall security experience preferred.

Ideal Candidate Profile (Both Roles):

  • Must hold a current FS Poly with the Maryland Intelligence Customer (within the past 5 years).

  • No prior CCAs (Counterintelligence Concerns).

  • Excellent verbal/written communication skills and team collaboration.

  • Strong commitment to best practices and high-integrity security operations.

Additional Notes:

  • Both roles are 100% onsite in Annapolis Junction, MD.

  • Do not repost these positions.

  • Candidates must be U.S. Citizens with an active TS/SCI with Full Scope Polygraph.