Title: Senior Cybersecurity Engineer Location: VA, Alexandria Overview GovCIO is currently hiring for a Senior Cybersecurity Engineer to support cybersecurity, compliance, and risk management activities supporting the U.S. Coast Guard (USCG). This role provides high-level engineering, technical execution, and security management to maintain federal security standards, manage vulnerabilities, and ensure mission-critical systems achieve and retain authorization. This position will be located in Alexandria, VA, and will be a hybrid position. Responsibilities As a Senior Cybersecurity Engineer, the ideal candidate will be proficient in architecting and integrating a suite of security tools, including EDR, SOAR, ACEM, SIEM, and HBSS, to create a multi-layered defense. Core responsibilities include: - Manage security projects from inception to completion, ensuring the successful planning and execution of the DoW Zero Trust Architecture. - Develop automated response playbooks within orchestration systems to accelerate incident mitigation. - Ensure continuous endpoint compliance and monitor security policies across enterprise platforms. - Lead the drafting and maintenance of comprehensive Authority to Operate (ATO) paperwork. - Provide advanced engineering support in the selection and tailoring of security controls applicable to the system environment. - Direct the selection and application of appropriate Security Technical Implementation Guide (STIG) Checklists. - Create, manage, and actively monitor Plan of Action and Milestones (POA&Ms) to ensure systemic remediation. - Lead efforts in conducting Privacy Threshold Analysis (PTA) across various system platforms. - Actively monitor ACAS scans and collaborate closely with technical infrastructure teams to engineer solutions for identified vulnerabilities. - Coordinate Contingency Plan (CP) testing activities and finalize associated compliance documentation. - Manage the completion and routing of technical change management paperwork. - Coordinate and execute Cybersecurity Service Provider (CSSP) onboarding processes. - Engage and coordinate with required operational commands and departments. - Respond accurately and promptly to Cyber Operational Readiness Assessment (CORA) data calls and operational data calls. Qualifications High School with 10+ years (or commensurate experience) Required Skills & Experience - Certifications: DoD 8570 IAT Level II or higher (e.g., Security+ CE, CySA+,etc.). - Demonstrated project management experience leading the execution of complex IT security tool deployments from inception to completion. - Proven technical experience architecting, integrating, and deploying EDR, SOAR, ACEM, SIEM, and HBSS tools. - Demonstrated advanced practical user experience with Assured Compliance Assessment Solution (ACAS) for enterprise vulnerability scanning. - Proven experience implementing and utilizing Security Information and Event Management (SIEM) systems for analyzing security alerts and logs. - Hands-on technical proficiency with Extended Detection and Response (XDR) or Endpoint Detection and Response (EDR) platforms for threat detection. - Direct operational experience navigating the Enterprise Mission Assurance Support Service (eMASS) for IT security, compliance, and risk management. Clearance Level: Must have an active Secret clearance Preferred Skills & Experience - Prior experience supporting Department of Defense (DoD) or Federal software modernization programs and Zero Trust migrations. - Advanced baseline cybersecurity or management certifications such as CompTIA CASP+, CISSP, CISM, or PMP. - Knowledge of scripting languages (e.g., Bash, Python) to automate continuous monitoring tasks and playbook responses. #JP #DICE #USCG Posted Salary Range USD $140,000.00 - USD $180,000.00 /Yr. Company Overview GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? Employee Perks At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including: - JD-FOOTER.LIST_TEXT_3" token-type="text">Employee Assistance Program (EAP) - JD-FOOTER.LIST_TEXT_4" token-type="text">Corporate Discounts - JD-FOOTER.LIST_TEXT_5" token-type="text">Learning & Development platform, to include certification preparation content - JD-FOOTER.LIST_TEXT_6" token-type="text">Training, Education and Certification Assistance* - JD-FOOTER.LIST_TEXT_7" token-type="text">Referral Bonus Program - JD-FOOTER.LIST_TEXT_8" token-type="text">Internal Mobility Program - JD-FOOTER.LIST_TEXT_9" token-type="text">Pet Insurance - JD-FOOTER.LIST_TEXT_10" token-type="text">Flexible Work Environment *Available to full-time employees Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Title: Principal Engineer - Security Architecture(Remote Or Hybrid) Location: MN-Brooklyn Park Job Description: $168,000 - $303,000 USD annually Full-time Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. About Us: Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here. Target is one of the world’s most recognized brands and one of America’s leading retailers. But behind the brand our guests love, is a culture of continual innovation and right now, we are up to big things! Target’s security team is a place where innovation happens daily. Interested in a culture that combines ongoing learning, engineering excellence, and stellar outcomes? We are too – that’s why we work here. Join our team to improve Target’s security and move the business forward. As a Principal Security Architect/Engineer, you’ll collaborate with technical and leadership teams across all of Target Tech to ensure that systems are designed and built securely. You will identify relevant security risks, develop appropriate mitigation strategies, integrate security functions and controls into the overall system architecture, evaluate and provide feedback on proposed architectures, and design secure architecture. This role is highly technical, and you bring a deep understanding of security risks, controls, mitigations, and standards to a collaborative and advisory role, helping the rest of the enterprise as new platforms and systems are built, and as existing ones are modified over time. Beyond the deep