Job Description

The Incident Response engineer will manage security incident response processes, investigate threats, and implement corrective actions to contain and remediate incidents. Analyze security alerts, perform initial triage, determine the scope and impact of incidents, and escalate or coordinate responses with other teams as necessary.

Responsibilities

Conduct thorough investigations, performing digital forensics and malware analysis, preserving digital evidence, and managing cybersecurity incident and spillage response processes. Develop, maintain, and improve incident response playbooks, participate in threat hunting activities, and conduct post-incident reviews to generate reports and track metrics. configure and maintain incident response tools and systems, including SIEM solutions, and contributing to security awareness efforts through training and exercises. Stay current with emerging threats and best practices, assist in security awareness programs, and collaborate with IT and security teams to enhance incident response capabilities and prevent future incidents.

Must have:

• Bachelor’s degree (or an additional 4 years of experience)
• Foundational knowledge in engineering, security incident response, digital forensics, cyber investigations

Security Clearance:

• Active TS/SCI clearance

Accenture Federal Services is seeking an ISSE who will work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc.

What you’ll do:

• Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI
• Advise on in-depth security design review and threat/risk assessments
• Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)
• Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities

What you’ll need:

• DoD 8570 IAT Level II certification or higher (ex: Sec+, CISSP, CASP, etc.)
• 5 years of implementing NIST 800-53, Rev 4 and the Risk Management Framework (RMF)
• 5 years of experience with Windows and/or Linux environments
• 3 years of experience with virtualization or cloud environments (AWS preferred) 
• 2 years of using information security and assurance practices and principles
• Experience with ACAS/Nessus for scanning & SIEM/Splunk to configure 

Bonus points if you have: 

• Incident handling procedures
• Experience with Terraform & Ansible 
• Other Security related certification: (Cloud, SIEM, forensics, Linux, Windows, etc)
• Experience working in a DevSecOps project environment
• Formerly or currently a system administrator, developer, or engineer
• Experience with MS Active Directory, McAfee, Windows, Linux, AWS Security, etc.
• Strong verbal and written communication skills
• Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers with seasoned Government personnel
• Ability to work in a matrixed team environment and support multiple different efforts as needed
• Desire to learn new technologies and tools and willing to share your experience with the team
• JSIG or ICD 503 compliance

Clearance:

Must have an active TS/SCI level clearance

The Operations Watch Engineer is a critical member of a 24/7 mission environment, serving as the central point for maintaining real-time situational awareness of mission‑critical systems supporting global operations. This role monitors multiple data streams, triages system degradations, coordinates with technical teams, and communicates rapid, accurate assessments to stakeholders and senior leadership. The position requires exceptional composure, sharp analytical skills, and the ability to synthesize complex information quickly in a high‑tempo watch floor environment.

What you’ll do:

• Maintain continuous monitoring of multiple operational systems, real‑time data feeds, and mission‑critical applications
• Serve as the initial point of contact for all incidents, assessing severity, resolving issues when possible, and escalating per established Standard Operating Procedures
• Produce clear and concise Spot Reports and shift summaries capturing all essential operational details
• Act as the central communication hub during crisis events, coordinating efforts across field teams, operations, and senior leadership
• Maintain an accurate and detailed chronological watch log to ensure seamless shift turnover

What you’ll need:

• Bachelor’s or Master’s degree in Systems Engineering, Computer Science, Computer Engineering, or a related field; relevant experience may substitute for formal education
• Proficiency with watch floor tools such as: Kibana, Nagios, and/or Grafana
• Ability to operate effectively on a rotating 12‑hour shift schedule, maintaining focus during periods of high operational intensity

Bonus points if you have:

• Prior experience in an operations center environment, such as GSOC, SOC, EOC, military command center, or emergency dispatch environment
• Strong critical thinking skills with the ability to analyze disparate information and maintain situational clarity under pressure
• Excellent written and verbal communication skills, with the ability to brief senior leaders effectively

Clearance:

• Must have an active TS/SCI with Polygraph level clearance

Accenture Federal Services is seeking mission-oriented people to join our team. We are looking for experienced DOD Cyber Effects Operations Planners to lead the Cyber Effects team in the planning, development, execution and analysis of full spectrum cyber operations.

