Role Description We are hiring an Information System Security Engineer (ISSE) to serve as the technical implementer of cybersecurity within our platform. This is not a policy or compliance role. You will take security requirements (RMF, NIST, customer constraints) and directly apply them to system architecture, infrastructure, and the software development lifecycle. - Implement NIST 800-53 / 800-171 security controls directly into system design and platform architecture - Lead system hardening and secure configuration across platform components - Embed security into the engineering workflow (DevSecOps) - Perform: - System Patching - STIG implementation and validation - Vulnerability scanning (ACAS/Nessus) - POA&M management and remediation tracking - Partner with engineering teams to: - Secure APIs, services, and data pipelines - Enforce least privilege, identity, and access controls - Support deployment into SIPR / JWICS / SAP environments - Identify and remediate security gaps before they reach customer environments Qualifications - Active TS clearance with SCI eligibility - DoD 8570/8140 certification (Security+ minimum; CISSP/CASP+/CISM preferred) - 5+ years in cybersecurity with hands-on implementation experience - Direct experience with: - NIST 800-53 / 800-171 - DISA STIGs - ACAS/Nessus - Background in: - Systems Administration, Network Engineering, or SOC → transitioned into security - Experience working in classified environments (SIPR, JWICS, SAP) Requirements - You’ve actually hardened systems—not just documented controls - You can move between: - Low-level system configuration - High-level security architecture decisions - You are comfortable doing manual, in-the-weeds work when needed to hit deadlines - Track record of stability (2+ years per role preferred) - Comfortable in a startup environment - Willing to own problems end-to-end, not just your lane Benefits - $116,000 - $174,000 a year (may be additionally eligible for stipend, one-time incentive, or % differential for clearance)

• Owns and manages the organization’s enterprise certification frameworks, ensuring ongoing readiness, audit success, and contractual alignment for ISO, CMMI, and CMMC requirements • Own and manage compliance with ISO standards (e.g., ISO 9001, ISO 27001), CMMI maturity levels, and CMMC / NIST SP 800-171 requirements • Act as the primary coordinator for certification audits, surveillance reviews, appraisals, and assessments • Develop and maintain policies and procedures supporting certification frameworks • Track certification timelines, renewals, and readiness milestones • Work with IT and security teams, HR and training, contracts and compliance, program management • Support proposal teams by validating and documenting certification compliance • Advise leadership on certification-related risks, costs, and contractual impacts

Role Description The A.C.Coy has an immediate need for a Lead Security Engineer. Qualified candidates will be responsible for supporting the security and compliance of the company-wide infrastructure, including networks, servers, workstations, and telecommunications systems. - Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively. - Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on-premises and cloud environments, ensuring compliance with industry security standards. - Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services. - Collaborate with third-party vendors to securely integrate external systems. - Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce security policies. - Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen security posture. - Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post-incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence. - Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection. - Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies that align with the security posture and industry requirements. - Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components. - Analyze daily security events and alerts in the context of policies, prioritizing and escalating issues as appropriate to support timely and effective incident response. - Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with standards, industry requirements, and regulatory expectations. - Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications. - Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management. - Manage the availability and security of public domains and DNS records. Qualifications - Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required. - CISSP certification or progress toward CISSP certification is preferred. - 7-10+ years in infrastructure or security engineering. - Candidate must understand enterprise environments, not just security tools: - Windows Server and Active Directory - Microsoft 365 and Entra ID (Azure AD) - Azure infrastructure and migrations - Networking fundamentals (routing, DNS, load balancers, proxies) - Working with server and cloud teams during deployments - Comfortable supporting production systems and change control - Able to troubleshoot across network, identity, and platform layers - CyberArk – Privileged Access & Identity Security - Certificate lifecycle management via CyberArk / Venafi - PKI modernization and certificate lifecycle automation - Service to service authentication and machine identity strategy - TLS and encryption design across applications and infrastructure - Supporting cloud and SaaS integrations requiring certificates

• Gestionar y administrar de forma integral las identidades y los accesos corporativos (IAM) garantizando el principio de mínimo privilegio. • Gestionar y auditar los PATHs y los flujos de autorización para el acceso a la información crítica. • Supervisar la gestión de plataformas antimalware corporativas y asegurar la protección de los endpoints. • Planificar, desplegar y controlar los agentes de seguridad a través de la infraestructura tecnológica del banco. • Administrar y asegurar la infraestructura de redes (Networking), identificando vulnerabilidades y aplicando soluciones técnicas. • Implementar y asegurar el cumplimiento de los frameworks de seguridad corporativos e internacionales. • Elaborar informes, métricas y cuadros de mando interactivos utilizando Power BI para la monitorización continua del estado de la seguridad. • Coordinar acciones y mantener reuniones periódicas de alineación con los equipos tecnológicos ubicados en Latinoamérica.