• Monitor and analyze security events across endpoints, networks, cloud, and collaboration platforms (SIEM, EDR, firewalls, M365/Azure Gov, etc.) • Investigate alerts, perform triage, and lead incident response activities • Conduct root-cause analysis and implement corrective actions • Manage vulnerability scanning and remediation tracking • Perform log analysis, threat hunting, and anomaly detection • Support secure configuration baselines (CIS/STIG hardening) • Implement and maintain controls aligned to: • NIST SP 800-171 • CMMC Level 2/3 • DFARS 252.204-7012 • ITAR / EAR Export Control • NASA/DoD contract security clauses • Maintain System Security Plans (SSPs), POA&Ms, and control evidence • Support CMMC assessments and external audits (C3PAO/DCMA/Prime Contractors) • Assist with enclave design for CUI/ITAR environments • Ensure proper handling, marking, storage, and transmission of export-controlled data • Collaborate with IT and engineering teams on: • Secure cloud configurations (Azure Gov / GCC High preferred) • Identity & access management (MFA, least privilege, RBAC) • Endpoint security & device management • Network segmentation for regulated workloads • Conduct risk assessments and maintain risk registers • Develop and update policies, standards, and procedures • Support vendor and supply-chain cybersecurity reviews • Track metrics and KPIs for security posture reporting • Lead or support tabletop exercises and incident simulations • Provide security awareness and CUI/ITAR handling guidance • Advise business units on compliant collaboration practices • Promote a “security-by-design” mindset across the organization

Role Description Cyber Defense Technologies (CDT) is seeking a Junior Penetration Tester to support cybersecurity operations across multiple enterprise and government environments. The selected candidate will assist senior penetration testers and security engineers in identifying vulnerabilities across networks, systems, and applications through authorized penetration testing and vulnerability assessment activities. This role provides an opportunity to work alongside experienced cybersecurity professionals performing offensive security assessments, vulnerability validation, and adversary emulation activities. The Junior Penetration Tester will participate in engagements that help organizations strengthen their security posture by identifying exploitable weaknesses and providing actionable remediation recommendations. The ideal candidate is passionate about cybersecurity, eager to learn advanced penetration testing techniques, and comfortable working in both Linux and Windows environments while leveraging industry-standard tools and frameworks. Qualifications - 0–2 years of cybersecurity or IT security experience related to vulnerability assessment, security operations, or penetration testing - Foundational knowledge of penetration testing methodologies and attack techniques - Experience working in Linux environments (Kali Linux, Ubuntu, or similar distributions) - Familiarity with Windows environments and Active Directory fundamentals - Understanding of network protocols (TCP/IP, DNS, HTTP, SMB, LDAP) - Basic scripting ability using Python, Bash, or PowerShell - Familiarity with common security testing tools such as: - Nmap - Burp Suite Community or Professional - Metasploit Framework - Wireshark - Nessus / OpenVAS - SQLmap - Nikto / OWASP Zap - Hydra - Gobuster / Dirbuster - BloodHound - Basic understanding of web application vulnerabilities such as SQL Injection, XSS, authentication bypass, and misconfigurations - Strong written communication skills for technical documentation and report writing Requirements - Assist senior penetration testers with internal and external penetration testing engagements against enterprise systems and networks - Conduct web application penetration testing using industry-standard tools and methodologies - Perform vulnerability identification, validation, and risk analysis to determine exploitability and impact - Support network reconnaissance, enumeration, and exploitation activities during authorized testing engagements - Assist in conducting wireless security assessments and password security testing - Document testing procedures, findings, and remediation recommendations for inclusion in professional penetration testing reports - Utilize tools such as Nmap, Burp Suite, Metasploit, Nessus, and Wireshark during testing activities - Participate in security research and exploit development labs to improve testing methodologies - Assist with post-exploitation analysis and privilege escalation testing - Support incident response investigations when malicious activity or compromise is suspected - Maintain familiarity with common attack frameworks such as MITRE ATT&CK, OWASP Top 10, and PTES - Collaborate with security engineers and system administrators to validate remediation efforts and conduct retesting Preferred Qualifications - Candidates possessing or actively pursuing one or more of the following entry-level penetration testing or cybersecurity certifications are strongly encouraged to apply: - TCM Security - PNPT – Practical Network Penetration Tester - PJPT – Practical Junior Penetration Tester - PWPT – Practical Web Penetration Tester - INE / eLearnSecurity - eJPT – eLearnSecurity Junior Penetration Tester - eWPT – eLearnSecurity Web Application Penetration Tester - CompTIA - Security+ - PenTest+ - CySA+ Desired Skills - Experience participating in Capture-the-Flag (CTF) competitions or security labs (TryHackMe, HackTheBox, PortSwigger Labs, etc.) - Familiarity with Active Directory attack fundamentals - Experience using Kali Linux penetration testing toolsets - Understanding of basic privilege escalation techniques on Linux and Windows systems - Experience working in team-based cybersecurity environments Work Environment - Remote or hybrid work environment depending on program requirements - Collaboration with CDT security engineers, red team members, and incident response personnel - Opportunity to participate in advanced penetration testing engagements and cyber research initiatives Benefits - Competitive salary based on experience - Comprehensive benefits package, including health, dental, and retirement plans - Opportunities for professional development and career advancement Company Description CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. Apply Now If you are a proactive Penetration Tester and thrive in dynamic environments, we encourage you to apply and join the CDT team!