Responsibilities:

• Lead a team of planners that:
  • Provide expertise in integration Cyber Effects planning toward Joint Operations level planning, force structure, and capability development
  • Assist with draft or editing Operational Plans (OPLANS), Operational Orders (OPORDs), and CONPLANS
  • Participate in Joint Planning Groups (JPG) and Operational Planning Teams (OPT) analyzing and integrating cyber capabilities into mission plans, support action officers with planning
  • Develop and analyze concepts of support and courses of action, integrate command and external capabilities, and coordinate and document comprehensive plans
  • Support client cryptologic operations as a Cyberspace Operations Mission
  • Lead the team that coordinates the synchronization of other complementary cyber disciplines, including signals intelligence (SIGINT) processing and dissemination (PED) management in support of mission requirements
  • Provide subject matter export (SME) support to Data Flow and Cyber Infrastructure and maintain operational dataflow on cryptologic systems in service and joint platforms
  • Provide support to Cyber Effects planning to meet mission objectives
  • Plan activities required to support the execution of deliberate and dynamic Cyberspace Operations

What you’ll need:

• 10 years of experience with military cyberspace operations or computer network operations
• Joint or COCOM level mission planning experience
• Knowledge of cyberspace capabilities, Title authorities, TTPs, tradecraft and available infrastructure or platforms
• Experience working with cybersecurity teams, including Cyber Mission Teams (CMT), National Mission Teams (NMT), or Combat Support Teams (CST), and other Joint Task Force elements with a Cyber Mission Focus
• Experience with full-spectrum cyberspace operations
• Completion of the Joint Information Operations Planners or Special Technical Operations (STO) Planners Course

Security Clearance:

• Must have an active TS/SCI level clearance and willingness to sit for a polygraph

Responsibilities:

• Perform advanced analysis to identify threat actor TTPs, post-compromise behaviors, and insider threats.
• Develop and refine SIEM dashboards to enhance threat detection and monitoring capabilities.
• Lead and manage a team of Tier 1 and Tier 2 analysts, providing mentorship and training.
• Provide expert-level investigative support for large-scale and highly complex security incidents.
• Conduct advanced malware analysis and forensic investigations, including evidence collection and preservation.
• Drive threat hunting activities using behavioral analysis and intelligence-driven methodologies.
• Collaborate with senior leadership and clients to communicate findings, risks, and mitigation strategies.

Job Qualifications:

• 6+ years of experience with incident response, digital forensics, or threat hunting.
• Hands-on experience conducting malware analysis, DFIR, and CTI investigations.
• Proficiency with forensic tools such as Encase, Forensic Toolkit (FTK), and XRY.
• Expertise in forensic evidence collection, preservation, and chain of custody protocols.
• Experience interacting with senior-level leadership, including client stakeholders.
• 2+ years of experience leading SOC teams or managing medium-to-large teams in a security capacity.

Bonus Points:

• Certifications such as CISSP, GREM, OSCP, or GCFA.
• Experience with proactive threat modeling and adversary emulation.
• Strong knowledge of cloud security frameworks and tools (e.g., AWS, Azure, GCP).
• Ability to develop SOC playbooks and processes to improve operational efficiency.

Eligibility Requirement:

• Must hold an Active Secret clearance
• Must be a US Citizen Only (No Dual Citizenship, No Green Card Holder)

This is 100% onsite role in St Louis, MO

#LI-Defense #LI-Onsite 

Overview:
We are seeking a hands-on Security Engineering Lead to manage the engineering and sustainment of CBP SOC's security infrastructure. This role involves leading a team responsible for the full lifecycle management of security tools and applications across on-premise, cloud, and transitional environments. The ideal candidate will have a strong background in network security, systems administration, and experience with a wide array of security solutions.

Key Responsibilities:

• Lead the administration, configuration, maintenance, and tuning of the CSD tool suite (SIEM, IDS/IPS, AV solutions).
• Oversee changes in software, hardware, facilities, and telecommunications to align with user needs.
• Provide technical leadership in evaluating and implementing new security technologies and processes.
• Manage security device signature maintenance, performance reporting, and optimizations.
• Support the CSD Service Desk and ISSOs during the ATO/ATT process.

