• Provide direct line management for a team of security engineers (approximately 5–6), focusing on growth and mentorship, psychological safety, operational excellence, and measurable risk reduction. • Work closely with product owners, engineering managers, and technical leads to embed security into planning and delivery, including threat modeling, security requirements, and secure design reviews. • Partner with engineering leaders, architects, and delivery teams to define and evolve security architecture standards, reference designs, and secure-by-default patterns across the organization. • Define, implement, and track security metrics (e.g., vulnerability SLAs, coverage of security testing, time-to-remediate, and control adoption) to monitor and improve security outcomes. • Own and evolve cloud security posture practices, including identity and access management, network segmentation, secrets management, and configuration baselines, in partnership with infrastructure and platform teams. • Stay abreast of the threat landscape, emerging vulnerabilities, and security engineering trends; translate them into pragmatic controls and engineering improvements. • Provide timely, actionable feedback and coaching; create growth plans that build security engineering depth and leadership capability. • Drive security automation across the SDLC, including SAST/DAST, dependency scanning (SCA), secrets scanning, and infrastructure-as-code scanning. • Lead a pragmatic application security and vulnerability management program: triage findings, set remediation priorities with engineering, and track SLA performance.

We are knowmad mood! Somos una compañía líder en transformación digital, en constante evolución y a la vanguardia de la tecnología. Nacimos para provocar un cambio real a través de la innovación y el desarrollo sostenible, con la misión de aportar valor a los clientes e impulsar nuestro talento. Formado por más de 3.000 personas creativas, digitales e innovadoras conectadas a un propósito y capaces de generar conexiones con personas de todo el mundo. Un equipo responsable, flexible y con alta capacidad de adaptación a las necesidades de nuestros clientes y del mercado, a la vez que proporciona valor, visión, creatividad, expertise, profesionalidad y pasión por la tecnología en cada proyecto. Los valores que marcan nuestro rumbo y nos guían hacia la excelencia son la colaboración, la innovación, el compromiso, la diversión y la confianza. ¿Qué es lo que valoramos? Experiencia profesional de más de 3 años en: Tecnologias: - Active Directory (AD), Azure Active Directory / Microsoft Entra ID. LDAP (OpenLDAP, RedHat Directory Services u otros). Servicios de Federación: ADFS SAML / OAuth2 / OpenID Connect - Plataformas IAM (Identity & Access Management): SailPoint IdentityIQ / IdentityNow, CyberArk (gestión de cuentas privilegiadas), Ping Identity, Okta, Forgerock, IBM Security Verify (antiguo ISIM / IGI) - Bases de Datos y Consultas Técnicas: SQL Server, Oracle, MySQL, PostgreSQL. Uso de SQL avanzado: - Monitorización, Logging y Trazabilidad: Splunk, ELK Stack (Elastic, Logstash, Kibana), Grafana / Prometheus, Azure Monitor / Log Analytics, Sentry, Datadog (menos común pero posible) ¿Cuáles serían tus funciones? · Liderazgo, coordinación, gestión y liderazgo de equipos pequeños. • Gestión de incidencias N2: resolución de incidencias técnicas no procedimentadas, con capacidad de análisis autónomo. • Análisis técnico: consultas SQL, revisión de logs, identificación de causas raíz. • Colaboración con N1: escalado eficiente y retroalimentación continua. • Gestión del conocimiento: documentación de soluciones y procedimientos emergentes. Además, valoraremos muy positivamente si tienes experiencia y/o conocimientos en: Automatización, Scripting y Herramientas de Línea de Comandos · PowerShell (fundamental en Identity), Bash, Python (para validaciones y automatizaciones en algunos clientes) · CLI de Azure o Microsoft Graph para consultas a directorios Herramientas de Gestión de Incidencias y DevOps · Jira, ServiceNow, GLPI, Remedy · Confluence (documentación) · Git / GitLab / GitHub (control de versiones de scripts o configuraciones) · Metodologías Agile / Kanban Y con nosotros podrás disfrutar de: ✅Contrato Indefinido ✅ 100% REMOTO ✅Formación interna y acceso a certificaciones ♻Consulta nuestro calendario aquí: https://www.knowmadmood.com/es/talento/formacion ✅Plan de retribución flexible (seguro médico, transporte, tickets guardería, tickets restaurante) ✅Embajador de nuestra marca, a través de nuestro plan amigo ¡Recomienda a tus amigos y llévate un extra! ✅¡Eventos, meetups, techdays, charlas...y mucho más! ✅ 26 días de descanso (22 días vacaciones, 2 días de libre disposición y 24 y 31 diciembre festivos por defecto) ✅ Horario: 8.30 a 18h ( flexible) L-J y V 8 a 15h e Intensiva de Verano Julio y Agosto de 8 a 15h Para estar al corriente de nuestras novedades síguenos aquí -> knowmad mood En knowmad mood nos comprometemos con la igualdad de oportunidades y el respeto a la diversidad. Aplicamos nuestro Plan de Igualdad y el principio de no discriminación en todos nuestros procesos de selección.

