• Analyze and fully reproduce potential security findings reported to our clients • Communicate with the global researcher community to gather information and inform them of triage analysis outcomes • Author and deliver NCC-quality vulnerability reports to the specifications of individual clients • Drive or contribute to projects that improve Bug Bounty Services’ tooling, operational processes, and delivery quality

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description DecisionPoint Corporation is seeking an Information Security Analyst to join our team! This role will support the design and implementation of a comprehensive approach to securing government networks and applications while ensuring compliance with federal security and oversight requirements. This position is fully remote. This requisition is contingent upon additional funding. Duties & Responsibilities - Provide guidance to ensure project compliance to the United States Government Baseline (USGCB) for IT Security, taking into account agency policies, default configurations and settings, IPv6 security capabilities, and any other potential IPv6 requirements. - Provide technical expertise of computer security laws, mandates, standards and policies in accordance with the Federal Information Security Management Act (FISMA) as amended, National Institute of Standards and Technology (NIST) Special Publications (SPs), Office of Management and Budget mandates, the Department of the Treasury policies for information security requirements and Federal Risk Management Program (FedRAMP) authorization process. - Utilize technical expertise of computer theories, principles, practices and industry standards to complete computer security related functions that include certification and accreditation of government information and telecommunications system, IT disaster recovery and business continuity planning, and risk management activities. - Represent the project in internal and external meetings, working groups, and integrated project teams to provide IT security compliance requirements. - Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth. - Participate in internal security and compliance program and track recurring controls. - Help support customer security reviews, RFPs and external security and privacy inquiries. - Help support internal/external audits and evidence collection. - Document new and update existing policies, procedures, standards and resources. - Participate in Security awareness program, train personnel on data security & privacy related processes and responsibilities. - Participate in defining, collecting and tracking various Security Metrics. - Support vendor management, including vendor risk assessments and security reviews. - Ability to prioritize in a highly dynamic work environment. Qualifications - Ability to obtain a Public Trust and EOD. - Bachelor and three (3) years' or Master and (2) years' experience. - Three (3) years of experience working in information security or compliance, NIST, FISMA, ATO experience. - Technical understanding of IPv6 security requirements and associated network protocols. - Expert-level knowledge of Zscaler security solutions and their implementation in enterprise environments. - Ability to work closely with cross-functional stakeholders. - Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers. Desired Skills & Abilities - Work experience with ISO 27001 compliance standard. - Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness & training, BC/DRP, etc. - Ability to balance risk, potential impact, resourcing, business drivers, and timelines. - Advanced degree in computer science, information technology or Information security. - Ability to prioritize in a highly dynamic work environment. Our Equal Employment Opportunity Policy DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws. Pay Transparency Policy In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. Authorization to Share Resume and Personal Information By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

• Work during night shifts as a critical line of defense for customers • Distinguish high-fidelity attacks from benign anomalies • Focus on decision-making without repetitive tasks • Operate under a high degree of focus to ensure security of environments

• Help define the playbooks, tone, and operational ethos that will drive our 24x7 service • Serve as the final escalation point for complex investigations • Validate confirmed malicious threats and investigate inconclusive determinations • Reconstruct the full narrative of the attack to provide context needed for precise remediation • Actively participate in the operational feedback loop to improve AI’s detection logic • Provide clear, human-guided remediation steps to help customers resolve threats