Required Qualifications:

• 3+ years of experience in security administration systems and support.
• Strong working knowledge of security services, networking, and security policy.
• Proven experience with network security solutions (L2/L3 devices, NAC, 802.1x, Firewalls, IDS/IPS, VPNs).
• Advanced knowledge of encryption algorithms, secure communications, SIEM, and embedded systems security.

Required Certifications:

• Minimum: A+, Security+, or Network+.
• Preferred: CISSP certification.

Job Summary:
This role is responsible for securing and governing enterprise cloud data environments, with a core emphasis on Microsoft 365. The position also provides extended coverage across Google Cloud/Workspace, AWS, and Microsoft Azure. The successful candidate will design and implement scalable, compliance-driven security frameworks to support AI-enabled data flows (e.g., Microsoft Copilot and Google AI). This includes enforcing sensitivity labeling, tagging, data lifecycle governance, and platform-agnostic reporting.

In addition to granular data controls, this role encompasses tenant-level hardening, Zero Trust policy enforcement, conditional access configuration, and secure collaboration guardrails. The ideal candidate will proactively architect future-proof protections for hybrid cloud deployments, ensuring operational resilience, regulatory compliance, and cross-platform security consistency.

Key Responsibilities:

• Design and implement secure data protection strategies across Microsoft 365, Google Cloud, AWS, and Azure.
• Enable secure AI integrations (e.g., Google AI and Microsoft Copilot) across environments.
• Manage data sensitivity and lifecycle controls using Microsoft Purview and similar tools.
• Execute tenant-wide security enhancements aligned with Zero Trust principles.
• Automate tasks and reporting using tools such as PowerShell, Graph API, Google Cloud SDK, AWS CLI, and Power Platform.
• Oversee records management, labeling, tagging, and regulatory compliance across platforms.
• Translate evolving business needs and emerging technologies into actionable, secure solutions.
• Advise on AI governance models and secure data interaction with new technologies.
• Support cloud platform expansion and evaluate new tools for data protection and secure collaboration.

Minimum Qualifications:

• Active DoD SECRET Clearance
• Relevant Cloud Computing certifications (e.g., Azure Administrator (AZ-104), Developer (AZ-204), Security Engineer (AZ-500), Data Engineer (DP-203), and AI Engineer (AI-102)
• Certification meeting DoD 8570.01 IAT Level 2 (Security+)
• 3+ years of experience in Microsoft 365 administration and data security.
• 3+ years of experience in cloud security environments.
• Familiarity with Zero Trust architecture and multi-platform implementation.
• In-depth understanding of sensitivity labels, data governance, tagging, Intune, and retention policies. (i.e. Microsoft Purview experience)

Desired Skills:

• Proficiency with scripting and automation tools, including PowerShell, Graph API, Google SDK, and AWS CLI.

Demonstrated ability to manage cross-platform records and lifecycle governance.

• Strong cross-functional collaboration skills with technical and business teams.
• Strong experience deploying cloud features and services across diverse environments.
• Working knowledge of Google Cloud, Google Workspace, AWS, and Azure security configurations.
• Experience in AI platform integration and governance across ecosystems.

Responsibilities:

• Perform continuous monitoring and security incident triage through the review of SIEM events, network traffic data collection, and endpoint activity logs.
• Identify and collect relevant data associated with initial security investigation findings.
• Document and track investigations to resolution while creating detailed security alert notifications for customers.
• Escalate investigations requiring advanced analysis of security incidents to Tier 2 or incident responders.

Job Qualifications:

• 2+ years of experience monitoring and responding to intrusion attempts in a SOC or similar environment.
• Hands-on experience triaging security alerts, events, logs, and artifacts using SIEM tools.
• Familiarity with common threat vectors, attack methodologies, and basic incident handling processes.

Bonus Points:

• Hands-on experience integrating, deploying, and configuring security tools in an enterprise environment.
• Certifications in one or more of the following areas:
• Networking: Cisco, Palo Alto, Juniper.
• Security Tools: Splunk, Carbon Black, Cylance, McAfee, Tenable, FireEye, CrowdStrike, ELK.
• SANS/GIAC: GCIH, GREM, GCED, GCDA.
• Exposure to scripting or automation (e.g., Python, PowerShell) to improve SOC workflows.

