Electrosoft Services, Inc. is an award-winning company that provides comprehensive technology-based solutions and services to federal customers. While cybersecurity is our specialty, we also focus on ICAM, enterprise IT modernization, and software solutions. We always seek to delight our customers, so we retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance. What sets us apart from all other contractors is the sense of teamwork our employees feel – and the knowledge that outstanding effort is recognized and rewarded. The camaraderie we share emanates from Lunch & Learn sessions where we explore new ideas together, fun group activities ranging from escape rooms to miniature golf, and much, much more. If we’ve described you and your dream workplace, please apply and share in the many benefits and opportunities we offer. Senior Cybersecurity Auditor Responsibilities and Duties: Independently performs complex security analysis of classified and unclassified applications, systems, and enclaves for compliance with security requirements. Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations. Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks. Performs vulnerability and risk analysis and participates in a variety of computer security penetration studies. Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers. Recommends solutions to meet security requirements. Gathers and organizes technical information about an organization's mission goals and needs and makes recommendations to improve existing security posture. Provides enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves. Provides workable recommendations and advice to client executive management on system improvements, optimization, and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC. Competence to work at the highest level of all phases of information systems auditing. Basic Qualifications: - Associates or higher degree preferred - Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications and IT frameworks. - Seven (7) years of IT experience - Five (5) years of cybersecurity experience - Strong analytical and problem-solving skills for resolving security issues. - Strong skills implementing and configuring networks and networks components. - Command Cyber Readiness Inspection certification or equivalent in at least one of the following areas: - Nessus Scan Analysis - Operating Systems (Windows, Unix) - Boundary Defense) Network Policy, Router, Firewall) - Internal Defense (L2 Switch, L3 Switch) - DNS (Policy, BIND/Windows) - HBSS (remote console, AV, ABM, PA HIPS, ePO) - Traditional Security (Common, Basic, NCV, SCV) - Wireless Communications (BES, Handhelds) - Tenable Certified NESSUS Auditory - Knowledge and understanding of DOD security regulations, DISA Security Technica Implementation Guides - Understanding of SCAP - Familiarity with AUTOCHECKLIST Tool - Knowledge of and proficiency with: - VULNERATOR - USCYBERCOM CTO Compliance Program - Wireless vulnerability assessment - Web Services (IIS, Apache, Proxy) - Database (SQL Server, Oracle) - Email Services (Exchange) - Vulnerability Scans (NESSUS, SCCM) - Knowledge of Phishing exercises - Cloud Security - Operational Technology - Artificial Intelligence - USB Detection - Physical Security - Required to possess experience as a DISA Risk Management Executive, Cyber Standards Branch Command Cyber Readiness Inspection (CCRI) or Cyber Operational Readiness Assessment (CORA) Team Lead and have a certification in penetration testing, such as: - Licensed Penetration Tester (LPT) - Certified Expert Penetration Tester (CEPT) - Certified Ethical Hacker (CEH) - Global Information Assurance Certification Penetration Tester (GPEN) - Security Clearance Level: SECRET and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment.

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results. This is a contingent position based upon customer approval. SkyePoint Decisions is seeking a Security Control Assessor to join our team supporting a government contract. This is a remote position. Responsibilities: - Provide overall SA/OSA subject matter expertise to the Information System Security and Authorization (SA) program. - Provide specific guidance and technical expertise in the form of standards, policies, procedures, and oversight for the program. - Review and provide guidance on OSA program and continuous monitoring capabilities, PIA, SSPs and identity updates to enhance the quality of these assessments. - Review and provide advice based on analysis for Privacy Impact Assessments (PIA). - Review and provide advice based on analysis for Third Party Website and Applications (TPWA). - Review and analyze all system artifacts for accuracy, completeness, in support of an authorization to operate (ATO) requests. - Review ATO packages under the RMF for customer systems and the systems of the external partners and create or updated ATO packages as necessary before submission for approval. - Create or Review ATO packages prior to submission to CISO and CIO approval. - Ensure all assessment and audit reports are uploaded properly to the FISMA Management Tool: (Cyber Security Assessment and Management (CSAM)). - Coordinate and assist with data calls and data collection efforts for compiled and managed responses from stakeholders for audit and compliance reporting. - Conduct audits of closed Plan of Actions and Milestones (POA&M) for completeness and compliance. - Support the ongoing security authorization (OA) process that includes continuous monitoring. - Provide document development support for CISO sponsored events and responses to questions and concerns. - Draft document review and feedback on application of security and privacy requirements (e.g., technical review boards, review of SSPs, RA’s, contingency plan, POA&M reports). - Track the renewal dates for the security authorizations and ongoing security authorizations to ensure the ATO renewal efforts by working with respective stakeholders, SOs, and ISSOs. - Conduct lessons learned sessions and developing best practices. Required Qualifications: - Must be able to obtain a High Risk/Public Trust Security Clearance. - Bachelor’s or equivalent and five to ten (5-10) years related experience. - At least three years of experience in a computer security incident response role. - At least three years of enterprise Linux and Windows administration. - Experience working in a Security Operations Center. - Experience with Active Directory and other enterprise credential stores. - Passion for information security and incident response. - Experience with cyber threat intelligence. - Excellent communications and interpersonal skills. - Critical thinking and problem-solving skills. - Ability to quickly learn new technologies and respond to changing requirements and environment. - Ability to work independently and in a cross functional team. - Ability to identify both tactical and strategic solutions to complex issues. - Advanced malware analysis experience, such as reverse engineering and disassembly design.  - Must be a U.S. citizen. Preferred Qualifications: - Active Secret or Top Secret security clearance. Compensation: Salary Range: $100,000-$120,000 The SkyePoint Decisions salary range for this position is a general guideline only. It represents an estimated range for this position and is just one piece of our total compensation package. Salary at SkyePoint is determined by various factors, including but not limited to location, work schedule, the candidate’s combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, market data and business considerations. In addition to a competitive salary, SkyePoint offers benefits including a certification incentive program, PTO, floating federal holiday options, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, Vision, ST/LT Disability, Life Insurance, and 401k matched. What We Can Offer You: - At SkyePoint, we go B.I.G. (beginning in GRATITUDE) by recognizing all we have and giving back to our employees, families, and communities. It instills a positive mindset that permeates all we do. By beginning in gratitude, SkyePoint can continue to spread living in gratitude each day. - Great Benefits: Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched - Certificate Incentive Program: To promote professional development, we recognize and reward employees who obtain new certifications aligned with business needs. - Flexible Work Environment SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives. SkyePoint Decisions is a participating E-Verify Employer. U.S. Citizenship is required for most positions. Equal Opportunity Employer/Veterans/Disabled. CCPA Disclosure Notice Here