We are seeking a highly detail-oriented and inquisitive Cybersecurity Operations Coordinator to join our Threat Research, Response, and Analysis Center (TRRAC) team. This role supports cyber threat intelligence and incident response initiatives, providing critical support to Incident Commanders and Analysts throughout the incident lifecycle. Positioned within the Operations Coordination and Communications (OCC) function, you will serve as TRRAC’s operational subject matter expert, ensuring adherence to the Incident Response Plan and cybersecurity frameworks. The ideal candidate thrives in fast-paced, ambiguous environments and possesses strong writing skills to clearly communicate complex cyber incidents to both technical and non-technical global audiences, while also organizing and maintaining long-term project goals. You will balance executing small critical tasks with driving large-scale initiatives. Key Responsibilities: - Manage incident operations including tracking, note-taking, and preparing lessons learned to ensure compliance with governance standards. - Serve as Communication Liaison during cyber incidents, drafting clear, high-quality reports for global executive audiences under tight deadlines. - Collaborate with TRRAC and stakeholders to create and maintain knowledge articles and process documentation. - Lead technical projects by gathering requirements, developing plans, tracking progress, providing updates, and driving initiatives to completion with minimal supervision. - Support regular and ad hoc reporting requirements for the TRRAC program. - Develop training materials and presentations aligned with company and TRRAC branding to facilitate knowledge sharing and training.

ZERMOUNT POSITION DESCRIPTION (PD) SECURITY & RISK ENGINEER (SRE) POSITION OVERVIEW Zermount Inc. is seeking a System Risk Engineer (SRE) to support system risk analysis and ensure that federal information systems comply with Information Assurance and cybersecurity standards. The SRE exists to ensure organizational systems are secure, resilient, and defensible in real-world operating conditions, not simply compliant with security documentation. This role directly contributes to mission assurance by identifying, validating, and reducing cybersecurity risk through direct technical assessment, control validation, and risk-based decision support across enterprise environments. Operating at the intersection of security engineering, risk assessment, and compliance, the SRE transforms federal mandates (e.g., NIST RMF, FISMA, EO 14028, OMB directives) into measurable security outcomes by validating the effectiveness of security controls within live systems. The role requires continuous evaluation of system posture through hands-on analysis of architectures, configurations, logs, vulnerability data, and control implementations across cloud, network, operating system, application, and database layers. This position demands foundational technical expertise across multiple domains, enabling the SRE to assess complex enterprise environments, identify exploitable conditions, and determine whether implemented security controls effectively reduce risk. The SRE is expected to go beyond documentation review and verify findings through system-level evidence, testing, and analysis, ensuring the findings reflect actual operational risk. The SRE is a core enabler of Zermount's Modern GRC mindset, which emphasizes: - Continuous, real-time risk identification during compliance assessments - Risk prioritization based on exploitability, exposure, and mission impact - Direct integration with engineering and operations teams to drive remediation - Elimination of "check-the-box" compliance in favor of validated security outcomes You will be directly responsible for supporting system authorization and mission assurance by producing objective, defensible, and technically accurate findings that enable Authorizing Officials, ISSOs, and system owners to make informed risk decisions. This includes conducting security control assessments, validating Zero Trust implementation, analyzing architectural and configuration changes, and ensuring that remediation actions are both effective and sustainable to reduce risk. DUTIES & RESPONSIBILITIES General Duties - Execute Security Assessments (SA), Risk Assessments (RA), and Ongoing Authorization (OA) activities by validating security controls in live environments, not solely through documentation review - Conduct technical verification and validation of security controls across operating systems, applications, databases, cloud platforms, and network infrastructure - Identify real-world security risks, including exploitable vulnerabilities, misconfigurations, weak trust boundaries, and control failures - Perform continuous risk analysis using outputs from vulnerability scans, penetration testing, logging platforms, and configuration assessments - Develop risk-based findings and POA&M matrices, prioritizing remediation based on exploitability, exposure, and mission impact - Produce executive-quality artifacts (SARs, risk