Eligibility Requirement:

• Must hold an Active Secret clearance
• Must be a US Citizen Only (No Dual Citizenship, No Green Card Holder)

This is 100% onsite role in St Louis, MO

#LI-Defense #LI-Onsite 

As a Senior Information Systems Security Engineer (ISSE), you will design, implement, and manage security solutions, including firewalls, intrusion detection/prevention systems, endpoint protection, and encryption mechanisms to ensure the organization's networks and systems remain secure.

RESPONSIBILTIES

• Conduct regular security assessments to identify vulnerabilities and weaknesses in systems, networks, and applications.
• Develop and implement incident response plans to effectively address security breaches, incidents, and breaches.
• Collaborate with cross-functional teams to establish and enforce security policies, standards, and procedures.
• Monitor network traffic, system logs, and security alerts to detect and respond to potential security incidents.
• Analyze and investigate anomalies and security breaches, taking appropriate actions to mitigate risks.
• Work closely with cross-functional teams, including IT, software development, and compliance, to integrate security into all phases of the development lifecycle and ensure a comprehensive approach to cybersecurity.
• Maintain thorough and accurate documentation of security processes, procedures, and configurations.
• Prepare detailed reports on security findings, incidents, and actions taken.

What you’ll need to succeed:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 10 years of experience as a cybersecurity engineer with a specialization in designing and building implementations of required security controls and implementing continuous monitoring and auditing of solutions for compliance with security controls.
• Strong skills in specifying and implementing log collection into tools such as Splunk, and performing querying and analysis of aggregated logs to identify security-relevant anomalies or risks.
• Strong experience in implementing security controls from government regulatory frameworks and security standards (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
• Experience with implementing controls for data-centric solutions in the cloud within IL5 to IL6+ environments.
• Strong understanding of network protocols, operating systems, and infrastructure components. Proficiency in incident response, security incident handling, and forensic analysis techniques.
• Effective communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
• CISSP or equivalent certification to support DoD 8140 requirements.

CLEARANCE

• An active TS/SCI with polygraph clearance is required

Overview

Accenture Federal Services is seeking an experienced Information System Security Officer (ISSO) to support secure Department of Defense (DoD) cloud systems and programs. The ISSO will assume responsibility for ensuring compliance, monitoring cybersecurity posture, supporting RMF/JSIG accreditation, and assisting the Information System Security Manager (ISSM) in the protection of classified systems. This position requires hands-on technical expertise, familiarity with risk management processes, and the ability to coordinate across development, operations, and security teams.

What you’ll do:

• Perform continuous monitoring, vulnerability assessment, and risk analysis, validating remediation actions and documenting POA&M updates
• Maintain the operational security posture consistent with the security authorization package and ATO requirements
• Verify user clearance, need-to-know, and security responsibilities prior to system access
• Ensure audit records are captured, reviewed regularly, and anomalies documented
• Conduct regular system security reviews to ensure compliance with security authorization and STIG/CIS benchmarks and baselines
• Develop, sustain, and maintain RMF documentation packages (SSP, SAP, SAR, POA&M, ConMon)
• Support development and sustainment of Authorization to Operate (ATO) packages and Body of Evidence (BoE)
• Coordinate hardware/software/firmware changes with the ISSM and AO/DAO, notifying stakeholders of security-relevant changes
• Collaborate with Security Engineers, DevOps, and IT operations teams during the system design, integration, and development phases to evaluate risk and ensure compliance, including Zero Trust Architecture (ZTA) requirements
• Implement cloud-native security solutions such as encryption, IAM, network segmentation
• Participate in incident handling, reporting security incidents to ISSM, and tracking recovery actions to ensure controls are restored correctly
• Engage with Change Control Board (CCB) if delegated by ISSM
• Ensure compliance with STIGs, utilizing SCAP Compliance Checker, Evaluate-STIG, and other DoD cyber assessment tools
• Assist the ISSM in all cybersecurity-related duties and assume ISSM responsibilities in their absence

What you’ll need:

• DoD 8570 IAT Level II certification, such as Security+ 
• 3 years of experience in an ISSO or equivalent security role
• Hands-on user experience (3 years combined) with:
  • SIEM platforms (Splunk preferred)
  • Vulnerability management tools (ex: Nessus/ACAS)
  • Compliance and reporting tools (ex: SCAP Compliance Checker, Evaluate-STIG, DISA STIGs, eMASS)
• Experience with RMF/JSIG accreditation lifecycle, control implementation, and/or continuous monitoring

