Job Title: Senior Security Engineer Company: Virtual Technologies Group (VTG) Location: Remote: Mid-West Position Type: Full-Time Employee Type: FTE Position Summary: Virtual Technologies Group is seeking a Senior Security Engineer to serve as a strategic lead in a staff augmentation model. You will be responsible for maturing a modern security stack centered on AWS/Azure, Rapid7, and Proofpoint, transitioning the environment from reactive triage to proactive architecture. This remote-eligible role requires a blend of hands-on technical automation and high-level mentorship to elevate existing security operations and ensure robust governance across a diverse cloud infrastructure. Company Overview: Virtual Technologies Group is a leading innovator in the technology sector, specializing in the development and implementation of advanced virtual solutions. Our mission is to empower businesses with cutting-edge technology that enhances efficiency, productivity, and connectivity. With a team of highly skilled professionals, we deliver customized solutions tailored to meet the unique needs of our clients across various industries. Our commitment to excellence, innovation, and customer satisfaction drives us to continuously push the boundaries of what is possible. At Virtual Technologies Group, we are dedicated to shaping the future of technology and making a positive impact on the world. Minimum Qualifications - Experience: 5+ years of experience in Security Engineering, with at least 3 years specifically focused on Cloud Security (AWS or Azure). - Cloud Architecture: Foundational knowledge of cloud infrastructure (VPC/VNet, Security Groups, S3/Blob storage) and Identity & Access Management (IAM). - Security Operations: 2+ years of hands-on experience managing a SIEM or XDR platform (e.g., Rapid7, Splunk, or Sentinel) including log onboarding and basic tuning. - Vulnerability Management: Proven ability to manage vulnerability scans, prioritize risks based on business impact, and coordinate remediation with IT/Infrastructure teams. - Incident Response: Experience participating in a formal IR process, from initial detection through to containment and post-incident reporting. - Compliance: Basic understanding of regulatory frameworks such as SOX or PCI-DSS and their application in technical environments. - Communication: Ability to mentor junior staff and translate complex technical security risks into actionable tasks for non-security peers. Preferred Qualifications - Platform Expertise: Direct experience with Proofpoint (specifically TAP, TRAP, and IMD) for automated email threat orchestration. - Advanced Detection Engineering: Proven track record of building custom detection rules and "tuning out the noise" in Rapid7 InsightIDR. - Automation & Scripting: Proficiency in Python or PowerShell to automate repetitive security tasks or integrate tools via APIs. - Deep Microsoft Security Stack: Hands-on experience with Microsoft Defender for Cloud and Microsoft Purview for data governance. - Certifications: Professional-level certifications such as CISSP, AWS Certified Security Specialty, or Microsoft AZ-500. - Strategic Maturity: Experience contributing to security roadmaps, architectural reviews, and process documentation (moving from "reactive" to "proactive" security). - Staff Aug Experience: Previous experience working in a Lead capacity within a managed services or staff augmentation model. Benefits Overview: VTG offers a comprehensive benefits package to meet the needs of our employees and their families. Benefits include medical insurance plans, dental insurance, vision insurance, health savings accounts (HSA), flexible spending accounts (FSA), life insurance, short and long-term disability insurance, paid time off and holidays, and a 401(k) with employer match. EEO Statement: VTG is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other legally protected status. We believe that diversity strengthens our team and drives innovation. All employment decisions are based on qualifications, merit, and business needs. If you require reasonable accommodation during the application or interview process, please contact HR@vtgus.com.

• Teaching excellence. • Deliver online lessons to undergraduate and/or graduate students. • Initiate, facilitate, interact, and moderate online classroom forums. • Be a faculty leader in your classes embracing fully the Community of Inquiry Framework of Teaching Presence, Cognitive Presence, and Social Presence. • Evaluate and grade students' class work, assignments, and papers within the timeframe set forth by APUS policy providing effective feedback to guide student learning and success. • Comply with APUS guidelines and expectations for quality faculty engagement online. • Engage in the classroom and reply to emails, etc. at least every other day, including one day during the weekend. • Remain aware of classroom procedures and use of instructional materials. • Participate in professional development to enhance teaching skills and effective online learning strategies. • Conduct scholarly research and participate in professional engagement activities. • Attend discipline specific and administrative meetings as scheduled. • Maintain ‘discipline’ knowledge by participating in one’s own discipline-related professional communities. • Support APUS initiatives and departments.

• Databricks is hiring an L5 Enterprise Security Engineer to expand Enterprise Security coverage across a rapidly evolving enterprise environment. • This role will focus on securing enterprise applications, cross-system integrations, data flows, and emerging AI-adjacent use cases. • The scope includes modern access patterns such as MCP, integration, and trust boundary security, and broader security engineering support across enterprise platforms and services. • This engineer will help identify risk, define practical security requirements, and improve security outcomes through strong technical judgment and cross-functional partnership. • This role sits at the intersection of enterprise architecture, security engineering, and business enablement. • The engineer will review new technologies, integrations, and workflows with an emphasis on secure design, authentication and authorization, data handling, logging, third-party connectivity, API and token security, and operational resilience. • The role partners closely with IT, Engineering, Legal, Privacy, Procurement, and business stakeholders to surface risk early, set clear requirements, and support scalable adoption of secure patterns. • This is a strong opportunity to help shape how Enterprise Security supports SaaS, internal platforms, automation, and AI-connected systems as the environment continues to grow in complexity.

• Own CMMC L2 certification and FedRAMP High authorization efforts end-to-end, including gap analysis, remediation tracking, evidence collection, and assessment coordination. • Maintain compliance with DFARS cybersecurity clauses (7012, 7019, 7020), ITAR, EAR and other federal requirements; manage SPRS score and supplier requirements. • Develop and maintain System Security Plans, POA&Ms, policies, procedures, and supporting artifacts across all compliance frameworks. • Serve as primary point of contact for C3PAO/3PAO assessors, government customers, prime contractors, and agency authorizing officials. • Manage continuous monitoring activities including vulnerability scanning, access reviews, evidence collection, and monthly/annual reporting. • Monitor regulatory changes across CMMC, FedRAMP, NIST 800-171/800-53, DFARS, and ITAR; assess impact and drive necessary updates. • Implement security controls hands-on, including identity and access management, logging, encryption, and endpoint security. • Harden cloud infrastructure in GCP, AWS, implementing security configurations and access controls aligned with compliance requirements. • Build automation and tooling for evidence collection and compliance reporting; integrate security into CI/CD pipelines. • Define, document, and enforce CUI boundaries and enclave architecture. • Translate compliance requirements into actionable technical guidance for engineering teams. • Support customer security assessments, due diligence requests, and contract security requirements.