Overview Mano Lani LLC is looking for an enthusiastic, well-qualified individual to fill the Cybersecurity Subject Matter Expert (SME) position. This role offers the opportunity to work with a diverse and talented group of individuals committed to driving success. Mano Lani is an exceptional industry partner to the Department of Defense (DoD) and a leader in physical and cyber security, IT management, logistics, supply chain management, process improvement and development. The Cybersecurity Subject Matter Expert (SME) provides comprehensive cybersecurity support for the DTMO Enterprise Infrastructure in accordance with the Risk Management Framework (RMF), NIST 800-37, and DoW cybersecurity requirements. This position serves as the primary SME for all cybersecurity matters, ensuring DTMO systems maintain their Authority to Operate (ATO) by managing the RMF process, conducting security assessments, and overseeing remediation of vulnerabilities. The Cybersecurity SME coordinates with DMDC, the DTMO Information System Security Manager (ISSM), Authorizing Official (AO), and Security Control Assessor (SCA) to maintain system security posture, manage Plans of Action and Milestones (POA&Ms), and ensure compliance with DoD cybersecurity mandates. The position requires monitoring and reporting on security events, supporting incident response activities, and providing cybersecurity guidance to DTMO leadership and technical staff. The Cybersecurity SME also supports cloud security compliance and ensures adherence to DoW cloud computing requirements. Essential Duties and Responsibilities: (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance or supervision: • Coordinate with DMDC to administer all aspects of RMF to ensure DTMO systems are accredited and maintain ATO• Coordinate with the DTMO ISSM to maintain DTMO system security packages• Support the Authorizing Official (AO) and Security Control Assessor (SCA) to ensure systems remain compliant• Work with the ISSM to record, track, and close all applicable POA&Ms• Participate in audit support during planned assessment events• Coordinate with DMDC to report security status of DTMO systems via automated and manual tools• Monitor and audit security event logging, generate reports, and analyze findings• Analyze system vulnerability reports and recommend and implement remediation efforts• Ensure system patches are applied to address security vulnerabilities• Review security controls to ensure appropriate access control measures are in place• Develop and submit Deviation Requests to authorize deviations from DoW STIG requirements• Develop and maintain system security documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs)• Support incident response activities and coordinate with DMDC on security incidents• Provide cybersecurity guidance and recommendations to DTMO leadership• Support cloud security compliance and ensure adherence to DoD cloud computing requirements• Stay current on emerging cybersecurity threats and recommend appropriate countermeasures• Conduct security assessments and penetration testing coordination• Support continuous monitoring activities and ensure compliance with DoW Information Assurance Vulnerability Management (IAVM) requirements Responsibilities Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Education:Required• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field or Certified Information Systems Security Professional (CISSP) certification• Microsoft Certified Solutions Expert (MCSE) Cloud Platform and Infrastructure, AWS Certified Solutions Architect, Red Hat Certified System Administrator in Red Hat OpenStack, or equivalent Preferred• Master’s degree in a related discipline • CompTIA Security+ Experience / Certifications:• 5+ years experience in cybersecurity field • Extensive experience supporting federal cybersecurity programs or initiatives, preferably under government contracts or GWAC vehicles• Strong knowledge of NIST cybersecurity frameworks, including RMF and NIST SP 800-series publications• Experience with security architecture, vulnerability management, and cybersecurity risk assessment• Familiarity with federal cybersecurity compliance requirements, including FISMA and agency cybersecurity policies• 5+ years experience with Risk Management Framework (RMF) / NIST 800-37• DoW Security Technical Implementation Guides (STIGs)• Experience with Enterprise Mission Assurance Support Service (eMASS)• Experience with vulnerability assessment and remediation• Experience with security event logging and monitoring• Plan of Action and Milestones (POA&M) management• Cloud security (AWS, Azure, or Red Hat OpenStack)• Experience with Splunk technology for security and compliance• Experience with SaaS, PaaS, and cloud platforms Physical Requirements:Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. There is a possibility that due to parking availability and location of work, walking moderate to long distance may be required. May include lifting to 25 pounds as necessary. Please note: Mano Lani LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs. Mano Lani LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics. Posted Salary Range USD $135,000.00 - USD $163,000.00 /Yr.

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Overview GuidePoint Security is seeking an Exposure Management Engineer to support and scale our Exposure Management operations services. This role focuses on the day-to-day operation, optimization, and automation of security platforms including vulnerability management, CAASM, and CNAPP tools. The engineer will work closely with senior security engineers and client teams to help operationalize exposure management programs, manage platform findings, and improve remediation workflows. This position is ideal for someone who enjoys working hands-on with security tools, solving operational problems, and building automation to improve security programs at scale. Key Responsibilities Platform Operations - Operate and maintain security platforms including vulnerability management, CAASM, and CNAPP tools - Monitor security findings and support prioritization and remediation workflows - Assist in platform tuning, configuration optimization, and integration with client environments - Support onboarding of new assets, applications, and cloud environments into security platforms Exposure Management Operations - Review exposure findings and assist with prioritization and remediation tracking - Help manage remediation workflows with client engineering teams - Generate operational dashboards and reporting for security leadership - Assist in maintaining asset inventory coverage and scanning accuracy CNAPP & Cloud Security Support - Assist with the operation and optimization of CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca) - Support cloud posture monitoring and exposure analysis - Assist with investigation of cloud misconfigurations, identity exposures, and attack paths - Work with senior engineers to onboard new cloud environments Automation & Integrations - Develop scripts and automation to improve security workflows - Build integrations between security tools and ticketing systems - Automate reporting, vulnerability triage, and remediation tracking - Use APIs and automation frameworks to reduce manual operational effort Client Engagement - Participate in regular operational cadence meetings with clients - Provide updates on platform findings and remediation progress - Assist senior engineers in troubleshooting security platform issues - Contribute to documentation and operational playbooks Required Qualifications - 3+ years of experience in cybersecurity engineering - Exposure management or risk-based vulnerability management experience - Familiarity with vulnerability management, exposure management, or CNAPP platforms such as Tenable, Qualys, Rapid7, Wiz, Axonius, or similar tools - Scripting experience (Python, PowerShell, or similar) - Experience working with APIs or automating workflows - Understanding of security fundamentals: vulnerabilities, misconfigurations, identity and access control, security monitoring - Strong communication skills and ability to work with engineering teams Preferred Qualifications - Experience with CNAPP platforms such as: Wiz, Prisma Cloud, Orca, Lacework - Experience with cloud platforms: AWS, Azure, GCP - Familiarity with container security and Kubernetes - Experience integrating security tools with ticketing platforms (Jira, ServiceNow) - Experience using AI-assisted tools (LLMs, copilots, or agent frameworks) to accelerate scripting, analysis, and security operations workflows Ideal Candidate Profile The ideal candidate is someone who: - Enjoys working hands-on with security platforms - Likes solving operational and workflow challenges - Naturally looks for opportunities to automate repetitive tasks and improve workflows using scripting, APIs, or AI tools - Can operate independently but collaborates well with clients and engineers This role provides exposure to a wide range of security programs and technologies and offers strong growth into cloud security, exposure management architecture, and security automation. We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. Some added perks…. - Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) - Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options) - Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans - 12 corporate holidays and a Flexible Time Off (FTO) program - Healthy mobile phone and home internet allowance - Eligibility for retirement plan after 2 months at open enrollment - Pet Benefit Option

• Own the evolution and governance of product security architecture for specific services within our SaaS platform. • Drive multi-quarter initiatives that measurably reduce systemic risk while aligning security investments with business growth. • Lead secure design reviews, threat modeling, and architecture assessments for critical features and integrate robust security controls into distributed systems, APIs, and containerized environments. • Identify recurring architectural risk patterns and lead efforts to remediate them at scale, providing leadership during security incidents and post-incident reviews. • Influence product direction through technical credibility and sound judgment by framing security discussions in terms of business and customer impact. • Produce durable documentation—including architecture guidance, threat models, and decision records that scale security knowledge across the organization.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a highly skilled and motivated Senior Software Engineer | Security with a strong software and detection engineering background to join our Detection Engineering (DE) team and help expand ExtraHop’s industry leading detection coverage. An ideal candidate will have strong software engineering, networking, and cybersecurity fundamentals. This position works closely with security researchers and data scientists to develop cutting edge network threat detections that leverage rule-based network observations as well as ML-powered anomaly detections. As a Senior Software Engineer | Security, you will be working as part of a team dedicated to delivering industry leading detection capabilities. You will be expected to work with a high level of autonomy, to mentor other team members, and to demonstrate a high level of ownership of your areas of responsibility. ExtraHop offers an exciting, high-energy, and versatile environment in which people are encouraged and supported to collaborate on industry-leading technology and create a world-class engineering team while they develop and enrich their individual growth. ExtraHop R&D supports fully-flexible work options that include full-time onsite, hybrid, and fully remote working arrangements. Key Responsibilities - Develop network threat detectors by leveraging rule-based and ML-based detection strategies. - Reproduce attacks in a lab environment using live tools and recorded PCAP traffic, and perform threat hunts on aggregated log data, in order to identify malicious behaviors and develop techniques to detect them. - Collaborate with Threat Research and Data Science teams to gain insight on attacker techniques and take advantage of the latest machine learning models to detect attacker behavior. - Work with infrastructure teams to help develop and improve tools that Detection Engineering and Threat Research teams use in developing and testing detections. - Mentor and coach other Security Engineers regarding detector development and network threats. - Actively participate in code review to ensure quality and uplevel other engineers. Qualifications - 7+ years of experience in software engineering. - Solid knowledge of Javascript and Python. - In-depth knowledge of networking fundamentals, including the OSI model and excellent working knowledge of the key protocols from Layer 2 through Layer 7. - Experience developing solutions using cloud-native technologies. - Self-starter with a strong problem-solving track record and ability to grow and learn. - Excellent teammate and collaborator who can iterate on problems quickly. - Proficient at communication in both spoken and written forms, including documentation. Preferred Qualifications - Experience working with network packet-level data using tools like Wireshark, tshark, tcpdump, tcprewrite, and Scapy to directly interact with this data. - Knowledge of cloud and on-premise cybersecurity threat models - attacker behavior, tools, techniques, and practices. Ability to translate this knowledge into user-facing threat detections. Benefits - Health, Dental, and Vision Benefits. - Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time. - Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan. - FSA and Dependent Care Accounts + EAP, where applicable. - Educational Reimbursement. - 401k with Employer Match or Pension where applicable. - Pet Insurance (US Only). - Parental Leave (US Only). - Hybrid and Remote Work Model.