• Define and sustain the enterprise architecture for physical security technologies • Lead the design, evaluation, deployment, and continuous improvement of security technology solutions • Ensure interoperability and integration between physical security systems and digital technology infrastructure • Partner with Digital Technology and Cybersecurity to ensure platforms meet reliability and privacy standards • Evaluate emerging technologies to strengthen operational resilience • Establish governance, standards, vendor strategy, and lifecycle management practices for security technology

SitusAMC is where the best and most passionate people come to transform our client’s businesses and their own careers. Whether you’re a real estate veteran, a passionate technologist, or looking to get your start, join us as we work together to realize opportunities for everyone, we proudly serve. At SitusAMC, we are looking to match your unique experience with one of our amazing careers, so that we can help you realize your potential and career growth within the Real Estate Industry. If you are someone who can be yourself, advocate for others, stay nimble, dream big, own every outcome, and think global but act local – come join our team! This role will support the design, implementation, and continuous improvement of security architecture across AWS and Microsoft Azure environments, enterprise applications, and infrastructure platforms. This role will focus on improving cloud security posture, hardening identity and privilege models, integrating security into SDLC pipelines, and reducing attack surface across infrastructure and applications. Essential Job Functions: - Support the implementation of secure architecture patterns across AWS and Microsoft Azure environments - Support deployment and operationalization of CNAPP/CSPM platform - Drive cloud security posture improvements by integrating CNAPP with Cloud-native tools (e.g., GuardDuty, Security Hub, IAM, KMS, CloudTrail) and Azure security capabilities - Partner with Security Operations to automate and integrate with MSSP and SOAR autmation response principles - Partner with engineering and development teams to embed application security (AppSec) controls into development and deployment pipelines - Lead and support vulnerability management and patching programs across infrastructure and applications - Contribute to security architecture reviews, threat modeling, and design validation - Support implementation and optimization of IAM, PAM, and least-privilege access models - Collaborate with SecOps team to integrate telemetry into SIEM platforms for monitoring and detection - Support in the development and maintainance of secure configuration baselines and reference architectures - Help drive patching strategy for servers, endpoints, and cloud workloads - Conduct architecture reviews and document security requirements - Partner directly with engineering leaders to bake security into product roadmaps. - Stay up-to-date with the latest security trends, threats, and technologies to continuously improve our security posture. - Help drive a culture of zero trust security across engineering, development, and product teams. Qualifications/ Requirements: - Bachelor’s degree in a technical field from an accredited college/university, or equivalent job experience. - Minimum of 6+ years of industry and/or relevant experience, typically with 1+ years in a Senior Associate level role or external equivalent. - Experience in cybersecurity, cloud security, or security engineering, including demonstrated experience operating at a senior or lead level. - Relevant certifications such as CISSP, CEH, GIAC, ISSAP or other relevant security-focused certifications preferred. - Hands-on experience securing AWS and/or Azure environments. - Working knowledge of CNAPP/CSPM platforms - Experience with vulnerability scanning, remediation tracking, and patch management processes - Familiarity with application security principles (SAST, DAST, secure SDLC, threat modeling) - Experience with IAM, PAM, and access governance concepts - Exposure to SIEM and security monitoring integration - Knowledge of Zero Trust architecture principles - Understanding of network segmentation, VPN, Conditional Access, and cloud networking fundamentals - Proficiency in scripting and automation (e.g., Python, PowerShell, Terraform) - Familiarity with container security technologies (Docker, Kubernetes) and infrastructure as code (IaC) tooling - Knowledge of encryption and key management practices. - Strong communication skills and ability to work with both technical and non-technical stakeholders. - Highly motivated self-starter that can manage multiple deliverables independently in a fast-paced environment #LI-AS1 #LI-REMOTE Note: This job description is not intended to be all inclusive or exclusive. At any time, employees may perform other related duties as required to meet the ongoing needs of the organization and participate in additional trainings. SitusAMC does not accept unsolicited resumes from staffing agencies, search firms or any third parties. Any unsolicited resume submitted to SitusAMC in any manner will be considered SitusAMC property, and SitusAMC will not pay a fee for any placement resulting from the receipt of an unsolicited resume. The annual full time base salary range for this role is $115,000.00 - $135,000.00 Specific compensation is determined through interviews and a review of relevant education, experience, training, skills, geographic location and alignment with market data. Additionally, certain positions may be eligible to receive a discretionary bonus as determined by bonus program guidelines, position eligibility and SitusAMC Senior Management approval. SitusAMC offers PTO and paid holidays, the terms of which are set forth in the program policies. All full time employees also are eligible to participate in various benefit plans, including medical, dental, vision, life, disability insurance and 401K; in each case in accordance with the terms of the applicable plans. Pay Transparency Nondiscrimination Provision SitusAMC is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Know Your Rights, Workplace Discrimination is Illegal

