• Design, build, and maintain detection-as-code capabilities across cloud infrastructure, SaaS applications, endpoints, and identity systems, improving coverage and signal quality through Data-Driven Decision Making • Build automated investigation and response workflows that replace manual runbooks, leveraging AI First principles to scale triage, enrichment, containment, and remediation • Develop and deploy AI/LLM-powered tooling to accelerate investigations, reduce alert fatigue, and extend team capacity beyond traditional headcount constraints, embedding AI First practices into daily workflows • Lead and participate in incident response, including detection, investigation, containment, and retrospectives, applying First Principles Problem Solving to identify root causes and improve long-term resilience • Partner cross-functionally with engineering and platform teams to expand logging, improve observability, and embed detection capabilities into the development lifecycle • Continuously improve detection quality by analyzing alert performance, tuning for signal, and building feedback loops between incidents and detections using Data-Driven Decision Making • Proactively identify gaps in visibility or coverage and translate ambiguous problem spaces into concrete detection and response solutions through First Principles Problem Solving • Adapt quickly to evolving threats, tools, and priorities, helping the team maintain momentum and effectiveness through Change Agility

Role Description As a Security Engineer III, you will lead the design, deployment, and ongoing management of secure Microsoft 365 GCC High environments for Marco’s CMMC-regulated customers. You will drive automation initiatives to streamline security operations, reduce ticket volume from our MDR provider, and deliver efficient, scalable incident response and vulnerability remediation. This position serves as a senior technical resource for customer environment hardening, compliance alignment, and security service delivery across Marco’s managed security portfolio. - Lead the provisioning, configuration, and ongoing management of Microsoft 365 GCC High environments for CMMC-regulated customers, ensuring alignment with CMMC Level 2 and Level 3 requirements and DoD security standards. - Design and implement secure baseline configurations for Microsoft 365 GCC High, including conditional access policies, data governance, identity and access management, and compliance controls aligned to CMMC and NIST SP 800-171. - Serve as a primary technical resource for CMMC customer onboarding, environment hardening, compliance gap remediation, and ongoing support within managed Microsoft 365 GCC High tenants. - Develop and implement automation workflows to streamline security ticket triage, response, and resolution—reducing manual effort and ticket volume originating from Marco’s MDR provider. - Analyze MDR alert trends and recurring incident patterns to identify root causes and engineer automated or procedural responses that drive service efficiency and reduce mean time to respond (MTTR). - Lead customer security incident response activities, including investigation, containment, eradication, and recovery within managed customer environments, ensuring timely communication and post-incident reporting. - Perform proactive vulnerability management and remediation across customer environments, prioritizing based on risk, exploitability, and customer compliance obligations. - Manage competing priorities and set expectations with stakeholders through proactive communication, planning, and documentation of technical requirements and outcomes. - Be a point of escalation within the team to handle and resolve complex security issues, involving direct management as needed. - Respond in a timely manner to tickets and incidents within established procedures, and contribute to best practices, knowledge base articles, and process documentation. - Stay up to date with relevant technology, emerging threat intelligence, and regulatory changes affecting CMMC, FedRAMP, and government cloud environments. - Accurately maintain and comply with documentation, communication, time entry, and administrative procedures in a timely manner. - Participate in on-call rotation and after-hours work as required. Qualifications - Bachelor’s degree in computer science, cybersecurity, information security, or a related field or equivalent experience in lieu of education. - Minimum of 8 years of experience in information technology and information security, with experience working in managed security services or security operations. - Proven experience with Microsoft 365 administration and security configuration, with hands-on experience in GCC High or other government cloud environments strongly preferred. - One or more of the following certifications is strongly preferred: Microsoft Certified: Security Operations Analyst (SC-200), Information Protection Administrator (SC-400), or Identity and Access Administrator (SC-300); CompTIA Security+, CySA+, or CASP+; or CISSP/equivalent; Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA) a plus. Requirements - Advanced experience with five or more of the following: - Microsoft 365 GCC High administration and secure configuration. - CMMC compliance frameworks (Level 2 and/or Level 3) and NIST SP 800-171. - Endpoint detection and response (EDR) solutions and SIEM platforms. - Vulnerability management and remediation workflows. - Email security solutions and Microsoft Defender suite. - Network and host firewalls and network architecture. - Microsoft Azure and Entra ID (Azure AD) in government cloud or FedRAMP-authorized environments. - Demonstrated experience developing automation using PowerShell, Python, or similar scripting languages for security operations use cases, including alert triage, ticket routing, and automated response playbooks. - Experience working with MDR providers, interpreting alert feeds, and building automation or process improvements to reduce tier-1 ticket volume and improve analyst efficiency. - Experience