BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio. Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself. The Role As a Staff Research Engineer, you'll drive the evolution of our identity security platform by combining cutting-edge security research with robust engineering practices. You'll work at the intersection of security domain expertise and software development, translating novel research findings into production-ready systems that protect our customers from sophisticated identity-based threats. This role offers the opportunity to shape the future of identity security through innovative research, scalable engineering solutions, and thought leadership in the security community. Please check out our page on X -- https://x.com/btphantomlabs - for an overview of our recent projects. This will help you determine if we’re a good fit for you. What You’ll Do Research & Innovation - Conduct original security research to identify emerging identity attack vectors and develop novel detection methodologies - Design and implement advanced analytics including rule-based systems, behavioral analysis, and machine learning models for threat detection - Expand and optimize our large-scale entitlement graph systems that map privilege escalation paths across customer environments - Develop proactive recommendation engines that identify security misconfigurations before they become attack vectors Engineering & Implementation - Build production-grade security systems with emphasis on scalability, reliability, and performance optimization - Implement and maintain detection pipelines using PySpark, Spark SQL, and distributed computing frameworks - Design custom data representations (graphs, time-series, etc.) to support advanced analytical capabilities - Establish engineering best practices including comprehensive unit testing, automation, and CI/CD pipelines Data Analysis & Optimization - Explore large-scale customer datasets using Spark and Databricks to validate detection hypotheses and uncover new threat patterns - Continuously monitor and tune detection algorithms based on real-world telemetry and performance metrics - Collaborate with data science teams to integrate machine learning models into production detection systems - Optimize system performance to handle massive data volumes efficiently Leadership & Knowledge Sharing - Provide technical leadership and mentorship to product and engineering teams - Present research findings at industry conferences and security forums - Publish technical blogs and research papers to establish thought leadership - Collaborate with cross-functional teams to translate research insights into product roadmap priorities What You’ll Bring Required Qualifications - Strong engineering background with proven experience developing and maintaining production security systems - Strong Python programming skills with experience in large-scale data processing - Proficiency in SQL and database optimization techniques - Experience working with SIEM tools, log analysis platforms, or similar security data systems - Knowledge of adversarial tactics, techniques, and procedures (TTPs) and corresponding defensive strategies - Experience in engineering event detection and response systems with focus on tuning and optimization Preferred Qualifications - Big data processing experience with Apache Spark, Databricks, or similar distributed computing platforms - Background in security research with published findings or conference presentations - Knowledge of cloud security, containerization, and modern infrastructure technologies - Experience with graph databases and network analysis techniques - Familiarity with machine learning applications in cybersecurity - Track record of speaking at technical conferences or contributing to security research publications Technologies You Should Know Required - Python - SQL and database technologies - Distributed data processing frameworks Preferred - Apache Spark / PySpark - Databricks platform - Graph databases and analysis tools - Cloud platforms (AWS, Azure, GCP) - Containerization technologies (Docker, Kubernetes) - Machine learning frameworks and libraries What Makes This Role Unique This position offers a rare opportunity to work at the cutting edge of identity security research while building systems that protect organizations worldwide. You'll have the freedom to pursue novel research directions, the resources to implement your ideas at scale, and the platform to share your expertise with the broader security community. We're looking for someone who thrives on solving hard problems, values engineering excellence, and wants to make a meaningful impact on the future of cybersecurity. Better Together Diversity. Inclusion. They’re more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected. We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together. About Us BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders. BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners. Learn more at www.beyondtrust.com. #LI-BS1

• Lead comprehensive, organized retail crime investigations, including mobile fraud rings, identity theft, and coordinated multi-store activity. • Conduct targeted investigations into Xfinity Mobile fraud, such as unauthorized upgrades, fraudulent activations, SIM-swap attempts, account takeovers, and device financing fraud. • Analyze POS data, activation logs, account activity, surveillance footage, and exception reports to identify patterns and emerging threats. • Partner with local, state, and federal law enforcement agencies to build cases and support prosecution. • Prepares comprehensive, detail-oriented investigative reports, including findings, recommendations, and mitigation strategies, for senior management and stakeholders. • Conducts investigative interviews of witnesses, victims, and subjects. • Collects, documents, stores, and maintains evidence according to the chain of custody guidelines. • Participates in fraud awareness and training programs to educate employees within Comcast Business to reduce integrity concerns. • Assists in compliance efforts by ensuring adherence to relevant regulations, laws, and internal policies. • Consistent exercise of independent judgment and discretion in matters of significance. • Testifies before grand juries, courts, and administrative hearings on investigation results.

