This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Cybersecurity Assessment and Authorization (A&A) Subject Matter Expert (SME) serves as a senior cybersecurity authority responsible for supporting the authorization of information systems and ensuring compliance with Department of Defense (DoD) cybersecurity policies and procedures. The SME performs and supports the DoD cybersecurity authorization process, either as the system authorizing expert or as a subject matter expert for systems undergoing authorization. This role requires a strong understanding of how security controls defined in NIST SP 800-53 are applied during the assessment and authorization process across large and complex enterprise environments such as those supporting the Defense Logistics Agency (DLA). These environments may include multiple enclaves, Automated Information Systems (AIS), enterprise applications, and outsourced IT services. - The SME evaluates vulnerabilities and determines the appropriate severity value for identified security control deficiencies. - Assesses potential impacts on system authorization status and provides recommendations for remediation. - Briefs senior leadership on the progress, risks, and outcomes of systems undergoing the Risk Management Framework (RMF) authorization process. Qualifications - Minimum five (5) years of experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes. - Demonstrated DoD cybersecurity experience. - Experience assessing security controls and conducting authorization reviews for large, complex organizations. - Strong understanding of DoD cybersecurity authorization policies, procedures, and implementation processes. - Experience supporting the DoD RMF authorization lifecycle. - Knowledge of cybersecurity considerations related to emerging technologies, including: - Cloud environments - Industrial Control Systems (ICS) - Warehouse Execution Systems - Operational Technology (OT) infrastructures. Requirements - Must possess an active DoD Secret Clearance. - Must hold IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at the time of proposal submission. Benefits - Medical, dental, vision, and disability insurance. - 401(k) retirement plan with 100% vesting from day one and employer matching after 90 days. - Educational Assistance Program. - Student Loan Repayment Program. - Gym Reimbursement Program. Company Description Founded in 1996, Horizon Industries Limited (Horizon) has grown into a team of highly qualified professionals providing full-cycle IT consulting and management support to both public and private sector clients. Horizon fosters a culture that promotes work-life balance. Horizon Industries Limited is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, citizenship status, or any other factor protected by law.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Senior IT Security Engineer, you will play a critical role in safeguarding enterprise environments by designing, implementing, and maintaining advanced security solutions. You will serve as a technical leader, guiding security strategy, responding to incidents, and ensuring compliance with industry standards and regulations. This position offers the opportunity to influence security frameworks, mentor team members, and contribute to the evolution of security practices across the organization. You will work in a collaborative, fast-paced environment where your expertise directly impacts operational resilience and business continuity. Success in this role requires a blend of hands-on technical proficiency, strategic thinking, and the ability to communicate complex concepts effectively to stakeholders at all levels. - Design, deploy, and maintain enterprise information security solutions to protect critical infrastructure. - Serve as a Tier‑3 escalation point for monitoring and responding to security incidents. - Develop and enforce internal and customer-facing security standards, policies, and procedures. - Execute incident response activities and lead investigations in alignment with security protocols. - Evaluate, test, and deploy security application upgrades, patches, and controls. - Provide consultative expertise on emerging threats, vulnerabilities, and risk mitigation strategies. - Mentor and guide team members while contributing to the development of security product roadmaps. - Partner with product owners and cross-functional teams to ensure security alignment across solutions and offerings. Qualifications - 5–10 years of experience in information security roles, preferably in enterprise or cloud environments. - Hands-on experience with Azure Cloud security deployments and Security-as-a-Service (SaaS) solutions. - Strong knowledge of digital forensics, penetration testing methodologies, and file integrity monitoring. - Proficiency with vulnerability scanning tools, password vaulting technologies, and SIEM platforms. - Experience implementing and maintaining security frameworks such as PCI-DSS, SSAE SOC1/SOC2, GDPR, HIPAA, IRS Pub 1075, NIST, and ISO 27001. - Expertise in anti-malware technologies, security auditing, and forensic analysis. - Security certifications such as CISSP, CISA, CISM, CEH, or SANS GIAC. - Bachelor’s degree in Information Security or equivalent professional experience. - Excellent communication and collaboration skills, with the ability to advise stakeholders across multiple levels. - Familiarity with tools such as MS Sentinel, Splunk, Microsoft Defender, Trend Micro, Trellix, Carbon Black, Tenable, Rapid7, Varonis, and Microsoft Purview is preferred. Benefits - 💰 Competitive base salary: $112,000–$130,000 USD annually, with eligibility for bonus and equity programs. - 🏥 Medical, dental, and vision insurance options. - 💼 401(k) with company match. - 🌴 Unlimited paid time off and paid holidays. - 👶 Paid parental leave and family-forming benefits including fertility, adoption, and surrogacy coverage. - 🏠 Flexible work schedule and remote work options. - 📚 Education reimbursement, student loan assistance, or 529 college funding. - 🧘 Wellness programs and sabbatical leave options. Company Description