conducting or supporting customer security incident response, including investigation, containment, eradication, and post-incident reporting. - Expertise with implementing, securing, and configuring solutions according to industry and vendor best practices, particularly within regulated or FedRAMP-authorized environments. - Knowledge of CMMC, NIST CSF, NIST SP 800-171, CIS Controls, and related compliance frameworks applicable to government contractors and regulated customers. - Knowledge of service management concepts for IT and/or security operations and related standards. - Proficiency with Microsoft 365 applications and business collaboration tools. - Demonstrates attention to detail. - Exceptional organizational and time/task management skills. - Self-starter with the ability to perform with little or no direct supervision and takes initiative to improve processes. - Excellent communication skills in working with technical and non-technical people, and the ability to develop and maintain collaborative relations among all levels of an organization. - Treats people with respect; Works with integrity and ethically; Upholds organizational values. - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values. - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality. Benefits - Pay Range: $101,249 - $161,998 annually. - The pay range listed for this position is based on candidate's skill level, experience, relevant licenses, and educational background. - For detailed information about our benefits, please visit our careers page at www.marconet.com/careers .

Role Description Hands-on experience leading & operationalizing enterprise AI security and MLSecOps programs, embedding security across the full lifecycle—from data ingestion and model development to deployment, inference, and continuous monitoring—aligned to business risk, regulatory expectations, and enterprise transformation objectives. - Design and evolve AI security architectures and operating models that address emerging threat vectors such as prompt injection, model supply chain compromise, data poisoning, adversarial attacks, and multi-agent system failures—driving secure-by-design principles across AI, cloud, and digital platforms. - Lead AI-specific threat modeling, risk assessments, and control design, translating complex technical risks into actionable mitigation strategies and enterprise guardrails, while enabling scalable and compliant AI adoption across business units. - Architect and implement end-to-end security controls across AI ecosystems, including data pipelines, model artifacts, vector stores, APIs, and agent frameworks—integrating with identity and access management, monitoring, and enterprise security platforms. - Integrate AI security into enterprise cybersecurity strategy, governance, and operating models—aligning with frameworks such as NIST AI RMF, ISO standards, and industry best practices, while ensuring consistency across DevSecOps, cloud security, and risk management domains. Qualifications - 10+ years of experience in cybersecurity, with demonstrated leadership in cloud security, application security, infrastructure or AI/ML security domains. - Proven experience leading large-scale security transformations or consulting engagements within complex enterprise environments. - Deep expertise in security architecture, threat modeling, and secure system design across cloud-native and AI-driven platforms. - Strong understanding of enterprise security frameworks (NIST, ISO, CIS) and regulatory environments. - Experience with AI/ML platforms (AWS, Azure, GCP), containerized environments, and infrastructure-as-code. - Exceptional communication and executive presence, with the ability to influence both technical and business stakeholders. Requirements - Serve as a trusted advisor to executive stakeholders, translating AI security risks into business-aligned insights, investment priorities, and transformation roadmaps—enabling secure AI adoption while balancing innovation, resilience, and compliance. - Lead multiple concurrent AI security projects, end-to-end delivery of complex, high-impact programs across enterprise environments. - Develop and deliver executive-level presentations, proposals, and board-ready materials that articulate AI risk posture, security maturity, and strategic recommendations. - Embed security into AI/ML engineering workflows, including MLOps, DevSecOps, and CI/CD pipelines—ensuring secure development, deployment, and operation of AI systems at scale. - Drive continuous validation of AI systems through adversarial testing, red teaming, and automated assurance—ensuring resilience against manipulation, privacy leakage, unsafe outputs, and model drift. - Shape and expand AI security offerings and capabilities, contributing to the development of go-to-market strategies, methodologies, and reusable frameworks that differentiate the practice in the market. - Lead business development efforts, including proposal creation, solution design, and client engagement strategy—bringing original thought leadership to each opportunity. - Mentor and develop high-performing teams, fostering technical depth, consulting excellence, and continuous learning across AI security, cloud, and emerging technology domains. - Act as a change agent across client organizations—driving adoption of new security models, influencing stakeholders, and enabling transformation at scale. - Partner closely with data scientists, engineers, DevOps teams, and governance stakeholders to embed security into AI system design, development, and operations—ensuring secure and scalable implementation. - Work across global, cross-functional teams to establish enterprise standards, reference architectures, and security guardrails for AI and generative AI systems. Benefits - Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program. - Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement. - Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement. - Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program.