expertise, you have great interpersonal skills: our Security Architects are called upon to collaborate across the enterprise, and have exceptional communication skills that enable open and cooperative partnerships. Expect to: • Collaborate with system designers to integrate security requirements into the design phase of IT systems • Develop and maintain security architecture documentation, including security models, frameworks, and diagrams • Ensure that security architecture aligns with the organization’s business objectives and regulatory requirements • Understand security risks in order to identify potential vulnerabilities and threats • Develop risk mitigation strategies and recommend appropriate security controls • Design and implement security solutions, including firewalls, encryption protocols, and access control mechanisms • Collaborate with development and operations teams to ensure secure creation and deployment of IT systems • Provide guidance on secure coding practices • Prioritize driving highly impactful changes that improve the business • Conduct full-stack architecture reviews of products and platforms • Provide expertise on information security for complex systems and applications in cloud and on-prem environments • Design security reference architectures and create implementation/configuration guides • Provide expertise on creation and implementation of security controls with an emphasis on cloud technologies • Efficiently assess and communicate risk accurately while negotiating priorities with cross-domain stakeholders • Collaborate with engineering teams to perform advanced security analysis on complex cloud systems, identifying gaps while contributing to design solutions and security requirements Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs. About You: • 4-year degree OR equivalent experience • Polyglot programmer comfortable in many languages across different platforms • 10+ years of hands-on experience in technology, with extensive knowledge of cybersecurity domains including Information Protection, Cloud Security (GCP strongly preferred), Networking Security, IAM, Automation, and SIEM • Demonstrated curiosity and ability to learn • Expertise in containerization technologies and tools • Solid understanding of AI/ML • Seeks out cross-team collaboration opportunities • Stays current on relevant technologies with self-directed learning • Excellent written and verbal interpersonal skills with strong presentation abilities • Proven history of effectively utilizing a variety of security tools and technologies across diverse environments. The ideal candidate will not be limited to specific vendors or solutions but will possess the technical depth to comprehend and implement an end-to-end solution that aligns with our reference security architecture's requirements • Good understanding of security management workflows in large enterprise organizations and complex environments • Has a good understanding of the current threat landscape and the challenges that most organizations are facing • In-depth knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO/IEC 27001) • Strong understanding of network security, cryptography, and secure software development • Experience with security technologies, such as firewalls, IDS/IPS, SIEM, and DLP • Excellent analytical, problem-solving, and communication skills Preferred: • GCP native security product experience (VPC Service Controls, Organization constraints, Cloud Armor, NextGen Firewall etc.) • Working knowledge of policy-as-code (either OPA/Rego or SEL) • Experience with Google SCC or Wiz is a plus • LLM Security expertise • Vertex AI experience • AWS or Azure experience This position may be considered for a Remote or Hybrid (known internally at Target as "Flex for Your Day") work arrangement based on Target's needs.  A Remote work arrangement means the team member works full-time from home or an alternate location that's not a Target location, does not have a desk at a Target location and may travel to HQ up to 4 times a year.  A Hybrid/Flex for Your Day work arrangement means the team member's core role may be performed either remote or onsite at a Target location depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Benefits Eligibility Americans with Disabilities Act (ADA) In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process,

• Perform penetration tests on web, mobile (Android and iOS), and desktop applications. • Conduct vulnerability research in static code and in the source code of web applications. • Apply SAST and DAST techniques at different stages of development. • Perform penetration testing on on-premises infrastructure and cloud environments. • Automate analysis and vulnerability detection processes using scripts. • Document and communicate findings clearly to the technical team. • Actively collaborate within a remote, multicultural, and multilingual team.

• Ensure the Information Security organization speaks with one clear, consistent, and credible voice — in its writing, its visuals, and the artifacts that carry the program to the rest of the enterprise. • Design and produce Board-level and executive security materials — risk reports, posture dashboards, program updates, and decision briefs — translating technical findings into clear narratives and high-impact visuals for non-technical leadership. • Help design a unified security-metrics reporting layer in which a single, shared pool of metrics is surfaced at every altitude — operational dashboards for analysts, reporting for management, and narrative for executives and the Board. • Author and maintain security policies, standards, procedures, and control narratives, ensuring alignment with frameworks such as NIST CSF, PCI-DSS, and SOX. • Conceive, write, illustrate, and produce security awareness and training content — e-learning modules, microlearning, phishing-simulation creative, infographics, posters, and campaign materials. • Produce and maintain operational documentation for the security organization — runbooks, incident-response playbooks, the InfoSec operations manual, and executive incident summaries.