• Tenable is seeking a Principal Security Engineer to support demos and evaluations of enterprise opportunities across the territory. • Assist in developing business value propositions around Tenable's products and solutions. • Drives sales with technical expertise, account management skills, sales ability and a superior customer focus. • Participates as part of a sales team to achieve or exceed revenue targets. • Become a Vulnerability and Risk Management SME and advisor to some of the world’s largest organizations. • Meet with prospective clients to discover what their biggest security challenges and highest priority business drivers are. • Map Tenable’s unique business value and differentiators to their challenges and business drivers. • Perform custom portfolio demonstrations based on strong discovery question and real intel. • Partner with like-minded peers across Tenable to build exceptionally strong teams and shared knowledge. • Influence product directions, make a difference and be part of Tenable’s growth and leadership in the ever faster-moving world of network security.

• Develop mobile software for Android and iOS platforms using Flutter. • Create mobile solutions to increase revenue, improve customer experience, and deliver new business models. • Maintain existing software systems by assessing and fixing defects. • Ensure the security and integrity of mobile applications and user data.

Overview Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted. The Space and Intelligence Division provides professional services to the US Space Force, Combatant Commands, Intelligence Community, and NASA. Our work includes enterprise architectural assessments, systems engineering and integration, test, planning and execution, cost estimating and analysis, acquisition support, and cybersecurity. We are trusted partners developing approaches and concepts to meet emerging high priority needs, assessing cutting-edge technologies, and supporting capabilities for our National Defense. Come join the fastest growing Division at Systems Planning and Analysis, Inc.! The Space Systems Group (SSG), part of SPA’s Space and Intelligence Division, provides timely and objective assessments and recommendations integrating technical, operational, programmatic, policy and business analysis. We focus on our key clients in the Space community including the US Space Force’s Space Systems Command (USSF/SSC), one of the three designated Field Commands under USSF. We work tirelessly to provide integrated solutions based on information and communications throughout the chain of command. We provide clear and consistent analysis and recommendations which are aligned to strategic and leadership goals while balancing the ability to execute on time and on budget within the technical communities. Come join an organization responsible for being a key enabler of Spacepower! SPA has an immediate need for an Information System Security Manager (ISSM). Responsibilities The Information Systems Security Manager (ISSM) is responsible for the end-to-end cybersecurity posture of the KM Platform across all environments, classifications, and mission systems—current and future. This role leads the cybersecurity branch within Systems Engineering and directs a team of ISSEs/ISSOs to ensure security is not a compliance afterthought, but a continuously enforced, operational capability embedded into the platform. The ISSM owns the integrity of the platform’s authorized boundary, ensuring that security remains consistent, scalable, and resilient as the platform evolves. This role establishes and enforces the security model that enables application teams to deliver rapidly and confidently by removing security as a source of variability, rework, or delay. Core Responsibilities - Lead and manage the cybersecurity function, providing direction, prioritization, and oversight for all ISSE/ISSO personnel supporting the platform - Own and maintain the platform’s cybersecurity posture across all environments (IL4, IL5, IL6, and classified), ensuring alignment with ATO requirements and mission needs - Establish and enforce a consistent security baseline that persists across applications, environments, and time, eliminating variability in how security is applied - Govern all changes to the platform through a structured security impact and configuration management process to preserve the integrity of the authorized boundary - Oversee continuous monitoring, vulnerability management, and remediation processes to ensure risks are identified, prioritized, and resolved proactively - Ensure application onboarding integrates security requirements from the start and that enforcement is automated through DevSecOps pipelines (e.g., scanning, SBOM, policy enforcement) - Enforce least-privilege access, workload isolation, and auditability across all platform users, systems, and data - Serve as the primary authority and interface for cybersecurity with government stakeholders, Authorizing Officials, and external auditors - Drive standardization of security practices across teams, ensuring predictable, repeatable paths to production without rework or ambiguity - Integrate cybersecurity into platform engineering, DevSecOps, and operational workflows to enable secure continuous delivery at scale Expected Outcomes - Security is a built-in, continuously enforced capability of the platform, not a variable introduced by individual teams or deployments - The platform maintains sustained ATOs across environments, with changes introduced without degrading the authorized boundary or requiring rework - Application teams experience predictable, frictionless paths to production, with clear and stable security requirements that do not change midstream - Vulnerabilities are identified early and resolved proactively, minimizing operational risk, audit findings, and mission impact - All platform changes are controlled, assessed, and introduced without unintended security consequences, preserving system stability and trust - Access, data, and workloads are securely isolated and auditable, reducing risk exposure and ensuring accountability across users and teams - The software supply chain is transparent and continuously monitored, with full visibility into dependencies and associated risks - Cybersecurity enables speed, not delay, allowing rapid, secure delivery of mission capabilities without sacrificing assurance - The cybersecurity team operates as a high-performing, unified function, delivering consistent outcomes across all environments and programs Qualifications Qualifications: - Active Top Secret clearance - Bachelor’s degree in relevant field of study from an accredited institution - 10 years of relevant hands-on experience - Demonstrated experience leading a cybersecurity program or function, including directing ISSE/ISSO personnel and managing security strategy across multiple environments or classifications - Proven ability to own and maintain a system’s cybersecurity posture, ensuring alignment with ATO requirements and governing security frameworks across IL4–classified environments - Hands‑on background establishing and enforcing consistent security baselines, conducting security impact assessments, and governing changes through structured configuration‑management processes - Deep experience overseeing continuous monitoring, vulnerability management, remediation workflows, and automated enforcement of security requirements within DevSecOps pipelines - Strong track record interfacing with government cybersecurity stakeholders and auditors, communicating and defending security decisions, and ensuring predictable, secure paths to production

• Own and mature Hex’s security and privacy compliance program across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other frameworks relevant to our business • Ensure continuous audit readiness: maintain controls, gather evidence, manage auditors, and implement improvements. • Track regulatory and industry changes, advising Hex leadership on impact and recommended responses. • Maintain and develop core security policies, standards, and procedures, tailoring them to Hex’s real operating environment. • Own Hex’s risk management lifecycle: identify, assess, track, and drive mitigation of security, privacy, operational, and regulatory risks. • Build lightweight but effective governance processes, ensuring clear ownership, documentation, and accountability. • Serve as the primary owner of customer and prospect security questionnaires, risk assessments, and contractual security provisions. • Manage and improve Hex’s Trust Center / trust portal, ensuring accurate and compelling communication of Hex’s security posture. • Lead internal and external audits from planning through remediation. • Own Hex’s third-party risk management program, including vendor assessments, reviews, and ongoing monitoring. • Define and run security awareness training tailored to Hex’s environment.