Role Description As the Segmentation Practice Manager, you will own and grow WWT’s network segmentation services business, building a differentiated practice around industry-leading platforms including Illumio, Guardicore, and Cisco Secure Workload. You will lead a team of segmentation consultants, drive revenue through the development and scoping of services engagements, author Statements of Work (SOWs), and provide hands-on project oversight to ensure successful client outcomes. You will serve as the primary subject matter expert and client-facing leader for segmentation initiatives, guiding enterprise clients through the full lifecycle — from initial assessment and architecture design through solution deployment and ongoing optimization. This role requires a blend of deep technical expertise, consulting acumen, business development instincts, and strong people leadership. Qualifications - Bachelors degree preferred - CISSP, CISM, CISA or compliance certifications desired - 5-10 years’ experience in: - Leadership (prior roles with management or higher titles) - Zero-trust architecture, concepts, and solutioning - Enterprise segmentation architecture, concepts, and solution options (including OEM technology offerings such as Illumio, Guardicore & Cisco) - Security consulting with example deliverables (or equivalent roles) - Overall cyber security technical experience - Networking expertise, including previous hands-on roles in supporting routers, switches, and firewalls - Knowledge of current and upcoming security technologies and operations - Working knowledge and consulting experience in at least five of the following areas: - Zero Trust Architectures - Enterprise Segmentation and associated technologies - Operational Technologies and Environments - Threat and Vulnerability Management - Data Protection and Privacy - Security Operations - Identity and Access Management - Network and Systems Security - Ability to perform concurrent tasks in complex environments under adjusting priorities - Ability to communicate and modify approach, language, and style to different audiences - Professional writing style and experience with demonstrable technical and business-related artifacts is required - Collaborative, with the ability to manage conflicting interests and deal with ambiguity - Effective communication skills: capable of supporting presentations to convey concepts and solutions, writing effective emails, and discussing strategy with senior executives - Strong teamwork qualities: able to gain the trust of customers and collaborate effectively within the WWT team - Intellectually curious with a desire to understand constantly evolving technology solutions - Proactive, collaborative, with emotional intelligence, and the capacity to learn and synthesize new information - Adaptable, with the ability to conform to shifting priorities, demands, and timelines through analytical and problem-solving capabilities - Self-directed, with the ability to adapt to change and competing demands Requirements - Develop and execute a growth strategy for the segmentation practice, building pipeline and revenue across Illumio, Guardicore, and Cisco Secure Workload - Partner with sales, account teams, and OEM partners to identify and pursue segmentation services opportunities - Position WWT’s segmentation offerings as differentiated and best-in-class through thought leadership, white papers, and client presentations - Maintain strong relationships with Illumio, Guardicore, and Cisco partner teams to drive joint go-to-market motions - Lead the scoping of segmentation engagements, translating client requirements into clearly defined project scope, deliverables, timelines, and resource plans - Author professional, accurate Statements of Work (SOWs) and proposals that reflect WWT’s delivery methodology and pricing models - Work closely with clients to understand their specific security needs, provide tailored recommendations, and guide them through the adoption of segmentation and zero trust practices - Oversee the execution of projects related to segmentation, including planning, coordination, and delivery, ensuring that solutions meet client requirements and are delivered on schedule - Ensure that security measures align with industry regulations and best practices. Advise clients on compliance requirements related to segmentation and zero trust - Recruit, develop, and retain a high-performing team of segmentation consultants and engineers Benefits - Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program - Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement - Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement - Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program