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Our client is seeking an IoT Security Researcher to conduct advanced vulnerability research on embedded systems and connected devices. The role focuses on identifying and analyzing security weaknesses in firmware, device operating systems, and IoT communication protocols. This position is suited for researchers who enjoy low-level analysis, firmware reverse engineering, and vulnerability discovery across embedded platforms. You will work with a team of experienced security researchers performing hands-on analysis of real-world devices, developing proof-of-concept exploits, and advancing internal research capabilities. Responsibilities - Conduct vulnerability research on IoT and embedded systems across multiple platforms and device types. - Perform firmware extraction, unpacking, and reverse engineering. - Analyze device firmware using static and dynamic analysis techniques. - Identify vulnerabilities in device operating systems, network services, and communication protocols. - Develop proof-of-concept exploits to demonstrate impact. - Interact with device hardware using debugging and extraction interfaces such as UART, JTAG, SPI, or SWD. - Analyze IoT network protocols and device communications. - Document research findings and communicate technical discoveries to internal teams. - Develop tools and automation to support ongoing research activities. Qualifications - Experience in vulnerability research or reverse engineering. - Experience analyzing embedded systems, firmware, or IoT devices. - Proficiency with reverse engineering tools such as Ghidra, IDA Pro, or Binary Ninja. - Experience with Linux-based embedded environments. - Scripting ability with Python or similar languages. - Understanding of network protocols and embedded device architectures. - Strong analytical and problem-solving skills. Requirements - Experience with hardware debugging or chip-level interfaces. - Familiarity with IoT protocols such as MQTT, BLE, Zigbee, or proprietary device protocols. - Experience with exploit development. - Public vulnerability research, CVEs, or conference presentations. - Participation in CTFs, bug bounty programs, or security research communities.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This role is designed for a hands-on engineer who will lead and support secure, scalable cloud and identity solutions across enterprise platforms. You will work closely with architecture, security, and operations teams to design, deploy, and maintain identity systems, API integrations, and cloud infrastructure. The position emphasizes implementing Zero Trust principles, managing enterprise IdPs, and automating processes to improve efficiency and security. The ideal candidate is experienced in production deployments, enjoys solving complex technical challenges, and thrives in a collaborative environment that values innovation and continuous improvement. This role combines strategic planning with practical implementation, providing the opportunity to influence core infrastructure and identity architecture. You will also contribute to governance, monitoring, and performance optimization across cloud and integration systems. - Design, implement, and maintain enterprise identity and access management (IAM) solutions, including SSO, SCIM, RBAC, and authentication protocols (OAuth2, OIDC, SAML). - Build and support REST API integrations and middleware platforms, ensuring secure authentication flows, logging, monitoring, and troubleshooting. - Manage cloud infrastructure in AWS and/or Azure, including IAM roles, secure networking, and Infrastructure as Code (Terraform, ARM, CloudFormation). - Troubleshoot integration, authentication, and cloud infrastructure issues while maintaining clear documentation and environment standards. - Collaborate with architecture and security teams to ensure system reliability, compliance, and scalability. - Contribute to greenfield initiatives, CI/CD pipeline implementations, and enterprise-scale governance frameworks where applicable. Qualifications - 3+ years implementing enterprise IAM or Zero Trust solutions in production environments. - Proven experience in cloud infrastructure deployments and API integrations. - Strong scripting and automation skills to manage systems and integrations. - Hands-on experience with identity providers such as Okta, Entra ID, or Ping. - Familiarity with authentication protocols and standards (OAuth2, OIDC, SAML, JWT). - Experience with cloud platforms (AWS, Azure) and Infrastructure as Code tools (Terraform, ARM, CloudFormation). - Excellent problem-solving and documentation skills. - Nice to have: experience in event-driven architecture, leading greenfield projects, or implementing enterprise-scale governance frameworks. Benefits - 💻 Flexible Work – Remote or hybrid options available. - 💰 Competitive Compensation – $130,000–$140,000 USD annual range, with performance-based bonuses. - 🏥 Health Coverage – Medical, dental, and vision plans, including fully company-paid HDHP options. - 🌴 Paid Time Off – Flexible time off, paid holidays, and parental leave programs. - 📈 Professional Growth – Continuous learning, leadership programs, and development funds. - ⚡ Wellness Support – Mental health resources, wellness stipends, and personalized coaching. - 🤝 Engagement – Team-building events, recognition programs, and volunteer opportunities. Company Description