Established nearly two centuries ago, FM is a leading mutual insurance company whose capital, scientific research capability and engineering expertise are solely dedicated to property risk management and the resilience of its policyholder-owners. These owners, who share the belief that the majority of property loss is preventable, represent many of the world’s largest organizations, including one of every four Fortune 500 companies. They work with FM to better understand the hazards that can impact their business continuity to make cost-effective risk management decisions, combining property loss prevention with insurance protection. This US-based remote opportunity may require periodic travel to our corporate headquarters in Johnston, RI, which is part of the greater Providence area. With a large college-age population, Providence offers a vibrant arts and entertainment scene that includes local theatre and music, collegiate and minor league sporting events, and excellent restaurants, and we’re not that far from the breathtaking RI beaches! Schedule - Must be able to work full time 37.5 hours a week for 6 months. - Hours: 9am to 5pm EST Monday- Friday Responsibilities FM is hiring a Cyber Specialist Co-Op to join our team for the Fall 2026 school term, full-time for 6 months July - December! This is a great opportunity for students that are motivated to apply their classroom experience, professional attitude, and personal ambition. You will get firsthand experience while earning college credits and getting paid! As a FM Cyber Security Specialist Co-op, you will be a member of the Cyber Threat Operations and Engineering (CTOE) Team. This team is responsible for the implementation, operation, maintenance, and growth of security solutions intended to mitigate cyber security threats. These solutions range from network security technologies like firewalls, URL filters, intrusion detection/prevention systems, advanced threat prevention technologies, and web application firewalls to server and endpoint solutions such as filesystem monitoring, filesystem encryption, vulnerability management, and malware detection/prevention agents. The candidate will assist senior team members with performing the day-to-day operations and monitoring of the security infrastructure technologies used to prevent, detect, and/or respond to security incidents. These operational activities include supervising and responding to cyber security alerts and incidents, managing ticket queues, responding to operational incident tickets received from the service desk, and processing change requests. Qualifications Education Must be enrolled as a full-time student studying Computer Science, Cyber Security, Information Technology, MIS or related degree program degree during the Fall 2026 Semester to be considered. Technical Skills - Strong team players who can work independently when needed and have a solid grasp of basic concepts in at least one technology field (i.e., Networking, Systems Administration, End-User Support, Development, etc.) - Experience with Microsoft Windows Operating Systems (Server 2012/19, etc.) - Understanding of and/or experience handling network security tools such as firewalls, Anti-virus, vulnerability management - Experience with PowerShell or similar scripting technology a plus! Soft Skills - Have strong written, verbal, and interpersonal communication skills - Organized, diligent, and analytical - Able to generate creative ideas to address problems and improve work methods - Able to demonstrate high personal work standards and a sense of urgency about results - Able to learn quickly on the job The hiring range for this position is $24.00 to $33.00 per hour. The final salary offer will vary based on geographic location, individual education, skills, and experience. FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce.

• Lead NSF’s enterprise cybersecurity and privacy program; set objectives, coach for performance, ensure cross-training and continuity; maintain an adaptive posture with rigorous analysis and implementation. • Govern to NIST RMF (SP 800-37), FISMA, OMB guidance, NIST SP 800-series (including privacy controls), CISA BODs, and FedRAMP; own FISMA IG maturity targets and drive quarterly improvements with metrics-based reporting. • Develop and maintain cybersecurity and privacy policies, plans, procedures, standards, operational guides; establish and manage a documentation and knowledge repository. • Drive risk-based management and security-focused configuration management across infrastructure and applications; maintain risk registers, executive dashboards, and remediation plans. • Privacy Program Management: Partner with SAOP (Senior Agency Official for Privacy) to lead oversight; conduct privacy control assessments (NIST SP 800-53 Rev. 5 privacy, OMB memos); maintain a privacy risk register; embed privacy risk in enterprise reporting; deliver compliance reporting and corrective actions. • Assessment and Authorization/Continuous Monitoring: Lead A&A/Ongoing Authorization; plan and execute assessments aligned to NIST SP 800-53/53A, 800-171/172; manage evidence, weakness analysis, POA&Ms, and durable closure; mature Continuous Monitoring and DHS CDM integrations, dashboards, automated reporting, and alert fidelity. • SIEM (Security Information and Event Management) Monitoring and Audit Logging: Oversee Splunk operations; enforce audit logging standards, log source coverage (infrastructure, applications, cloud), retention/integrity, and compliance mapping; tune detections and dashboards. • Zero Trust and Modernization: Execute NSF’s Zero Trust plan across identity, devices, networks, applications/workloads, and data; implement comprehensive monitoring, risk-based access, automation; conduct red/blue team testing; advance data-centric security, DLP, and protection of sensitive/PII; plan for post-quantum cryptography transitions. • Identity and Account Management: Own enterprise IAM governance—joiner/mover/leaver automation, identity proofing, MFA and conditional access, ABAC (Attribute-Based Access Control)/RBAC (Role-Based Access Control) design, federation, lifecycle monitoring metrics; enforce least privilege, just-in-time/just-enough access. • Privileged Access Management: Lead CyberArk operations for vaulting, credential rotation, session monitoring/recording, access brokering; integrate with IdP, ticketing, and automation to reduce risk and improve efficiency. • Application Security and DevSecOps: Establish secure SDLC standards, threat modeling, secure code reviews, SAST (Static Application Security Testing)/DAST (Dynamic Application Security Testing)/SCA(Software Composition Analysis) in CI/CD, developer training; enforce configuration management; track AppSec KPIs (coverage, defect density, remediation time). • Cloud and External Services Reviews: Conduct security reviews, analysis, and continuous monitoring of cloud/external services; validate FedRAMP inheritance and compensating controls; enforce CSPM policies; perform vendor risk assessments; run quarterly posture reviews and remediation. • Operations, IR, and Forensics: Lead SOC operations and major incident response including after-hours surge; drive root cause analysis, lessons learned, corrective actions; direct IT forensics and eDiscovery with proper chain-of-custody and audit-ready evidence. • Continuity, Contingency, and Service Recovery: Direct BCP (Business Continuity Plans)/DR (Disaster Recovery) strategy with defined RTO (Recovery Time Objective)/RPO (Recovery Point Objective); run tabletop and failover exercises; manage dependency mapping, evidence capture, and corrective actions to meet restoration objectives. • Supply Chain Risk Management: Support ICT (Information and Communications Technology) SCRM (Supply Chain Risk Management) across development, acquisition, maintenance, and disposal; integrate NIST SP 800-161r1 practices, oversee ongoing monitoring and end-of-life disposal controls. • Infrastructure Asset Identification and Classification: Establish authoritative asset inventory and classification standards; integrate with CMDB and DHS CDM for visibility, control coverage, and risk reporting. • Independent Reviews and SCIF Support: Coordinate internal and third-party independent security reviews; support SCIF-related security operations and processes as required. • Tool Refresh and Maturation: Plan refresh cycles and maturity targets for SIEM (Splunk), EDR/XDR, vulnerability scanning, IAM/IdP, PAM (CyberArk), DLP, CSPM/CWPP, configuration management tools, and cloud-native services; measure efficacy and ROI; deprecate low-value tools. • Cybersecurity and Privacy Training: Own awareness and role-based training programs; coordinate content, track completion, measure effectiveness (e.g., phishing resilience), and drive continuous improvement. • Reporting and Deliverables: Deliver monthly/quarterly reports covering FISMA IG maturity, POA&M status/closure, CDM dashboards, SIEM coverage and detection efficacy, incident metrics (MTTD/MTTR), audit response packages, training metrics, continuity/DR test results, and executive risk dashboards. • Performs other job-related duties as assigned.

SUMMARY: We are seeking a highly specialized Palo Alto Next Generation Firewall (NGFW) Engineer with expertise in complex environments to join Zermount's team. The Palo Alto NGFW Engineer will play a pivotal role in designing, implementing, and maintaining network security infrastructure tailored for one of our Federal client's complex environments. The Palo Alto NGFW Engineer will configure, implement, administer, & maintain the suite of Palo Alto NGFWs to include SSL decryption & inspection of all inbound & outbound web traffic with inline service chain & traffic forwarding, review & make recommendations on all exceptions to Palo Alto rule configurations & implement as appropriate. Integrate Wildfire analysis into decrypted SMTP traffic flow, and enhance threat detection capabilities by configuring & tuning the NGFW against known & unknown threats. This role demands an exceptional understanding of advanced network security practices and hands-on proficiency in Palo Alto NGFW configurations within intricate settings. DUTIES & RESPONSIBILITIES: - Architect, configure and oversee Palo Alto NGFWs, customizing security solutions for the unique requirements of the Federal client. - Configure, implement, administer, and maintain PA NGFW to include decryption and inspection of all inbound and outbound web traffic with inline service chain and traffic forwarding, - Craft, administer, and optimize intricate security policies, rules, and access controls specific to Palo Alto firewall settings, addressing the client's complex network architecture. - Review and make recommendations on all exceptions to Palo Alto NGFW rule configurations and implement them as appropriate. - Integrate Wildfire analysis into decrypted SMTP traffic flow. - Enhance threat detection capabilities by configuring and tuning the NGFW against known and unknown threats. - Expand PA coverage with full implementation for all client's environments. Ensure PA logging ties user-IDs to traffic, and logs are fed into the client's SIEM architecture as well as passive network inspection tools. - Conduct vigilant monitoring of network traffic and security alerts within the client's context, swiftly responding to and mitigating sophisticated security threats. - Collaborate closely with cross-functional teams, adapting network security strategies to suit client's multifaceted environment and unique challenges. - Provide expert technical support and rapid troubleshooting for Palo Alto NGFW-related issues tailored to client's specific setup. - Troubleshoot and resolve service requests and submit and implement change requests as required. QUALIFICATIONS: - 5 years of hands-on experience in network security engineering with 3 years of Palo Alto experience. EDUCATION: - A minimum of a bachelor's degree in computer science, Information Technology, or a related field. - Experience may be considered as a substitute for the degree requirement. CERTIFICATIONS: - A minimum of one (1) Palo Alto Technical (Engineering or Administrator) Certification is required, such as PCNSA. CLEARANCE: - Minimum Background Investigation (MBI). LOCATION: - Remote (Initial onboarding in Arlington, VA) - Minimal travel may be required if requested by the agency. HOURS: - 8:00 am ET - 4:30 am ET - Ability to pass a minimum background investigation.

• Establish, automate, and maintain the Continuous Monitoring (ConMon) strategy from the System Security Plan (SSP) • Participate in the vulnerability intelligence on-call rotation for 24/7 expert analysis and rapid response • Manage the full Authorization to Operate (ATO) lifecycle, including preparing documentation for initial and continuous security authorizations • Coordinate annual Third-Party Assessment Organization (3PAO) audits for successful outcomes • Manage the POA&M process, perform risk-based security impact analyses, and track vulnerability remediation to verified closure • Execute security control analyses, recommending infrastructure enhancements based on threat landscape changes • Serve as the expert authority on cloud security architecture, providing guidance and implementing defense-in-depth strategies for federal workloads • Develop and maintain cloud security architecture documentation (diagrams, data flows, controls) • Evaluate architectural changes for security impact and guide secure DevSecOps practices in federal clouds • Manage the Change Control Board (CCB) and Significant Change Request (SCR) process, providing authoritative security guidance • Maintain the System Security Plan (SSP) and all security authorization packages • Serve as the primary security point-of-contact for incident response, managing resolution from initial detection through root cause analysis