• Learn and understand procedures supporting the assessment of risks to federal facilities • Capture, validate, and formulate data-based reports utilizing the FPS Gateway and associated facility information and reports • Conduct in-depth reviews of FPS Facility Security Assessments (FSAs) for 4 FPS regions and provide written documentation on deficiencies in policy, content, and quality of the assessments • Coordinate HQ FSA requests as well as point of contact for external agencies relating to FSA issues • Provide FSA Helpdesk support for regional Assessment Program Managers (APM) and FPS inspectors • Validate information contained in FPS building inventory and correct incongruent information with internal and external sources and partners • Assist in development of future requirements and necessary resources for enhancements to the FSA program • Run reports to track countermeasure recommendations and implementation throughout the Agency • Provide regions with data regarding open countermeasure requests based on accepted FSA recommendations

Role Description The Enterprise Architect for Resilience & Security Infrastructure Architecture defines and governs the target-state architecture for resilient, secure technology foundations (on-prem, cloud, and hybrid) so that critical business services remain trustworthy, auditable, and recoverable under disruption and cyber stress. This role ensures architectural decisions align with group principles such as Zero-Trust, continuous compliance, cloud preference, and standardized platform foundations (e.g., landing zones, IAM, network patterns, CI/CD toolchains). Scope - Technology foundation architecture: compute/platform, network, storage/data protection, identity and access foundations, security tooling and controls, observability/monitoring, and resilience patterns across the enterprise. - Resilience-by-design: redundancy, failover, backup/restore, physical dispersion, fault isolation and recovery patterns embedded into infrastructure reference architectures and standards. - Regulatory and audit readiness: architecture evidence and traceability that supports operational resilience and ICT risk expectations (e.g., Digital Operational Resilience Act (DORA) focus areas like ICT risk management, incident handling, resilience testing, and third-party risk). Your responsibilities - Core responsibilities: - Assess current vs. target infrastructure architecture, identify SPOFs and systemic risks, and propose costed mitigation options that fit business criticality and proportionality. - Define NFR baselines for availability, recoverability, security and operability; ensure these are implemented and verified through evidence (monitoring, audits, tests). - Maintain architecture artefacts (standards, reference architectures, decision records, and architecture evidence) in approved repositories for discoverability and audit traceability. - Ensure secure/resilient lifecycle management by proactively addressing EOL/EOS technologies and ensuring supported solutions. Key Accountabilities (outcomes you own) - Target architecture: - Define and maintain target architectures and transition roadmaps for resilience and security infrastructure capabilities, ensuring principle fit and preparing decision topics for governance forums (ADR → boards). - Standardize and evolve platform foundations (landing zones, IAM, network patterns, CI/CD toolchains) and reuse approved reference architectures. - Resilience architecture patterns & guardrails: - Establish group-wide resilience guardrails so infrastructure can anticipate, withstand, recover, and adapt during adverse events; embed resilience as a core design concept during initial design and ongoing transformation. - Define reference patterns for: - Modular redundancy (e.g., N+1, 2N), - Physically dispersed infrastructure, - Load balancing/failover, and - Fault mitigation (e.g., circuit breaker, graceful degradation). - Data recoverability (backup strategies, RTO/RPO-aligned approaches, secure backup requirements). - Security infrastructure architecture (Zero-Trust & continuous compliance): - Translate Zero-Trust and compliance principles into infrastructure architecture standards (identity-centric access, least privilege, encryption, evidence automation) and ensure designs document control sets and test evidence. - Partner with security/risk stakeholders to ensure security and compliance remain cross-cutting and consistent across domains. - Architecture governance, decision support & assurance: - Drive architecture decisions using traceable artefacts (decision packs, ADRs, NFR matrices), and ensure deviations are time-boxed with a plan to realign. - Perform architecture reviews/inspections focused on resilience, security posture, and operability; ensure outcomes and evidence are retained for audit readiness. - Cross-functional enablement (delivery + operations): - Work with solution architects and operations teams to ensure solutions are “corporate conform,” operationally supportable, and aligned with infrastructure standards; provide guidance on problem determination, load testing interpretation, and supplier technical topics. - Authorize and guide infrastructure changes triggered by projects/migrations/change requests where architectural impact is material. - Third-party and sourcing resilience (cloud & vendors): - Ensure resilience and security requirements are addressed in sourcing choices (SaaS → PaaS → IaaS) with defined exit paths and clear resilience responsibilities across providers. - Align third-party ICT risk requirements with operational resilience needs (contractual SLAs, auditability, testing expectations). Key deliverables (your tangible outputs) - Resilience & Security Infrastructure Reference Architecture (on-prem, cloud, hybrid variants) including redundancy, dispersion, backup, failover, and observability patterns. - Standards & guidelines for infrastructure resilience and secure operations (including monitoring/auditability requirements). - Decision artefacts: ADRs, governance decision packs, documented exceptions with mitigation plans. - Resilience posture evidence: monitoring/auditing expectations, recovery testing principles, and measurable validation criteria (e.g., failover effectiveness, recovery time). Qualifications - Expert knowledge across infrastructure domains: hardware/platforms, network, storage, and security infrastructure. - Strong architecture documentation and concept development skills. - Proven ability to define, optimize, and master-plan infrastructure landscapes and work effectively with architects and operations. - Expertise in resilience engineering, designing for redundancy, failure containment, recoverability, and continuous improvement using patterns such as modular redundancy, physical dispersion, and fault mitigation techniques. - Familiarity with cyber resiliency engineering concepts that emphasize anticipating, withstanding, recovering, and adapting under attack/compromise. - Strong understanding of Zero-Trust architecture principles and continuous compliance/evidence automation. - Working knowledge of operational resilience regulatory expectations in financial services (e.g., Digital Operational Resilience Act (DORA) pillars such as ICT risk management, incident reporting, resilience testing, and third-party risk). - Fluent in English (both spoken and written). Desirable Skills - Fluent in German (both spoken and written). - Certifications: CISSP / CISM / CCSP, SABSA (security architecture), cloud security specializations; resilience/continuity credentials (e.g., ISO 22301 context). Benefits - Very stable work environment, as part of a large Insurance Multinational Group. - Flexible work program, respecting your own private time. - Attractive remuneration package. - Lunch tickets. - Special Days vouchers (Women’s Day, Children's Day, Christmas, Easter). - Private pension and private health insurance contribution. - Time off when holidays fall on a weekend (up to 3 days/year). - Exchange of experience and training with international professionals, as a premise for personal development. - Team building events.

