Role Description Sigma Defense is seeking a Cybersecurity Lead Engineer to support an enterprise DevSecOps platform. - Support DevSecOps and Software Engineers in developing secure platforms and effectively communicating regarding the risk posture of the platforms. - Support of full RMF lifecycle for authorization and re-authorization of existing and novel capabilities including regular communication with stakeholders and authorizing personnel. - Identification and reduction of system vulnerabilities to achieve compliance objectives. - Mentorship and proliferation of cybersecurity culture within team. Qualifications - 8-10 years of Cybersecurity experience. - Experience with DoW RMF policy. - Experience maintaining cybersecurity on an enterprise DevSecOps platform. - Registered DoW RMF Practitioner (RDRP) is preferred. - Must be a U.S. citizen. Requirements - Mandatory Certifications: CISSP - Personnel Clearance Level: Candidate must possess or have the ability to obtain an active Secret security clearance or higher. Clearance may be sponsored for the right candidate. - Education Requirements: Bachelor's degree from an accredited college or university in Cyber Security, Information Technology, Information Systems, Computer Science, Computer Engineering, Mathematics, or related field of study. Degree may be substituted for comparable additional industry experience and/or industry accepted training and certification. Benefits - Salary Range: $135,000 - $145,000 annually. - Dental and Vision Insurance - Medical Insurance to Include HSA, FSA, and DFSA Plans - Life and AD&D coverage - Employee Assistance Program (EAP) - 401(k) Plan with Company Matching Contributions - 160 Hours of Paid Time Off (PTO) - 12 (Floating) Holidays - Educational Assistance - Highly Competitive Salary

• We are seeking a highly motivated Senior Security Engineer with a strong passion for Identity and Access Management (IAM) to join our Enterprise Security & Infrastructure (ESI) organization. • The ideal candidate brings hands-on experience designing, engineering, implementing, and supporting enterprise-scale identity solutions across hybrid environments (on-premises and cloud). • This role requires a deep understanding of modern identity technologies, along with the ability to secure and optimize identity platforms that support critical business operations. • A successful engineer in this role will maintain awareness of new security and identity trends, research, evaluate, design, and recommend technical security solutions for the enterprise. • This role is critical in ensuring the secure, efficient, and compliant management of identities and access across the organization, helping to protect enterprise assets while enabling business productivity. • The Senior Security Engineer, Identity & Access Management is responsible for designing, implementing, and maintaining secure, scalable IAM solutions across hybrid environments, while driving modernization toward Zero Trust and cloud-based identity models. • This role focuses on engineering automated identity processes, strengthening access governance and privileged access controls, and integrating AI-enabled capabilities to enhance security and operational efficiency. • The engineer partners closely with cross-functional teams to assess and mitigate identity-related risks, implements monitoring and automated response for identity threats, and contributes to technology evaluation and innovation. • Additionally, the role ensures compliance with regulatory requirements, supports audit readiness, and establishes standards and best practices to continuously improve enterprise identity security.

