Responsibilities Cardinal Technology Systems Corp. is a government IT solutions provider servicing commercial and government initiative in various parts of the United States. We are currently seeking an Operational Technology Security Engineer to work for our company. Summary - Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies) - Performs a variety of routine project tasks applied to specialized information assurance problems with operational technology (OT) systems. - Tasks involve integration of OT processes or methodologies with information systems to resolve total system problems, or technology problems as they relate to Cybersecurity requirements. - Analyzes information security requirements. - Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. - Provides security engineering support for planning, design, development, testing, demonstration, and integration of OT systems. Requirements - Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies) - Required Training /Certifications In: ICS300 or relevant Operational Technology “OT” or Industrial Control System “ICS” Cybersecurity Certifications and Forescout – Training Module /Course Completion. - Must possess an active DoD 8570 IAT Level II certification such as Security+ CE, CySA+, and SSCP. - 7+ years of relevant OT Cybersecurity experience. - Experience with OT communication protocols such as Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet, and similar industrial protocols. - Strong understanding of OT systems including SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices. - Knowledge of secure OT network architectures, including segmentation, firewalls, IDS/IPS, and network monitoring solutions. - Understanding of secure remote access technologies and best practices for OT maintenance and monitoring. - Experience managing software and firmware updates for OT devices while minimizing operational disruption. - Proficiency with OT-relevant cybersecurity frameworks such as NIST CSF, ISA/IEC 62443, and NERC CIP. - Familiarity with DoD cybersecurity requirements including STIGs, TCG configuration guides, IAVMs, and Task Orders. - Experience preparing environments for DoD cybersecurity inspections. - Ability to develop, maintain, and validate cybersecurity artifacts and documentation. - Understanding of compliance requirements for OT environments and industry-specific regulatory obligations. - Proficiency in conducting vulnerability assessments across networks, databases, applications, and OT/IT systems. - Knowledge of vulnerability scanning and asset visibility tools (ACAS, Nessus, Qualys, Forescout, EyeInspect). - Updates and tracks POA&M entries by documenting findings, logging remediation actions, and keeping milestone dates current to ensure issues move toward closure. - Experience performing OT-specific risk assessments, identifying threats, vulnerabilities, and operational impacts. - Ability to recommend risk-based mitigation strategies tailored to OT constraints. - Familiarity with secure configuration baselines, hardening procedures, and compliance enforcement. - Experience deploying and tuning security monitoring solutions for OT environments, including anomaly detection and threat intelligence integration. - Ability to develop and implement OT-specific incident response plans. - Knowledge of forensic techniques and tools appropriate for OT systems. - Understanding of patch management workflows and enterprise change management processes. - Ability to build automated workflows for vulnerability remediation, compliance checks, or reporting. - Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platform. - Ability to generate clear, accurate, and audit-ready cybersecurity reports for technical and leadership audiences. - Experience producing analytics and trend reports using data from scanners, configuration tools, and monitoring platforms. - Understanding of vendor and supply chain security practices for OT equipment and services. - Experience bridging IT and OT cybersecurity requirements to ensure aligned policies and protections. - Ability to translate technical findings into actionable recommendations for engineers, operators, and leadership. - Strong research, analytical, and problem-solving abilities. - Excellent written and verbal communication skills, including briefing senior leaders. - Proven ability to work independently and collaboratively with minimal oversight. - Commitment to staying current on emerging OT threats, vulnerabilities, and best practices. Benefits • Medical, Dental, Vision Benefits • Paid Life • Paid Vacation, Holidays, Sick Leave, Floating Holidays, Bereavement Leave • Semi-monthly pay cycle Work With Us Cardinal Technology Systems, Corp (“CTech-Sys”), www.ctech-sys.com, is an SBA Certified 8(a) and HUBZone company located in the National Capital Region (NCR) and serves both government and commercial clients such clients as US CBP, US CIS, DLA, DFuse Technologies, and American Environmental Engineering Consultants. Cardinal Technology Systems, Corp is an Equal Employment Opportunity employer and it’s our policy to consider applicants for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, or any other factors prohibited by law. Employment selections are based on company and client requirements and the qualifications and skills of the candidate. CTech-Sys is committed to actively capitalizing on the diversity of skills, talents and perspectives of our employees.

• Incident Investigation: Lead investigations into high-severity threats, identifying root causes to prevent recurrence. • Threat Containment & Remediation: Take immediate, hands-on action to stop attacks and restore systems to normal operations. • Digital Forensics: Perform host, memory, and network forensics to uncover indicators of compromise (IOCs). • Automation & Tooling: Write scripts (Python, Bash, PowerShell) and build SOAR playbooks to automate response actions. • Monitoring & Hunting: Proactively monitor security alerts and conduct threat hunting to detect malicious activity. • Documentation & Reporting: Create detailed post-mortem reports and update runbooks