Type of Requisition: Regular Clearance Level Must Currently Possess: Secret Clearance Level Must Be Able to Obtain: Secret Public Trust/Other Required: None Job Family: IT Infrastructure and Operations Job Qualifications: Skills: Cybersecurity, Virtualization, VMware TechnologiesCertifications: NoneExperience: 10 + years of related experienceUS Citizenship Required: Yes Job Description: As a GDIT Cyber Infrastructure Specialist, the work you’ll do will be impactful to the mission of our Federal, Intelligence and Defense customers. You will bring deep expertise in building, deploying, configuring, and hardening enterprise-grade servers and virtualization platforms. The ideal candidate will have hands-on experience with VMware technologies (vSphere, vSAN, NSX) and a strong background in systems security, automation/scripting, and lifecycle management. This role requires both deep technical expertise and the ability to collaborate across IT, cybersecurity, and operations teams to ensure resilient and secure infrastructure delivery. MEANINGFUL WORK AND PERSONAL IMPACT As a Cyber Infrastructure Specialist, you will support the business strategy that helps ensure that today is safe and tomorrow is smarter. Our work depends on and joining our team to implement broad impact infrastructure solutions that enable the business to thrive and our customers to realize the benefits of key ZT modernization efforts. Responsibilities: - Design, deploy, and maintain enterprise server and virtualization environments, including VMware vSphere, vSAN, and NSX. - Build and configure virtual machines, clusters, storage, and networking for high availability and scalability. - Integrate compute, storage, and networking resources to deliver optimized virtualized infrastructure solutions. - Apply DISA STIGs, CIS Benchmarks, and other security baselines to harden servers and virtualization platforms. - Ensure compliance with NIST 800-53, RMF, FISMA, or other federal cybersecurity requirements as applicable. - Perform patching, updates, and vulnerability remediation on hypervisors, guest operating systems, and management tools. - Leverage scripting and/or automation frameworks (e.g., Ansible, Terraform, or similar) to streamline deployment and configuration tasks. - Develop scripts and workflows for configuring, hardening, routine operations, monitoring, and troubleshooting. - Optimize infrastructure performance and capacity through proactive monitoring and tuning. - Provide engineering support for issues involving VMware and server platforms. - Document architecture, build procedures, and configuration baselines for knowledge sharing and audits. Required Qualifications: - Bachelor's degree (additional experience may be considered in lieu of a degree). - 10+ years of related experience. - 15+ years preferred. - Secret clearance. - Hands-on experience with VMware vSphere, vSAN, and NSX in enterprise or federal environments. - Strong expertise in server build, configuration, and hardening (Windows and/or Linux). - Demonstrated experience applying security baselines and compliance frameworks (e.g., DISA STIGs, CIS Benchmarks). - Proficiency with automation tools (Ansible, PowerCLI, Terraform, or equivalent). - Knowledge of networking fundamentals (VLANs, routing, firewalls, micro-segmentation). - Strong troubleshooting and problem-solving skills with ability to work independently or in a team. - Strong problems solving skills. - Excellent communications and documentation skills. Preferred Qualifications: Experience working with Federal and Department of War customers GDIT IS YOUR PLACE - At GDIT, the mission is our purpose, and our people are at the center of everything we do. - Growth: AI-powered career tool that identifies career steps and learning opportunities - Support: An internal mobility team focused on helping you achieve your career goals - Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off - Flexibility: Full-flex work week to own your priorities at work and at home - Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore an enterprise IT career at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your desire to drive operations forward. #cyberGDIT The likely salary range for this position is $149,469 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Remote Work Location: Any Location / Remote Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events atgdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

About Integrated Specialty Coverages Integrated Specialty Coverages, LLC (ISC) is a growth stage technology and data-driven commercial MGA and insurance wholesaler leading innovation in the market. Backed by one of the leading private equity firms, Onex Partners, and led by a forward-thinking management team, ISC is combining the worlds of insurance and technology to create an Insurtech powerhouse. As a leading online distributor of insurance products for a range of industries and “Main Street USA”, we are looking for the right people to help us in our mission of achieving exponential growth. We strive to be the number one place to go for brokers and agents to source insurance. To accomplish this, we’re building a digitally focused team that deeply understands the intersection between user experience, data, and AI/ML to optimize the way we engage with our customers and partners. Job Summary We’re looking for a Senior Cybersecurity Engineer to design, build, and operate preventative and detective security controls and automation across our AWS‑first and enterprise environments. Reporting to the CISO, this role implements guardrails, platforms, and integrations and partners with infrastructure, platform, and application teams to embed security by default in our AWS cloud and enterprise environments. The role will perform hands-on engineering in multiple security domains including network security, endpoint security, email security, data security, vulnerability management, container security, and identity and access management. Position Responsibilities - Control Engineering & Operation - Design, implement, and maintain controls in AWS (IAM, KMS, VPC, GuardDuty, Security Hub, Detective, CloudTrail/CloudWatch), network, endpoint, email, data security, vulnerability, and identity domains. - Define SLOs for control availability, latency, coverage, and drift; implement telemetry to continuously measure those SLOs. - Security Automation & “Policy as Code” - Partner with infrastructure, platform, and application teams to build IaC modules (Terraform/CloudFormation) and platform automations (e.g., Python/Lambda, Step Functions) to enforce guardrails (account vending, baseline hardening, logging enablement, key policies, SCPs) using Git. - Implement break‑glass patterns and least‑privilege workflows that are auditable and reversible. - Detection Enablement - Engineer data pathways (e.g., CloudTrail, VPC Flow, ECS audit, identity logs) into SIEM/MDR tooling; ensure completeness, timeliness, and schema quality. - Translate Detection and Response Lead feedback on false positives/gaps into logging or control adjustments. - Vulnerability & Exposure Engineering - Own scanners/integrations, asset coverage, tagging standards, and develop risk‑based remediation pipelines (ticketing, auto‑remediation for low‑risk classes). - Partner with owners to remove friction (pre‑approved windows, canaries, rollbacks). - Identity & Secrets Hardening - Engineer least‑privilege patterns, permission boundaries, conditional access, and automated key/secret lifecycle (rotation, discovery, usage attestations). - Provide ready‑to‑consume roles/policies to teams. - Documentation & Reuse - Maintain runbooks, design docs, and reusable modules; ensure changes are versioned, peer‑reviewed, and test‑ - On‑Call (Engineering) - Participate in control‑health and platform on‑call (e.g., logging ingestion failures, drift, outages). - Escalate security events to the Detection & Response Lead/MDR. Minimum Qualifications - 7+ years in security engineering with production AWS (multi‑account/Organizations) and automation‑first delivery. - Domain experience in at least three of the following: - Network security (segmentation, routing, firewall, proxy, WAF) - Endpoint security (EDR/EPP, hardening, health attestation) - Email security (phishing protection, authentication, inbound/outbound controls) - Data security (classification, DLP, encryption, key management) - Vulnerability management (scanning, prioritization, remediation pipelines) - Container security (image scanning, runtime policy, supply chain) - Identity and access management (policy design, federation, least privilege) - IaC proficiency (Terraform preferred) and Python for automation; CI/CD integration experience (e.g., GitHub Actions, GitLab, CodePipeline). - Experience with root‑cause analysis and remediation of control failures (not incident RCA). - Demonstrated ability to independently drive complex projects to completion, as well as collaborate effectively with a complex set of stakeholders. Preferred Qualifications - Designed landing zones with SCPs, baseline detective controls, centralized logging, account vending, and guardrail automation. - Built event‑driven remediations (e.g., detect to auto‑tag/deny/quarantine) safely with approvals and rollbacks. - Advanced experience engineering security controls in AWS (for example, IAM, KMS, VPC, GuardDuty, Security Hub, Detective, CloudTrail, CloudWatch, Organizations, Control Tower), with automation first practices. - Industry certification such as AWS Certified Security – Specialty, Certified Information Systems Security Professional, GIAC Certifications, SANS. - Knowledge of security frameworks and standards such as NIST, ISO, and CIS. This role also offers bonus pay. Your ISC Talent Acquisition representative will share more details about the bonus component should you advance in the interview process. The starting annual pay scale for this position is listed below. Actual starting pay will be based on factors such as skills, qualifications, training, and experience. In addition, the company offers comprehensive benefits including medical, dental and vision insurance, 401(k) plan with match, paid time off, and other benefits. ISC's salary ranges are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training. National Pay Range $150,000—$180,000 USD Benefits of Working at ISC - Employee Ownership Program - every eligible employee shares in the financial rewards that grow when the company grows - Professional development opportunities - Owner Referral Program - Work from home reimbursement for remote/hybrid roles - Canary emergency financial assistance program - Comprehensive medical, dental, vision - Life/AD&D Insurance - Confidential, Employee Assistance Program - Health Savings Account, includes company contribution - Short-term disability - Voluntary benefits - supplemental accident, critical illness, hospital insurance - Employee discounts - 401(k) Plan with company match contribution - Addition Wealth Financial Wellness Program - Various Time Off Programs - 11 company paid holidays Applicants may contact the ISC HR department via e-mail or phone to request and arrange for an accommodation that will allow the applicant to successfully complete the application process. Applicants needing assistance may request accommodation at any time. Please contact ISC at HR@ISCMGA.com or 760-599-7242. ISC believes in creating long-term relationships by being responsive and relevant and by consistently delivering value to our community of customers. Specifically, we focus on attracting, developing, and retaining the best talent for our business, challenging our people, demonstrating a “can-do” attitude, and fostering a collaborative and mutually supportive environment. Diversity creates a healthier atmosphere: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, gender, gender identity, sexual orientation, marital status, medical condition, genetic information, mental or physical disability, military or veteran status, or any other characteristic protected by local, state, or Federal law. **Must be legally authorized to work in the United States.** **ISC participates in the Federal E-Verify program**