Role Description A Security Consultant is a client-focused role responsible for leading and supporting ProArch customers in building, operating, and continuously improving a comprehensive security program. This position blends security advisory, service delivery, and operational oversight, using ProArch standard playbooks, tooling, and reporting to reduce risk and improve security outcomes. Security Consultants leverage ProArch’s security platforms to detect and prevent cyber threats, onboard clients into managed security services, maintain solution health, and communicate risk and remediation priorities to technical and executive stakeholders. Ongoing training and professional certifications are part of the job requirements. Job Responsibilities - Client Advisory & Program Leadership - Lead security strategy development and roadmap planning aligned to business priorities. - Produce and deliver executive security reporting (risk, trends, outcomes, and next steps). - Provide security assessments, vulnerability management guidance, and awareness program support as part of managed services and professional services engagements. - Service Delivery & Operational Oversight - Own solution implementation and program onboarding, including documentation, handoffs, and acceptance criteria. - Implement and manage SIEM/XDR architecture (e.g., Microsoft Sentinel and Microsoft Defender XDR) including configuration, tuning, and workflows. - Maintain solution health and integrations (connectors, data sources, agents, and alert fidelity). - Perform account/permission management and governance for security solutions. - Provide guidance and escalation support for Security Specialists; coordinate incident and service issue escalations to resolution. - Pre-sales & Practice Contribution - Support presales meetings, proof-of-value/proof-of-concept efforts, and security program cost & scope modeling. - Deliver vendor and ProArch workshops; contribute to presentations, webinars, and approved marketing initiatives. - Research and evaluate emerging technologies; contribute to solution design and service evolution. - Standardization & Continuous Improvement - Deliver services using ProArch standard playbooks, templates, quality gates, and reporting packs. - Improve programs through automation and security engineering (where appropriate) to increase repeatability and reduce manual effort. Qualifications - Minimum of 4 years of experience in cybersecurity with additional background in security consulting or managed security services. - Hands-on capability in core security platforms. - Ability to translate technical findings into business risk. - Strong client communication skills. Requirements - Required (hands-on) - SIEM/XDR delivery and operations, particularly Microsoft Sentinel and Microsoft Defender XDR. - Kusto Query Language (KQL) for detection, investigation, and reporting (SPL is a plus). - SOAR and automation concepts and process design. - Identity and endpoint security fundamentals (e.g., Entra ID, Identity Protection, Defender for Endpoint). - Strong client-facing communication: security report analysis, remediation recommendations, and executive-ready storytelling. - Working knowledge - Microsoft security platform components (Defender for Office 365, Defender for Identity, Defender for Cloud Apps, Defender for Cloud, Intune, Entra ID). - Managed Detection and Response (MDR) experience in a managed services model. - Vulnerability management tooling and process (e.g., Qualys) and remediation strategy development. - Scripting/automation using PowerShell, Python, and/or Azure CLI. - Preferred - Microsoft Purview (IRM, DLP, Insider Risk) and governance concepts. - CrowdStrike Endpoint/Identity/XDR experience. - Cloud security exposure beyond Microsoft (AWS/GCP) and related security services. - Experience with Azure DevOps and process-driven delivery. - Microsoft Foundry, Microsoft 365 Copilot, and Microsoft Security Copilot familiarity. Education and Certification - BS or MS in Computer Science / Engineering or significant demonstrable experience in Microsoft Cloud Security. - Must have the following Certifications. If not held at time of hire, must be attained within 6 months after hire: - Microsoft: AZ-900 - Microsoft: SC-300 - Microsoft: AZ-500 - ISC: CISSP - Preferred certifications: ISC2 CISSP; Microsoft SC-200; and/or certifications such as CEH, CCSP, CISM. Benefits - Empower employees to develop at their own pace through Career Pathways. - Culture of positivity, inclusivity, and respect. - Flexible work schedules to prioritize work-life harmony. - Opportunities for volunteer efforts and charitable initiatives. - Recognition programs for extraordinary efforts.

Role Description The Sr. Cybersecurity Engineer will be working with the NIWC team to provide technical expertise in Risk Management Framework (RMF) and Cybersecurity Engineering for multiple customers. This role includes providing leadership and support in operational, technical, and process aspects of system A&A packages, including the development and analysis of required policies and other deliverables throughout the RMF lifecycle. The IT systems vary in size based on locations in CONUS and OCONUS. The Sr. Cybersecurity Engineer will apply experience and knowledge to help the project team support the guide, design, implementation, documentation, and troubleshooting of the environment(s). Responsibilities - Serve as the primary cybersecurity advisor to NIWC customers, providing subject matter expertise on the Risk Management Framework (RMF) Authorization process as an ISSE, up to the Top Secret level. - Establish and maintain effective relationships with internal personnel and external representatives at various levels. - Analyze security findings, develop mitigations for open findings and/or update POA&M. - Draft diagrams, plans, policies, and SOPs to document findings, procedures, and longer-term strategy. - Oversee the execution of Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), and Assured Compliance Assessment Solution (ACAS) scans in accordance with DoD and Navy guidance. - Direct the ongoing management of VRAM site with updated security scans and track IAVAs and other cyber alerts (CTOs). - Act as a lead subject matter expert during security incidents to investigate, contain, and remediate breaches. - Communicate complex security risks and requirements to both technical and non-technical stakeholders. - Provide strategic recommendations for securing systems and changes to increase efficiency in applying security controls. - Perform other Cybersecurity duties as tasked. Key Responsibilities - Ability to mentor and guide other cyber professionals on the team. - Ability to collaborate with site administrators and cyber team on developing a strategy to improve security posture. Qualifications - Bachelor’s degree in Cybersecurity or related STEM discipline. - Master’s degree in related field is highly desired. - Active TS clearance is required. - Ten years managing project tasks and personnel. - Ten+ years of experience in DoD accreditation/authorization process. - Experience with Microsoft servers, network, STIGs, SCAP, and ACAS. - Experience with JWICS RMF process is highly desired. - Knowledge/Understanding of Cross Domain Solutions is highly desired. - Compliant with DoD 8140/8570 IAT Level II certification. - Must be able to successfully pass a pre-employment background check and pre-hire drug test. Working Conditions - Military bases. - Travel as required. - Possible remote position available. Physical Requirements - Ability to lift 30 pounds unaided or 80-pound loads aided. Disclosures Chugach Government Solutions is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, pregnancy, disability, genetic factors, protected veteran status or other characteristics protected by law. Chugach will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with Chugach Government Solutions or any of its subsidiaries, please email ada@chugachgov.com. Chugach Government Solutions supports pay transparency and is committed to equitable and competitive compensation practices. Compensation for this role will be determined based on factors including job responsibilities, experience, skills, internal equity, geographic location, and applicable contract requirements. Where required by law, compensation ranges will be provided to candidates during the hiring process.