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results. This is a contingent position based upon customer approval. SkyePoint Decisions is seeking a Sr. Security Control Assessor to join our team supporting a government contract. This is a remote position. Responsibilities: - Provide overall SA/OSA subject matter expertise to the Information System Security and Authorization (SA) program. - Provide specific guidance and technical expertise in the form of standards, policies, procedures, and oversight for the program. - Review and provide guidance on OSA program and continuous monitoring capabilities, PIA, SSPs and identity updates to enhance the quality of these assessments. - Review and provide advice based on analysis for Privacy Impact Assessments (PIA). - Review and provide advice based on analysis for Third Party Website and Applications (TPWA). - Review and analyze all system artifacts for accuracy, completeness, in support of an authorization to operate (ATO) requests. - Review ATO packages under the RMF for customer systems and the systems of the external partners and create or updated ATO packages as necessary before submission for approval. - Create or Review ATO packages prior to submission to CISO and CIO approval. - Ensure all assessment and audit reports are uploaded properly to the FISMA Management Tool: (Cyber Security Assessment and Management (CSAM)). - Coordinate and assist with data calls and data collection efforts for compiled and managed responses from stakeholders for audit and compliance reporting. - Conduct audits of closed Plan of Actions and Milestones (POA&M) for completeness and compliance. - Support the ongoing security authorization (OA) process that includes continuous monitoring. - Provide document development support for CISO sponsored events and responses to questions and concerns. - Draft document review and feedback on application of security and privacy requirements (e.g., technical review boards, review of SSPs, RA’s, contingency plan, POA&M reports). - Track the renewal dates for the security authorizations and ongoing security authorizations to ensure the ATO renewal efforts by working with respective stakeholders, SOs, and ISSOs. - Conduct lessons learned sessions and developing best practices. Required Qualifications: - Must be able to obtain a High Risk/Public Trust Security Clearance. - Bachelor’s or equivalent and five to ten (5-10) years related experience. - At least three years of experience in a computer security incident response role. - At least three years of enterprise Linux and Windows administration. - Experience working in a Security Operations Center. - Experience with Active Directory and other enterprise credential stores. - Passion for information security and incident response. - Experience with cyber threat intelligence. - Excellent communications and interpersonal skills. - Critical thinking and problem-solving skills. - Ability to quickly learn new technologies and respond to changing requirements and environment. - Ability to work independently and in a cross functional team. - Ability to identify both tactical and strategic solutions to complex issues. - Advanced malware analysis experience, such as reverse engineering and disassembly design.  - Must be a U.S. citizen. Preferred Qualifications: - Active Secret or Top Secret security clearance. Compensation: Salary Range: $100,000-$120,000 The SkyePoint Decisions salary range for this position is a general guideline only. It represents an estimated range for this position and is just one piece of our total compensation package. Salary at SkyePoint is determined by various factors, including but not limited to location, work schedule, the candidate’s combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, market data and business considerations. In addition to a competitive salary, SkyePoint offers benefits including a certification incentive program, PTO, floating federal holiday options, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, Vision, ST/LT Disability, Life Insurance, and 401k matched. What We Can Offer You: - At SkyePoint, we go B.I.G. (beginning in GRATITUDE) by recognizing all we have and giving back to our employees, families, and communities. It instills a positive mindset that permeates all we do. By beginning in gratitude, SkyePoint can continue to spread living in gratitude each day. - Great Benefits: Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched - Certificate Incentive Program: To promote professional development, we recognize and reward employees who obtain new certifications aligned with business needs. - Flexible Work Environment SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives. SkyePoint Decisions is a participating E-Verify Employer. U.S. Citizenship is required for most positions. Equal Opportunity Employer/Veterans/Disabled. CCPA Disclosure Notice Here

• Design, implement, and maintain security controls integrated into the SDLC, CI/CD pipelines, and cloud environments, ensuring security by default across development and operations. • Collaborate closely with Engineering and DevOps teams to secure cloud infrastructure, Kubernetes clusters, and containerized workloads. • Implement and maintain security configurations in AWS and GCP (e.g., IAM, WAF, GuardDuty, Security Groups), continuously strengthening the cloud security posture. • Automate security processes and controls using scripting and infrastructure as code to improve efficiency and scalability. • Ensure DevSecOps practices align with compliance frameworks such as PCI DSS, ISO 27001/27701, and SOC 2, supporting audits and internal security assessments. • Explore and evaluate emerging technologies and architectures (e.g., Kubernetes enhancements, AI integrations) to ensure secure adoption.