Role Description The A.C.Coy has an immediate need for a Lead Security Engineer. Qualified candidates will be responsible for supporting the security and compliance of the company-wide infrastructure, including networks, servers, workstations, and telecommunications systems. - Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively. - Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on-premises and cloud environments, ensuring compliance with industry security standards. - Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services. - Collaborate with third-party vendors to securely integrate external systems. - Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce security policies. - Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen security posture. - Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post-incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence. - Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection. - Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies that align with the security posture and industry requirements. - Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components. - Analyze daily security events and alerts in the context of policies, prioritizing and escalating issues as appropriate to support timely and effective incident response. - Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with standards, industry requirements, and regulatory expectations. - Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications. - Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management. - Manage the availability and security of public domains and DNS records. Qualifications - Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required. - CISSP certification or progress toward CISSP certification is preferred. - 7-10+ years in infrastructure or security engineering. - Candidate must understand enterprise environments, not just security tools: - Windows Server and Active Directory - Microsoft 365 and Entra ID (Azure AD) - Azure infrastructure and migrations - Networking fundamentals (routing, DNS, load balancers, proxies) - Working with server and cloud teams during deployments - Comfortable supporting production systems and change control - Able to troubleshoot across network, identity, and platform layers - CyberArk – Privileged Access & Identity Security - Certificate lifecycle management via CyberArk / Venafi - PKI modernization and certificate lifecycle automation - Service to service authentication and machine identity strategy - TLS and encryption design across applications and infrastructure - Supporting cloud and SaaS integrations requiring certificates

• Gestionar y administrar de forma integral las identidades y los accesos corporativos (IAM) garantizando el principio de mínimo privilegio. • Gestionar y auditar los PATHs y los flujos de autorización para el acceso a la información crítica. • Supervisar la gestión de plataformas antimalware corporativas y asegurar la protección de los endpoints. • Planificar, desplegar y controlar los agentes de seguridad a través de la infraestructura tecnológica del banco. • Administrar y asegurar la infraestructura de redes (Networking), identificando vulnerabilidades y aplicando soluciones técnicas. • Implementar y asegurar el cumplimiento de los frameworks de seguridad corporativos e internacionales. • Elaborar informes, métricas y cuadros de mando interactivos utilizando Power BI para la monitorización continua del estado de la seguridad. • Coordinar acciones y mantener reuniones periódicas de alineación con los equipos tecnológicos ubicados en Latinoamérica.

Role Description Istari Digital delivers a model-based digital engineering platform used by defense and aerospace organizations to design and operate mission-critical systems. Our platform is deployed into classified and high-security environments, where cybersecurity is foundational—not optional. We are hiring a Cybersecurity Solutions Architect to serve as the technical face of Istari to federal customers. You will own the question: “Does this platform meet our security requirements – and how?” What You’ll Do - Lead security discussions in pre-sales engagements - Translate customer requirements into: - Clear architectural explanations - Concrete engineering requirements - Support: - RFP/RFI responses - Security questionnaires - Accreditation alignment (RMF readiness) - Identify and communicate security gaps early (before they become deal blockers) - Build secure reference architectures for classified deployments - Partner with engineering to shape roadmap based on federal security needs Qualifications - Active TS clearance with SCI eligibility - Deep understanding of: - NIST 800-53 / 800-171 - RMF / ATO processes - 3+ years of experience working with: - DoW, IC, or SAP programs - AWS, Azure, or Google Public Sector (especially GovCloud / compliance / security) - Prior work in Intelligence Community or SAP environments - Candidates with only commercial-sector experience or without exposure to federal security processes are not an ideal fit for this role. What Makes You a Strong Fit - You can confidently say: “Yes, we meet your requirements – and here’s exactly how.” - You understand both Technical architecture and Government accreditation realities Company Description We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Role Description Tyto Athene is hiring a Security Engineer, AWS & GCP to join our team of cloud, security, and compliance experts. This role is primarily focused on day‑to‑day security engineering, including system hardening, vulnerability remediation, cloud operations, and security tool management across AWS & GCP environments. In addition to regular business‑hours responsibilities, engineers participate in a structured after‑hours 24×7 on‑call rotation (primary or backup) to support response to incidents, alerts, and escalations for customers operating under FedRAMP, FISMA, and NIST 800‑53 frameworks. Responsibilities: - Perform systems administration and maintenance including patching, vulnerability scanning, compliance scanning and remediation, backups, and recovery for cloud workloads. - Support AWS & GCP environments, including Windows and Linux virtual machines, container workloads, and cloud services such as EC2, EBS, S3, RDS, WorkSpaces (AWS), Compute Engine, Cloud Storage, Cloud SQL (GCP), and Active Directory or equivalent identity services. - Configure, update, and maintain security tools for endpoint protection, log collection, vulnerability scanning, and compliance monitoring. - Troubleshoot issues across network, compute, application, and identity layers by reviewing logs, collecting data, and analyzing system behavior. - Implement hardening and compliance controls using CIS Benchmarks, DISA STIGs, and FedRAMP requirements. - Remediate vulnerabilities identified by tools such as Tenable, Trivy, OpenSCAP, Anchore, Twistlock, and others. - Provide quality assurance feedback during system deployments to ensure architecture meets compliance and operational requirements. - Collaborate with Security Analysts to ensure uninterrupted delivery of security services to customers. - Create and maintain documentation including network diagrams, dataflow diagrams, SOPs, and security tool configuration guides. - Support client communications, deliverables, and issue resolution with strong verbal and written communication skills. - Support and mentor junior engineers as and when required. After‑Hours 24×7 On‑Call Rotation: - Serve as primary or backup on‑call engineer during assigned rotation. - Respond to after‑hours security alerts, infrastructure incidents, outages, and ConMon events. - Perform initial triage, containment, and stabilization using established runbooks. - Investigate and respond to alerts generated. - Escalate complex issues to senior engineers, architects, or compliance teams. - Document incidents, actions taken, and recommended improvements. - Contribute to automation improvements and runbook enhancements. Qualifications - Six (6) or more years of IT engineering and/or cybersecurity experience, with at least three (3) years working in a dedicated cloud security engineering or similar position. - Hands‑on experience with both AWS and Google Cloud Platform (GCP). - Ability to diagnose and resolve issues across Linux and Windows systems, network infrastructure, and cloud services. - General systems administration and vulnerability management experience, including system patching and hardening, identity and access management (IAM), and related tasks. - Experience working in a DevSecOps environment, integrating security practices into cloud and infrastructure workflows. - Familiarity with ITSM ticketing systems such as Gitlab (preferred), Jira, ServiceNow, etc. - Ability to work independently during both business hours and on‑call periods. - Strong written and verbal communication skills for customer interaction and incident documentation. - Hands‑on experience with one or more of the following tools: - Splunk Enterprise - Tenable Security Center/Nessus - Invicti/Acunetix - Appgate - Okta - GitLab - Palo Alto Networks Firewalls - TrendMicro Deep Security - Trivy - Anchore - Terraform - CloudFormation - Ansible Requirements - Bachelor's Degree in Computer Science or other relevant field. - Experience supporting federal/government-facing customers or consulting engagements, ensuring compliance and operational requirements. - Experience with FedRAMP, FISMA, or NIST 800‑53 compliance frameworks. - Prior on‑call, SRE, SOC, or incident response experience. - Relevant AWS or Google Cloud Platform certifications. - Security+ or other relevant industry security certification. - Experience with infrastructure‑as‑code or automation tooling. - Experience with Kubernetes is highly desirable. Location Remote (US) Clearance Must be a US Citizen with the ability to obtain a security clearance. Compensation Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically between $115,000-$130,000. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range. Benefits - Health/Dental/Vision - 401(k) match - Paid Time Off - STD/LTD/Life Insurance - Referral Bonuses - Professional development reimbursement - Parental leave