• Responsible for initiatives that drive the company forward • Active participation in professional working groups and industry associations • Participate in projects and drive their successful delivery • Proactively identify solutions and work independently

Job Description BAE Systems is seeking an an Information System Security Officer (ISSO) to join our team supporting the Department of War (DoW) High Performance Computing (HPC) Modernization Program (DoD HPCMP) and U.S. Navy DoW Supercomputing Resource Center (DSRC) located at the John C. Stennis Space Center, MS. The ISSO role is responsible for applying Information System (IS) security principles, procedures, and practices under the Risk Management Framework (RMF). As an ISSO you are responsible for implementing security controls, monitoring system security posture, auditing user activity, maintaining records, and updating documentation. Your work will ensure classified information systems maintain compliance with applicable security regulations, such as CNSSI, NIST, and NISPOM. The ISSO's role at the Navy DSRC includes: - - Supporting the Information Systems Security Manager (ISSM) at the DSRC and the program's CSSP. - Providing support in the creation and maintenance of all Assessment and Authorization (A&A) packages under the RMF guidelines utilizing the Enterprise Mission Assurance Support Service (eMASS) tool. This support includes, but is not limited to, clear understanding of eMASS tool, review and make recommendations for supporting documentation supporting the RMF Control/AP responses and if requested by the ISSM, perform the role Initial Task Validator of RMF Controls. - Ensuring DoDD 8570 compliance regarding baseline and Computing Environment, which are required for cybersecurity Technical Personnel, certifications for all applicable staff under the purview of the DSRC. - Management of BAE Systems staff. Specific Responsibilities - Protect information systems and data from threats and vulnerabilities - Create and maintain system security documentation - Implement, maintain, and monitor security controls - Provide security status to the DSRC leadership on a recurring basis - Achieve and maintain Authorization to Operate Unclassified and Classified information systems - Assess and mitigate threats and vulnerabilities - Provide security related guidance and technical support to the Navy DSRC staff - Maintain and report the status of all Plan of Action and Milestones - Attend recurring ISSO meetings across the program - Lead the implementation of critical security projects, such as Zero Trust and Data Exfiltration - Assist the ISSO's at the other DSRCs - Maintain eligibility for personnel security clearance - Perform other duties as assigned #LI-VW1 #LI-Onsite Required Education, Experience, & Skills Required Certification: The candidate must hold an IAM/IAT Level II (or higher) (8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC). Required Education & Experience: Typically a Bachelor's degree and 6+ years' work experience in cybersecurity and or equivalent years/experience. A qualified candidate for this position must have the ability to: - Familiarity with the RMF process - Understanding of NIST 800 series, DoD 8500.2, DoDD 8570, CNSSI 1253, NISPOM Chapter 8, and related publications - Experience implementing and monitoring technical, administrative, and operational security controls - Experience performing risk assessment and risk management for unclassified and classified IT systems - Communicate clearly and concisely verbally and in writing - Experience with Splunk, especially for data analysis - Work as part of a team and independently without direct supervision Preferred Education, Experience, & Skills - Familiarity with the DCSA eMass system and/or other documentation process tools such as Xacta - Familiarity with MS and Linux Operating Systems and associated DISA STIGS - Reviewing security event logs from both Windows and Linux systems - Use of network/system scanning tools and interpreting results - Security incident management - Working with hardware and software vendors - Prior experience in any security related domain, Technical, Physical, or Personnel Pay Information Full-Time Salary Range: $96623 - $164259 Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. About BAE Systems Intelligence & Security BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.