Location: All locations in the United States Work Arrangement: Remote, Hybrid, or In-office In support of our growing Risk Advisory practice, we are seeking an experienced CMMC Certified Assessor (CCA) to support and perform CMMC assessments engagements across our client base. This role is ideal for someone who enjoys hands‑on assessment work, working closely with clients, and building deep technical expertise within a collaborative environment. A Day in the Life As a CMMC Certified Assessor, you will support and perform assessments while working closely with Lead Assessors and client teams. A typical day may include: - Supporting and performing CMMC Level 2 assessments in alignment with CMMC and DoD requirements. - Evaluating control design and operating effectiveness and helping identify gaps and deficiencies. - Gathering, reviewing, and validating assessment evidence and maintaining clear, well‑organized documentation. - Contributing to high‑quality workpapers and assessment deliverables aligned with firm methodology and standards. - Interacting directly with client personnel to obtain evidence, clarify requirements, and answer questions. - Supporting Leads with project execution, timelines, and engagement coordination. - Staying current on evolving CMMC guidance, DoD updates, and cybersecurity compliance trends. Who You Are - You have a Bachelor’s degree in Information Security, Information Systems, Computer Science, Cybersecurity, a related field. - You hold an active CCA (CMMC Certified Assessor) certification, including adjudicated Tier 3 background. - You have 3+ years of experience in cybersecurity, compliance, risk management, or GRC, preferably in consulting or client‑facing roles. - You have hands‑on experience supporting or performing CMMC readiness efforts and/or assessments. - You have working knowledge of CMMC requirements, assessment objectives, and evidence expectations. - You are detail‑oriented with the ability to manage tasks across multiple engagements. - You are interested in continuing to grow within CMMC and cybersecurity compliance. - You have the ability to travel up to 15%, as needed. Must be authorized to work in the United States now or in the future without visa sponsorship. Making an Impact Together People join Eide Bailly for the opportunities and stay because of the culture. At Eide Bailly, we've built a collaborative workplace based on integrity, authenticity, and support for one another. You'll find opportunities for education and career growth, a team dedicated to your success, and benefits that put your family's needs first. Hear what our employees have to say about working at Eide Bailly. Compensation: $80,000-$125,000 Our compensation philosophy emphasizes competitive and equitable pay. Eide Bailly complies with all local/state regulations regarding displaying ranges. Final compensation decisions are dependent upon factors such as geography, experience, education, skills, and internal equity. Benefits Beyond base compensation, Eide Bailly provides benefits such as: generous paid time off, comprehensive medical, dental, and vision insurance, 401(k) profit sharing, life and disability insurance, lifestyle spending account, certification incentives, education assistance, and a referral program. Next Steps We'll be in touch! If you look like the right fit for our position, one of our recruiters will be reaching out to schedule a phone interview with you to learn more about your career interests and goals. In the meantime, we encourage you to learn more about us on Facebook, Twitter, Instagram, LinkedIn or our About Us page. For extra assistance in your job search journey, explore EB Career Resources—a complimentary external tool that offers career exploration, resume workshops, interview prep and other professional development options. Eide Bailly LLP is proud to be an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status, or any other status protected under local, state or federal laws #LI-MB1 #LI-REMOTE

Location: All locations in the United States Work Arrangement: Remote, Hybrid, or In-office In support of our growing Risk Advisory practice, we are seeking an experienced Lead CMMC Certified Assessor (LCCA) to play a key role in expanding our CMMC assessment capabilities. This opportunity is best suited for someone with deep IT audit expertise and an entrepreneurial mindset who is interested in helping build and shape a growing practice. We are looking for a proven assessor who enjoys client engagement, mentoring others, and contributing beyond delivery – someone motivated by influence, growth, and impact. A Day in the Life As a Lead CMMC Certified Assessor, you will serve as a trusted advisor to clients while helping develop and scale our CMMC services. A typical day might include: - Leading and performing CMMC Level 2 assessments in alignment with CMMC and DoD requirements. - Evaluating control design and operating effectiveness, identifying gaps and vulnerabilities, and documenting observations and findings. - Serving as engagement lead, providing project planning, delivery oversight, quality control, and budget management. - Communicating project status, risks, and financials to clients and internal stakeholders. - Mentoring and supporting assessors and consultants as the practice grows. - Collaborating with firm leadership on practice development, go‑to‑market strategy, and business development activities. - Contributing to internal growth initiatives, sales calls, presentations, and thought leadership. - Staying current on evolving CMMC guidance, DoD updates, and cybersecurity compliance trends. Who You Are - You have a Bachelor’s degree in Information Security, Information Systems, Computer Science, Cybersecurity, or a related field. - You hold an active LCCA (Lead CMMC Certified Assessor) certification, including adjudicated Tier 3 background. - You have 5+ years of experience in cybersecurity, compliance, risk management, or GRC, preferably in consulting or client‑facing roles. - You have hands‑on experience with CMMC readiness and/or assessments. - You have strong understanding of CMMC requirements, assessment objectives, and evidence evaluation. - You can manage multiple client engagements while maintaining attention to detail and quality. - You have an entrepreneurial mindset with interest in shaping offerings, methodology, and delivery models. - You have the ability to travel up to 15%, as needed. Must be authorized to work in the United States now or in the future without visa sponsorship. Making an Impact Together People join Eide Bailly for the opportunities and stay because of the culture. At Eide Bailly, we've built a collaborative workplace based on integrity, authenticity, and support for one another. You'll find opportunities for education and career growth, a team dedicated to your success, and benefits that put your family's needs first. Hear what our employees have to say about working at Eide Bailly. Compensation: $105,000-$165,000 Our compensation philosophy emphasizes competitive and equitable pay. Eide Bailly complies with all local/state regulations regarding displaying ranges. Final compensation decisions are dependent upon factors such as geography, experience, education, skills, and internal equity. Benefits Beyond base compensation, Eide Bailly provides benefits such as: generous paid time off, comprehensive medical, dental, and vision insurance, 401(k) profit sharing, life and disability insurance, lifestyle spending account, certification incentives, education assistance, and a referral program. Next Steps We'll be in touch! If you look like the right fit for our position, one of our recruiters will be reaching out to schedule a phone interview with you to learn more about your career interests and goals. In the meantime, we encourage you to learn more about us on Facebook, Twitter, Instagram, LinkedIn or our About Us page. For extra assistance in your job search journey, explore EB Career Resources—a complimentary external tool that offers career exploration, resume workshops, interview prep and other professional development options. Eide Bailly LLP is proud to be an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status, or any other status protected under local, state or federal laws #LI-MB1 #LI-REMOTE