• Deliver world-class cyber security assessment and advisory services across multiple Compliance offerings while ensuring customer satisfaction (up to 15% travel to U.S. locations is required). • Work effectively as a team member on large engagements. • Remain current on technical knowledge and industry developments and incorporate into service delivery. • Achieve and maintain relevant cyber security and audit certifications. • Contribute to practice and offering development. • Provide presales support for Compliance opportunities when requested. • Publish content and/or perform speaking engagements to demonstrate thought leadership. • Demonstrate GuidePoint’s Core Values at all times: • Take Charge and Complete Our Mission • Challenge Ourselves and Have Fun Doing It • Wow Them • No Jerks

Role Description We’re expanding our security engineering capabilities to support our mission in quantum technology and secure infrastructure. We’re looking for a Security Engineer who can balance hands-on engineering with the rigor required for operating in commercial, federal, and regulated environments. You’ll join a team that values collaboration, inclusivity, technical excellence, and thoughtful problem-solving. While we move quickly as a growing technology organization, we also maintain the discipline needed to align with frameworks such as FedRAMP, NIST, and CMMC. Your expertise will help us design resilient, compliant systems and continually strengthen our security posture. Responsibilities: - Deploy, configure, and maintain platforms including Splunk and Microsoft Sentinel. - Administer CrowdStrike Falcon EDR across enterprise endpoints, ensuring sensor coverage and policy enforcement. - Manage CrowdStrike DLP policies and Exposure Management to prioritize vulnerability posture and prevent data exfiltration. - Operate CrowdStrike modules and build Falcon Fusion SOAR playbooks to automate triage and remediation. - Conduct regular vulnerability testing and risk assessments to identify potential security threats and weaknesses in the organization’s infrastructure. - Deploy and administer Network Intrusion Detection (NID) system as a network security monitoring platform. - Configure and secure cloud environments such as Azure Government or AWS GovCloud in alignment with required baselines. - Develop and maintain documentation for security tool configurations and architecture. - Participate in Continuous Monitoring (ConMon) activities and ensure accurate, timely evidence submission. - Design and implement security tooling and controls in a cloud environment to protect the organization’s data and systems across mobile devices, workstations, servers and SaaS technologies. Qualifications - 3–5+ years of experience in security engineering, cloud security, or infrastructure/network security. - Experienced in writing automation scripts in Python, Powershell, or Bash. - Working knowledge of protocols such as DNS, HTTPS/S, TLS, and LDAP. - Familiarity with federal frameworks such as FedRAMP, NIST 800‑171, and CMMC Levels 1 & 2. - Experience configuring and securing AWS GovCloud, Azure Government, or similar regulated cloud platforms. - Understanding of the MITRE ATT&CK Framework and its application to threat hunting. - Experience working with vulnerability management programs in compliance-driven environments. - Clear and concise technical writing skills, with the ability to produce documentation suitable for audits and assessments. Requirements - Experience supporting, maintaining, or engineering for a FedRAMP-authorized system. - Experience working with incident response. - Background in generating SSPs, POA&Ms, ConMon evidence, or system architecture documentation. - Automation experience related to compliance workflows, evidence gathering, or configuration drift detection. - Certifications such as Security+, CySA+, CASP+, CCSP, CISSP, or related. - Secret Clearance or above. Benefits - Comprehensive medical, dental, and vision plans. - Matching 401K. - Unlimited PTO and paid holidays. - Parental/adoption leave. - Legal insurance. - Home technology stipend.

• Provide strategic and operational cybersecurity and compliance guidance and serve as a trusted security advisor to Ntiva’s GovCon clients. • Lead CMMC Level 2 and broader compliance strategies for both prospective and existing clients. • Support new business pursuits while strengthening and expanding current relationships. • Work closely with Sales, Account Management, Engineering, and Delivery teams to align compliance initiatives with client business objectives and regulatory requirements. • Shape Ntiva’s go-to-market approach for compliance services, contributing to the standardization and maturity of the GovCon service stack. • Ensure a consistent, scalable, and high-quality client experience across delivery, compliance, and advisory services. • Conduct monthly security log reviews and oversee timely remediation activities to maintain CMMC Compliance. • Document and upload remediation results into the GRC platform. • Escalate critical security and compliance risks to GovCon leadership with clear impact and recommended actions. • Validate that all remediation efforts align with applicable regulatory and contractual requirements.

• Lead a team of Engineers, Sr. Engineers, Consultants, Sr. Consultants and Architects • Provide Sales Engineering support, BOM creation assistance, SOW assistance along with planning and designing solutions for complex multi-vendor solutions • Lead Customer to modernize identity and access management systems and program • Automation knowledge of lifecycle account management systems • Research, design and develop repeatable IAM solutions for customer IT needs • Utilize technical vision and strategy plans to productize service and product offerings, creating high-value solutions • Expert knowledge of the following solutions; SailPoint, BeyondTrust, One Identity, CyberArk, Delinea, EntraID • Knowledge of Certificate Lifecycle Management and CA/Browser Forum mandate • Engage internal pre-sales engineering teams to identify and map new opportunities, facilitate issue resolution, and expedite solutions, providing frequent updates to Account Management and Engineering teams • Manage internal training workshops for employees • Assist in designing and architecting solutions tailored to customer requirements. Facilitate design architecture and conduct peer reviews with customers to ensure thorough documentation. • Assist the Services Director with resource management • Build and maintain manufacturer/vendor relationships • Be an escalation point for Engineers and Sr. Engineers, Consultants, Sr. Consultants and Architects • Manage Quality Assurance (QA) of all projects • Meet with key IAM vendors to stay current on products and technologies • Knowledge of regulatory compliance standards ie PCI, HIPAA, etc. • Continuing education of relevant certifications that would benefit the Lead Technical Architect role • Be available to meet customer IT needs and serve the Customer to ePlus’ standards