memos, ATO packages, executive briefings) with validated, evidence-backed findings - Conduct impact analysis for Requests for Change (RFCs), identifying security implications of architectural, configuration, or system modifications - Validate Zero Trust implementation and alignment across system architectures and capabilities - Perform technical assessments of system architecture, data flows, and trust boundaries to identify control gaps - Conduct compliance validation for TIC, FISMA, and federal cybersecurity mandates through technical inspection and testing - Ensure all deliverables meet accuracy standards with zero rework required and are aligned to program and client expectations - Provide weekly status reporting and briefings with clear articulation of risks, risk mitigation progress, and technical findings SUBJECT MATTER EXPERTISE (SME) SME Area #1 – Primary Expertise: Security Assessment & Technical Risk Validation Expert-level means: - Deep knowledge of: - NIST RMF (800-37, 800-53, etc.) - FISMA, EO 14028, OMB M-21-31 / M-22-09 - FIPS 199/200 - TIC, Zero Trust principles (CISA ZT MM, NIST 800-207, etc.) - Ability to independently conduct: - Security Control Assessments (SCA) - Risk Assessments (RA) - ATO/OA activities - Capability to validate controls using: - System configurations - Logs and telemetry - Vulnerability scanning outputs - Conducting system interviews and demos - Ability to identify real-world attack vectors and control failures, and develop actionable remediation actions that the system teams can use to successfully remediate findings Required Tools Experience: - Vulnerability scanning tools such as: Tenable, Qualys, CrowdStrike, etc. - Log analysis platforms such as: Splunk, Microsoft Sentinel, IBM QRadar, etc. - Configuration and system inspection tools such as: Ansible, Terraform, Puppet, etc. - GRC platforms such as: Archer, ServiceNow, etc. SME Area #2 – Secondary Expertise: Multi-Domain Technical Depth You must have deep knowledge of one or more of the following technical domains and must demonstrate the ability to leverage this experience to inform and complete compliance-related tasks. Technical Domains - Cloud: AWS/Azure (IAM, logging, network security, misconfigurations) - Network: Segmentation, firewalls, boundary protections, Zero Trust enforcement points - Systems: Windows/Linux hardening, identity systems (AD, MFA) - Databases/Data: Access control, encryption, auditing QUALIFICATIONS Minimum Requirements - 7+ years of cybersecurity experience supporting U.S. Government systems - 4+ years performing RMF, ISSO, Assessment, or GRC functions with direct technical validation responsibilities - Demonstrated hands-on experience in at least two technical domains (cloud, network, systems, or databases) - Proven ability to analyze: - System configurations, ATOs, and other supporting security documentation - Logs/telemetry - Architecture documentation and data flow diagrams - Proven ability to conduct technical assessments across multiple domains Preferred Qualifications - Experience with Zero Trust assessments and implementation validation - Experience with CDM, ISCM, and enterprise logging programs - Experience supporting DHS/FISMA environments - Familiarity with threat-informed defense and attack vector analysis Competency - Advanced technical risk analysis and prioritization - Independent problem-solving in ambiguous environments - Strong collaboration with system teams, federal leads - Ability to translate complex technical findings into actionable recommendations - Clear communication with both engineers and leadership Education & Certifications - Bachelor of Science (B.S.) in Computer Science, IT, Cybersecurity, or a related field, and a minimum of 7 years of IT cybersecurity experience, including direct support for the US Government and 4 years acting as an ISSO, Assessor, Compliance, RMF, or GRC with a technical validation role. - Without a B.S. in a relevant field - A minimum of 13 years of IT Cybersecurity experience, including direct support for the US Government, and 4 years acting as an ISSO, Assessor, Compliance, RMF, or GRC with a technical validation role. - At least one of the following security certifications is required: - Certified Authorization Professional (CAP) - Certified Information Security Auditor (CISA) - Certified Information Security Manager (CISM) - Certified Information Systems Security Professional (CISSP), or Certified Chief Information Security Officer (CCISO) - Governance Risk & Compliance Certification (CGRC) - Or alternatively approved certifications Clearance Level Minimum of active Secret Clearance and ability to obtain and maintain DHS suitability WORK LOCATION - The position is primarily remote – Continental U.S only - Primary location when on site: Arlington, VA, and Springfield, VA - Must be willing to travel - Not to exceed 10% of the time HOURS OF OPERATION - 8:00 am EST – 4:30 pm EST - Times may fluctuate based on client and business requirements REPORTING STRUCTURE - Reports To: Security Risk Engineering Team Lead - Direct Reports: N/A