• Provides advanced analysis of systems from a security perspective, and ensures systems are designed with appropriate security requirements "baked-in", and that these systems maintain proper security postures throughout their life cycle. • Maintains a thorough understanding of risk management frameworks, including the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and NIST Cybersecurity Framework (CSF). • Moves fluidly between nuts-and-bolts, tactical security implementations, to high-level strategic policy, standards, and guidelines that facilitate effective security operations. • Develops and maintains an in-depth knowledge of governing Defense, Federal, and Industry security regulations, standards, and best practices, including those defined in NIST 800-53, DISA Security Technical Implementation Guides (STIGs), Center for Internet Security (CIS), and vender security best practices.

Role Description This role exists to protect our sportsbook ecosystem from financial leaks and sophisticated fraud. You’ll help us maintain platform integrity and profitability by analyzing real-time betting data, neutralizing risks, and catching vulnerabilities before they scale. What you’ll drive: - Real-Time Detection & Monitoring: - Validate live and pre-match sports betting activity using Fairplay Monitor and internal alert systems. - Detect and intercept suspicious betting patterns, including arbitrage, value exploitation, latency abuse, and abnormal winnings. - Analyze player behavior across multiple accounts to uncover organized fraud rings and bonus abuse. - Risk Decisions & Execution: - Apply immediate risk mitigation actions, independently triggering account segmentation, betting limits, and market restrictions. - Drive verification requests for suspicious accounts to strictly validate player identities and block bad actors. - Resolve complex customer cases and internal JSM tickets related to fraud suspicions without compromising operational SLAs. - Cross-team Collaboration & Process Improvement: - Partner with Trading, Payments, Risk, and Integrity teams to conduct deep-dive investigations into betting anomalies. - Document audit-ready case notes and maintain accurate internal tracking tables for all antifraud actions. - Optimize our workflows by reporting bugs, clarifying rule logic, and suggesting improvements to our detection systems. Qualifications - 1+ year of hands-on experience in sports betting operations, fraud detection, or risk monitoring. - Strong understanding of sports betting mechanics, odds logic, and common fraud schemes (e.g., arbitrage, value betting). - Proven ability to make fast, autonomous decisions under time pressure with high operational accuracy. - Readiness to work in a 24/7 environment on a structured 4/2 rotating shift schedule (morning, evening, and night shifts). - Intermediate (B1+) English level to communicate clearly with cross-functional teams and maintain documentation. Requirements - Experience working with BI tools (like Tableau) or handling large operational datasets. - Familiarity with alert-based fraud detection systems (e.g., Fairplay Monitor). - Basic understanding of SQL for independent data validation. Benefits - Benefits Cafeteria — annual budget you allocate to: - Sports - Medical - Mental health - Home office - Languages - Paid maternity/paternity leave + monthly childcare allowance. - 20+ vacation days, unlimited sick leave, emergency time off. - Remote-first + tech support + coworking compensation. - Team events (online/offline/offsite). - Learning culture with internal courses + growth programs. Company Description GR8 Tech builds B2B iGaming platforms for operators who play to lead. We deliver full-cycle, high-impact tech designed to scale — from seamless integrations and expert consulting to long-term operational support. Our platform powers millions of active players and drives real business growth. Call it what it is: the iGaming Platform for Champions. With 1000+ GR8 people across locations and time zones, we don’t just ship technology — we help operators build success stories across brands, markets, and geos. Our ambition drives us. Our people make it real.