Role Description As a Cybersecurity Operations Analyst IV, you will provide expert-level cybersecurity support across cloud and enterprise computing environments. You will: - Apply advanced knowledge of cybersecurity concepts, processes, practices, and procedures to perform technical assignments and ensure the protection of systems, networks, and data. - Support the integration and implementation of secure computer system solutions aligned with organizational security policies and mission requirements. - Work with engineering and infrastructure teams to evaluate security requirements, identify vulnerabilities, and recommend mitigation strategies to strengthen the overall security posture. - Weigh business needs against cybersecurity risks and clearly communicate security implications to both technical and non-technical stakeholders. Responsibilities - Support enterprise Cybersecurity standards. - Develop and implement Cybersecurity standards and procedures in accordance with government regulations. - Coordinate, develop, and recommend security processes. - Recommend Cybersecurity solutions to support customers’ requirements. - Identify and report security violations. - Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands. - Support customers at the highest levels in the development and implementation of processes and policies. - Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. - Support design and development of security features for system architecture requirements. - Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers. - Support design, development, engineering, and implementation of solutions that meet CSPP requirements. - Provide integration and implementation of the computer system security solution. - Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems. - Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. - Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction. - Ensure that all information systems are functional and secure. - Ensure cyber monitoring is performed timely and cyber responses occur within established processes/procedures. - Support efforts for critical processes outside of normal hours to include nights, weekends, and holidays. - Deploy rapid response to quickly resolve cyber events. - Communicate with senior customer stakeholders on reporting metrics (e.g., number of events, average time to respond, affected applications or platforms, etc.). - Prepare and distribute cyber/IA required reporting. - Ensure 100% of planned hours are worked and recorded. - Identify and forward to leadership any opportunities that could lead to growth within your work area. - Participate in growth efforts as requested. - Ensure all contractual deliverables are met or exceeded to the customer's satisfaction. - Complete personal PDP and attend staff meetings and Storytime (with camera on). - Build productive and positive professional relationships with clients within your program. - Execute all contract requirements as assigned in accordance with the contract-specific LCAT and requirements. Qualifications - Active Public Trust clearance. - Bachelor’s degree in Information Systems, Computer Science, Engineering, or a related technical field with at least 12 years of relevant experience. - Demonstrated experience supporting cloud systems administration and infrastructure operations. - Ability to troubleshoot infrastructure and system issues with moderate guidance. - Working knowledge of cloud infrastructure administration, automation, and security principles. - Strong expertise in cloud infrastructure administration, automation, and security principles. - Proficiency in scripting languages such as PowerShell, Python, or Bash for automation and configuration management. - Experience with network administration, including switches, routers, and VoIP infrastructure. - Strong knowledge of Splunk, writing SPL, creating dashboards, and onboarding new applications. Preferred Additional Qualifications - Hands-on experience with public or private cloud deployments. - Knowledge of IT infrastructure best practices and industry standards. - Experience in network and domain administration. - Familiarity with cloud-based automation tools and methodologies. - Strong analytical and troubleshooting skills. - Experience with Agile development methodologies. Benefits - Competitive compensation. - Health and wellness programs. - Income protection. - Paid leave. - Retirement and savings. - Learning and development opportunities. Company Description JHNA, CTSi, and EXPANSIA have come together to form a Defense Technology platform focused on delivering high-impact technologies, technology-enabled services, and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. Backed by Falfurrias Management Partners, the platform brings together deep domain expertise across Army, Navy, and Air Force and Space Force programs, digital engineering, systems integration, and specialized manufacturing capabilities. The combined organization operates as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.

• Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers • Be part of a SOC on-call rotation during weekends (every fourth weekend) • Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents • Operate security tools like CNAPP, EDR, SIEM, DLP, various AI tools, vulnerability management solutions, and others • Develop correlation rules to expand our threat detection capability; enrich the rules with threat intelligence • Automate repetitive tasks by utilizing AI and traditional automation through API interfaces • Perform threat hunting to proactively detect incidents • Liaise with GRC and Product Security to mitigate risks in both enterprise and production environments • Investigate, document, and report on information security issues and emerging trends.

