Title: Associate, Data Privacy & Security Location: New York time type Full time posted on Posted 2 Days Ago job requisition id JR202601039 Advise and represent clients, including Fortune 500 and multinational clients, on complex matters involving international data privacy, cybersecurity, intellectual property, technology law, and emerging artificial intelligence regulations. Counsel clients on AI deployment, data usage, and licensing, ensuring compliance with the EU AI Act, General Data Protection Regulation (GDPR), and relevant U.S. federal and state privacy laws. Draft, review, and negotiate complex agreements, including IP and software licenses, AI model licenses, IT services and outsourcing contracts, master services agreements, and cross-border data processing agreements. Lead cross-border breach responses and cybersecurity incident management, providing regulatory guidance, risk mitigation strategies, and strategic advice to safeguard multinational operations. Develop corporate privacy policies, AI governance frameworks, and compliance programs, aligning organizational practices with EU and U.S. regulatory standards. Support clients during regulatory investigations, audits, and enforcement proceedings, maintaining confidentiality and privilege protections under EU law. Manage multi-jurisdictional projects and complex negotiations, integrating IP, privacy, cybersecurity, AI, and commercial considerations to deliver efficient, cross-border solutions. Hybrid work schedule permitted. