COLSA is seeking a Cybersecurity Specialist to deliver and sustain capabilities in a fast-paced SAFe Agile development environment, while providing cybersecurity direction and supporting the consolidation of NASA’s enterprise IT systems. This is a remote position. Candidates must reside in a state where COLSA currently conducts business or is authorized to employ staff. - Apply knowledge of concepts, processes, practices, and procedures on technical assignments. - Support enterprise Cybersecurity standards. - Develop and implement Cybersecurity standards and procedures in accordance with government regulations. - Coordinate, develop, and recommend security processes. - Recommend Cybersecurity solutions to support customers’ requirements. - Identify and report security violations. - Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands. - Support customers at the highest levels in the development and implementation of processes and policies. - Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. - Support design and development of security features for system architecture requirements. - Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers. - Support design, development, engineering, and implementation of solutions that meet CSPP requirements. - Provide integration and implementation of the computer system security solution. - Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems. - Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. - Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction. - Ensure that all information systems are functional and secure. - Ensure cyber monitoring is performed timely and cyber responses occur within established processes/procedures. - Support efforts for critical processes outside of normal hours to include nights, weekends, and holidays. - Deploy rapid response to quickly resolve cyber events. - Communicate with senior customer stakeholders on reporting metrics (e.g., number of events, average time to respond, affected applications or platforms, etc.). - Prepare and distribute cyber/IA required reporting. At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here.

Role Description We are seeking a highly skilled and knowledgeable Post-Quantum Cryptography (PQC) Evaluation Expert to join our team. The successful candidate will be responsible for creating and evaluating question-answer pairs to assess the understanding and application of post-quantum cryptography concepts by test subjects. This role requires a deep understanding of cryptographic principles, particularly in the context of quantum computing, and the ability to craft scenarios that test the test subject's ability to provide accurate and forward-thinking cryptographic advice. - Develop comprehensive question and answer pairs that assess the test subject’s understanding of post-quantum cryptography concepts. - Evaluate the quantum resistance of classical and post-quantum algorithms presented by the test subject. - Suggest appropriate quantum-safe alternatives for various cryptographic scenarios. - Analyze and explain the implications of quantum computing on current cryptographic standards. - Assess the test subject’s ability to reason about future attack scenarios and the trade-offs involved in PQC implementations. Qualifications - Advanced degree in Mathematics, Cryptography, Computer Science or a related field. - 5+ years in applied cryptography with a specific focus on the theoretical vulnerabilities of public-key infrastructure in the context of quantum computing. - Knowledge of cryptographic libraries and tools such as OpenSSL, Libsodium, or similar. - Familiarity with programming languages commonly used in cryptography, such as Python, C/C++, or Java. - Understanding of quantum computing principles and their impact on cryptography. Requirements - Extensive knowledge of cryptographic principles, with a focus on post-quantum cryptography. - Familiarity with quantum-resistant algorithms such as lattice-based, hash-based, code-based, and multivariate polynomial cryptography. - Experience with cryptographic standards and protocols, including NIST's post-quantum cryptography standardization efforts. - Ability to reason about and articulate the trade-offs and implications of different cryptographic approaches in a post-quantum world. - Strong analytical and problem-solving skills, with the ability to evaluate complex cryptographic scenarios. - Excellent written and verbal communication skills, with the ability to clearly explain technical concepts. - Familiarity with cryptographic software and tools used in the evaluation and implementation of PQC. - Participation in cryptographic research or contributions to academic publications in the field of post-quantum cryptography. Company Description Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age. TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States. TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.

• Own the strategy and maturity roadmap for corporate security engineering and operations. Define standards for configuration baselines, logging and telemetry, detection coverage, vulnerability remediation, and security automation. • Manage and develop System Security Engineers and Security Operations Analysts. Provide coaching, remove blockers, and focus the team on high-impact risk reduction. • Strengthen configuration enforcement, vulnerability remediation, monitoring quality, and detection coverage across endpoints, identity systems, SaaS platforms, and enterprise infrastructure. • Collaborate with IT, Engineering, Security, and Compliance teams to ensure systems are deployed securely, monitoring supports operational risk management, and security controls align with regulatory commitments. • Establish consistent processes for monitoring reviews, vulnerability remediation tracking, detection improvements, incident support, and audit evidence management.

• Work alongside Senior Security Engineers/Architects • Assist in operational and project duties • Perform tasks in support of regulatory, contract, and industry requirements for cybersecurity governance • Conduct user access reviews • Perform regular audits for user access rights • Format user access level reports for access recertification • Create and review Excel workbooks • Communicate with access reviewers, auditors, and stakeholders • Update user access based on recertification responses • Research user access permissions and provisioning process details