itD is seeking a Security Governance, Risk, and Compliance (GRC) Program Manager (Compliance Specialist V) to lead strategic security risk initiatives and provide second-line oversight of enterprise risk and compliance programs. This role is critical in shaping organizational security posture, ensuring alignment with global regulatory requirements, and enabling scalable, secure business operations across diverse business units. The ideal candidate will bring deep expertise in cybersecurity and GRC frameworks, along with a proven track record of delivering enterprise risk programs, automated control frameworks, and cross-functional security initiatives. Location: Remote (U.S.-based) Duration: 6 Months We provide comprehensive medical benefits, a 401k plan, paid holidays, and more. Please note that we are only considering direct W2 candidates at this time, as we are unable to offer sponsorship. Responsibilities - Lead and execute strategic risk initiatives within the Security GRC program to strengthen enterprise security posture - Identify, assess, and resolve complex cybersecurity and compliance risks across multiple business units - Develop, implement, and automate security controls aligned with industry GRC standards - Collaborate cross-functionally with Security, Product, Engineering, and Legal teams to ensure regulatory alignment and risk mitigation - Influence senior stakeholders and drive adoption of best practices in risk management and compliance - Establish frameworks and governance processes that support scalable and secure business operations - Drive thought leadership and continuous improvement in security risk management practices Internal Responsibilities - Attend regular internal practice community meetings - Collaborate with your itD practice team on industry thought leadership - Complete client case studies and learning material (blogs, media material) - Build out material to contribute to the Digital Transformation practice - Attend internal itD networking events (in person and virtual) - Work with leadership on career fast-track opportunities Required Qualifications and Skills - 10+ years of experience in cybersecurity, risk management, or GRC programs - Deep knowledge of cybersecurity and Governance, Risk, and Compliance (GRC) frameworks - Experience building and implementing security controls and automation - Proven ability to lead strategic initiatives and influence cross-functional stakeholders - Strong experience in risk assessment, compliance, and internal governance processes Preferred Qualifications and Skills - Experience with regulatory compliance across global environments - Background in program management within large technology organizations - Prior experience with leading tech companies or Big 4 consulting firms - Strong internal networking, stakeholder engagement, and advocacy skills Education - Bachelor’s degree in a relevant field or equivalent work experience required Company Description About itD: We are part of a new generation of consulting and software development company that blends diversity, innovation, and integrity with real business results. Our structure rejects any strong hierarchy, empowering us to deliver excellent results. We are a woman- and minority-led firm. Every day, we challenge ourselves to be considerate, fair and to re-think what great outcomes mean for our customers. This permeates down to how we approach every interaction, on every project, for every client. You’ll thrive here if you are a dynamic self-starter, a difference-maker or someone who wants to deliver great results, without constraints. The itD Digital Experience: Joining us means you’ll be part of our global community, you have a say about your own career journey, and you’ll get a chance to give back to causes that matter. You will experience working with Fortune 500 companies and high-performance teams across numerous industries. itD offers our employees excellent benefits such as medical, dental, vision, life insurance, paid holidays, 401K + matching, networking & career learning and development programs. We are growing and we want to see you grow! Visit https://itdtech.com/careers to learn more about what working at itD can mean for you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. itD is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or to perform the essential functions of a position, please contact us at recruiting@itdtech.com and let us know the nature of your request and your contact information. Additional Info Dynamic environment in a culture of respect, empowerment and recognition for a job well done, apply today!

• Stand up and lead a lean, highly efficient, and automation-driven Security and Threat Operations team, including hiring, coaching, and career development of analysts and engineers. • Establish operating rhythms (standups, metrics reviews, post-incident retrospectives) and standard operating procedures for response, containment, eradication, and recovery. • Build and maintain a Security and Threat Operations strategy in coordination with the CISO and other stakeholders, including software engineering, data engineering, and IT. • Develop and report on KPIs and KRIs for the Security and Threat Operations function. • Align SecOps processes to FFIEC/GLBA expectations and industry frameworks (NIST CSF and Cyber Risk Institute Profile). • Prepare evidence for audits/exams; provide clear, actionable metrics and board-level reporting on SOC performance, incident trends, control coverage, and risk reduction. • Partner with Legal, Compliance, Privacy, and Third-Party Risk on obligations and notifications. • Coach analysts on analytical rigor, bias reduction, and structured investigations. • Promote a blameless, learning-oriented culture that prizes speed, accuracy, and craftsmanship. • Own SIEM/SOAR strategy and daily operations; drive log onboarding, normalization, and high-fidelity detections across the entire technology landscape. • Serve as incident response commander for high-severity incidents; coordinate cross-functional responders in Infrastructure, IT, Engineering, Legal, and Compliance. • Build, maintain, and continuously improve standard operating procedures (SOPs), runbooks, and playbooks. • Maintain and exercise incident response plans through tabletop and similar activities. • Maturity evidence handling, forensics workflows, and case management; ensure accurate timelines and regulator-ready documentation. • Drive post-incident reviews with measurable corrective actions (people/process/technology) and executive readouts. • Own the vulnerability management lifecycle, ensuring coverage of vulnerability discovery, triage, and management across servers, endpoints, network, cloud subscriptions, containers/images, and custom APIs.