Bonus Points if you have:

• Experience performing risk analysis, vulnerability assessments, and/or security audits
• Technical writing experience to support documentation responsibilities
• Experience with TCP/IP networking and network security
• DoD 8570 IAM Level II certification, such as CASP+ or CISSP
• Cloud services experience (ex: Azure, AWS)
• AWS or Azure technical certifications
• Bachelor’s degree in Computer Science, Information Assurance, Cybersecurity, or related field
• Experience with Microsoft Defender or Trellix (ePO) endpoint security platforms
• Experience with security incident response teams (NOC/SOC)
• Familiarity with container security (Docker/Kubernetes/ECS/EKS/AKS)
• Excellent communication skills for engaged with government leadership
• Proactive and agile mindset to improving system security posture and team efficiency
• Ability to balance security requirements with operational efficiency

Clearance:

Must have an active Top Secret clearance

The work
As the Cyber Program Manager, you will play a critical role in supporting the overall leadership and execution of a cybersecurity program supporting one of our federal clients. Working closely with the overall Lead for this effort, you will help ensure seamless delivery of Security Operations Support Services across 16 cybersecurity disciplines. You will assist with day‑to‑day operations, oversee contractor team activities, maintain key program documentation, and ensure all contract requirements are fulfilled with the highest quality.

Key responsibilities:

• Assist the Project Lead in managing all task order activities across 16 cybersecurity service areas
• Help direct and support contractor teams in resolving complex cybersecurity issues
• Support creation and upkeep of major contract deliverables such as the Project Management Plan (PMP) and monthly status reports
• Serve as a key point of contact with government stakeholders when the Program Lead is unavailable
• Monitor progress, risks, and performance metrics to ensure contract compliance and high quality service delivery
• Coordinate task assignments across contract teams to support efficient workflow and operational readiness
• Assist in planning, tracking, and delivering contract level initiatives, improvements, and strategic activities
• Ensure alignment between cybersecurity services, contract requirements, and mission objectives

Here’s what you need:

• Minimum 5+ years of direct project or program management experience supporting information systems or computer network services
• Bachelor’s degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field
• Ability to manage teams, delegate work, and drive task completion across diverse technical disciplines
• Ability to support development and oversight of contract deliverables and project documentation
• Experience working within cybersecurity, IT operations, or federal program environments

Nice to have:

• CISSP – Certified Information Systems Security Professional
• CISSP ISSMP – Information Systems Security Management Professional
• CISM – Certified Information Security Manager
• PMP – Project Management Professional
• Experience coordinating large multidisciplinary teams

Eligibility requirements:

• Must be a U.S. Citizen

Overview:
We are hiring a CIRT Lead to manage 24x7x365 front-line defense against cyber incidents. You will oversee the full lifecycle of cybersecurity investigations, from detection to resolution, while driving continuous improvements to client’s security posture.

Key Responsibilities:

• Lead CIRT operations in advanced incident response
• Manage all SOC investigations, including misuse and data spillage cases.
• Perform advanced analysis of file system artifacts, memory, and network logs across Windows, Linux, and cloud environments.
• Oversee email trace/purge functions and recommend data spill handling/sanitization.
• Collaborate with government analysts on post-incident recommendations to improve security.

Basic Qualifications:

• 5+ years of experience in cybersecurity, incident response, or related fields.
• Certified Information Systems Security Professional (CISSP).
• One or more certifications: GCIA, GCIH, GCFA, GCED, or IAT Level III equivalent.

Preferred Skills:

• Expertise in evidence analysis, incident management, and advanced threat detection.
• Strong collaboration and communication skills to work across teams and with stakeholders.

Accenture Federal Services is seeking an Information Systems Security Officer (ISSO) will protect the organization's IT infrastructure and data by implementing, monitoring, and maintaining security policies, controls, and compliance standards. They manage risk, handle incident responses, maintain system documentation (such as System Security Plans), and ensure compliance with regulatory frameworks.

Responsibilities include:

• Monitor information systems for threats, audit records, and ensure security controls are functioning. 

• Develop, maintain, and review authorization packages (System Security Plans - SSPs), and create Plans of Actions and Milestones (POA&Ms) for non-compliant items. 

• Conduct vulnerability assessments, identify risks, and recommend mitigation strategies to the Information System Security Manager (ISSM) or Authorizing Official (AO) 

• Support security investigations, incident handling, and reporting 

 Here is what you need: 

• 3 years of experience as a cyber security professional
• Experience with cloud security (AWS preferred)
• Experience with Risk Management Framework (RMF)
• Experience with NIST frameworks, Risk Management Framework (RMF), firewalls, and intrusiondetection systems 
• Expert knowledge of Unix/Linux operating systems, databases, web servers,or networking technologies 
• IAT II certification required which would include any of the following:
  • CCNA Security
  • CySA+
  • GICSP
  • GSEC
  • Security+ CE
  • SSCP

Preferred to have:

• Bachelor’s degree
• Endpoint security experience
• Strong knowledge and experience with RHEL command line
• Experience supporting the accreditation of cloud-based systems (AWS preferred)

 Security Clearance:

• Active TS/SCI Clearance is required

Responsibilities:

• Analyze data patterns and outliers to identify threat actor TTPs, post-compromise behavior, and insider threats.
• Create and modify SIEM dashboards to enhance visibility into threat landscapes and monitor activity.
• Provide expert-level analysis and investigative support for large-scale and complex security incidents.
• Detect advanced persistent threats (APT) and insider threats through proactive hunting and behavioral analysis.
• Conduct dynamic and static malware analysis to identify Indicators of Compromise (IOCs) and threat vectors.

Job Qualifications:

• 4+ years of experience with incident response, preferably in a SOC environment.
• Hands-on experience leading security incident investigations through containment, remediation, and final reporting.
• Proficiency in threat hunting, malware analysis, and forensic tools.

Bonus Points:

• Advanced certifications such as GCIA, GCFE, GREM, CISSP, or OSCP.
• Experience with EDR tools and threat intelligence platforms.
• Familiarity with MITRE ATT&CK framework and its application in threat detection.
• Background in scripting or automation to improve detection and analysis capabilities.

Eligibility Requirement:

• Must hold an Active Secret clearance
• Must be a US Citizen Only (No Dual Citizenship, No Green Card Holder)

This is 100% onsite role in St Louis, MO

#LI-Defense #LI-Onsite 

Accenture Federal Services is seeking mission-oriented people to join our team. We are looking for experienced DOD Cyber Joint Operational Planners to lead our team supporting the Joint Staff, CNMF, and CMTs to support the planning, development, execution and analysis of full spectrum cyber operations.

Responsibilities:

• Develop plans and orders using the Joint Planning Process (JPP)
• Integrate cyber operations within all phases of the JPP in collaboration with other planners, operators, and analysts
• Lead the OPORD process through orders generation
• Provide expertise with JPP processes and systems such as APEX, GFMIT, JOPES
• Direct gap analysis efforts, operational assessment and analysis efforts and executes or supervises critical technical research and analysis products, executive summaries and planning design briefings
• Lead senior planners who:
  • Provide input for the development of Plans, CONOPs, COAs, TTPs and other related documents related to command conducting Information Operations (IO)
  • Understand, analyze, and evaluate current and emerging threats and tasked mission areas of responsibility
  • Monitor and review strategies, doctrine, policies, directives, and instructions from higher echelon headquarters and makes recommendations to ensure compliance and/or consideration in planning efforts
  • Develop plans and orders through the application of operational art and operational design, and by using the JOPP, within the milestones, deliverables, and interaction points for plans developed using Adaptive Planning and Execution (APEX) activities
  • Provide input to briefings, transitioning concepts to execution, and assisting in the coordination of joint operational planning in support of training, exercises, combat, and contingency plans and operations
  • Develop/integrate cyberspace capabilities into deliberate, contingency, operation, and crisis action plans
  • Provide input to address shortfalls, prioritize and validate requirements, and be prepared to modify development planning efforts based on the changing cyberspace environment
  • Contribute to the development of exercise scenarios, exercise operational plans, and other required documentation to support planning and execution to accomplish exercise training priorities
  • Participate in Joint Planning Groups (JPGs), and Operational Planning Groups/Teams (OPG/OPTs)

What you’ll need:

• 10 years of experience as a Cyberspace Joint Operation Planner with BA/BS, or 8 years with MS/MA, or 7 years with Ph.D, or 16 years of experience in lieu of a degree with high school diploma
• Knowledge of the JPP, JOPES, and APEX planning formats and guidance
• Education or experience with military joint operations planning through the Joint Professional Military Education Phase II (JPME II) from a CJCS accredited joint education program listed in CJCSI 1800.01E. The JIOPC, or other similar military operations planning courses, may be substituted for JPME II

Bonus Points if you have:

• Understanding of Cyber missions, operations, and Cyber joint operational environments and domains applicable to Joint Missions and title authorities
• Experience with the Cyber Targeting and staff processes required prior to mission execution
• Knowledge in the planning and conduct of Cyber Effects and IO or Information Advantage Operations
• Knowledge and experience in Cyber Mission Team (CMT) management, and employment
• Demonstrated initiative in executing past roles and responsibilities

Security Clearance:

• Must have an active TS/SCI level clearance and willingness to sit for a polygraph

As an Information Systems Security Officer (ISSO), you’ll be responsible for guiding government clients through the intricate process of obtaining and maintaining ATO certifications for their information systems.

Responsibilities include:

• You will leverage your expertise in government cybersecurity standards and regulations to monitor, analyze, and respond to potential security incidents and threats.
• Your role will ensure that our government clients' systems meet the stringent security requirements necessary for ATO compliance while aligning with government-specific cybersecurity guidelines. What you’ll do: Collaborate with government clients to thoroughly understand their system architectures, security requirements, and objectives for achieving and maintaining ATO status within the context of government regulations.
• Conduct exhaustive security assessments and risk analyses that cater to government system compliance, identifying vulnerabilities and potential threats specific to government systems.
• Monitor security systems, logs, and network traffic with a keen focus on government cybersecurity guidelines, identifying any suspicious activity, intrusions, or unauthorized access attempts.
• Collaborate closely with cross-functional teams to establish and maintain government-aligned security measures, including firewalls, intrusion detection systems, data encryption, and access controls. Investigate and analyze security incidents to determine their cause, impact, and appropriate response.
• Develop and implement incident response plans, including containment, eradication, and recovery strategies.

Here is what you need: 

• 7 years of experience as a cybersecurity analyst with a specialization in Government System ATO support, demonstrating deep knowledge of government ATO principles, methodologies, and tools.
• Strong experience in government regulatory frameworks, compliance requirements, and security standards specific to ATO (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
• Demonstrated and repeat experience achieving and maintaining ATO for cloud services and solutions from IL5 to IL6+ on NIPR, SIPR, and JWICS.
• Understanding of network protocols, operating systems, and infrastructure components.
• Strong proficiency in incident response, security incident handling, and forensic analysis techniques.
• Expertise with government specific ATO assessment tools, vulnerability scanning tools, and intrusion detection/prevention systems.
• CISSP or equivalent certification to support DoD 8140 requirements

Preferred to have:

• Effective communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.

 Security Clearance:

• Active TS/SCI with polygraph clearance is required

Overview:
We are seeking an elite Cyber Threat Hunt Lead to build and guide a proactive threat hunting capability for our client. In this role, you will lead a specialized team in identifying advanced malicious activity that evades traditional security measures. This position requires a deep understanding of attacker TTPs, an offensive mindset, and expert-level skills with SIEM and endpoint management tools.

Key Responsibilities:

• Lead the CTH team to conduct iterative threat-hunting missions across networks and high-value assets.
• Develop and execute hunt hypotheses using threat models and Cyber Threat Intelligence.
• Propose corrective actions, escalate security issues, and recommend best practices.
• Collaborate with the SOC to create new detections, signatures, and alerts from hunt mission findings.
• Report findings to leadership and coordinate with asset owners to deconflict results.

Basic Qualifications:

• 5+ years of hands-on experience with network-based security monitoring and cybersecurity capabilities.
• Certifications: CEH or equivalent (e.g., DoD 8570 IAT Level II, IAM Level I, or CSSP Analyst/Incident Responder).

Preferred Skills:

• Proven ability to lead Purple Team engagements.
• Strong technical analysis and network traversal skills.
• Experience in developing proactive security measures to detect advanced threats.