NXTG Senior Security Engineer Job Description: Job#: 3035083 Job Description: NXTG Senior Security Engineer Location: Maryland (Teleworker) Employment Type: Contract Role Overview We are seeking a Senior Security Engineer to support enterprise data protection, secure cross-domain transfer operations, insider threat monitoring, compliance auditing, and Data Loss Prevention (DLP) initiatives. This position is a senior operational engineering resource responsible for engineering, maintaining, and optimizing enterprise DLP and secure data transfer capabilities using Forcepoint DLP and EverFox Data Guard technologies within a regulated federal environment. Key Responsibilities - Engineer, maintain, and optimize enterprise DLP and cross-domain security platforms using Forcepoint DLP and EverFox Data Guard technologies. - Configure and manage DLP and secure transfer policies supporting Endpoint DLP, Email DLP, Web DLP, Data at Rest (DAR), Data in Motion (DIM), and Data in Use (DIU). - Support and administer Web Adaptors, XML Plugins, UDP & TCP Adaptors, and multi-network transfer solutions. - Develop and tune DLP detection methods including Exact Data Matching, Fingerprinting, OCR, and content inspection rules to improve detection and reduce false positives. - Support enterprise endpoint deployments and troubleshoot Forcepoint endpoint agents, secure transfer workflows, and policy enforcement issues. - Troubleshoot complex operational issues involving TLS/SSL inspection, reverse proxies, secure web gateways, and secure cross-domain transfer operations. - Support cloud and SaaS data protection initiatives involving Microsoft 365, OneDrive, SharePoint, and Teams. - Deploy and maintain DLP and secure transfer policies aligned to government cybersecurity standards. - Integrate Forcepoint and EverFox platforms with enterprise technologies such as Splunk, ServiceNow, and Active Directory. - Participate in operational support activities, maintenance windows, and incident response efforts. Required Qualifications Education: A Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field is required. Equivalent experience may be considered. Experience: A minimum of 10 years of experience is required in enterprise cybersecurity engineering, DLP operations, secure transfer technologies, and data protection programs within regulated environments, including DevSecOps experience. Technical Skills: - Hands-on experience with Forcepoint DLP technologies, EverFox Data Guard infrastructure, endpoint DLP deployments, and secure transfer operations. - Experience supporting AWS cloud environments, Red Hat Enterprise Linux, and Windows enterprise systems. - Strong understanding of Data Loss Prevention architectures, cross-domain security concepts, and secure data transfer technologies. - Experience supporting compliance initiatives aligned to standards such as NIST SP 800-53, DISA STIG, and FedRAMP. - Familiarity with enterprise integrations including SIEM platforms, Active Directory, Microsoft 365, ServiceNow, APIs, and automation workflows. - Project management, client-facing interaction, and verbal communication skills are necessary. Compensation & Benefits The anticipated pay range for this position is $70.00/hour to $85.00/hour. For this position, there will be only one bill rate regardless of the number of hours worked in a day and/or work week. Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. Apex uses a virtual recruiter as part of the application process. Click here for more details. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178. Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide. Employee Type: Contract Remote: Yes Location: Home, MD, US Job Type: Date Posted: May 19, 2026 Pay Range: $70 - $85 per hour

• Design, develop, and maintain robust data pipelines using GCP native services. • Build and manage data quality frameworks to ensure the integrity and reliability of security data assets. • Integrate diverse data sources and security tools via APIs to centralize security oversight. • Optimize database performance, query efficiency, and storage costs within Google BigQuery. • (Preferred) Utilize Cribl to route, shape, and enrich incoming security telemetry and log data.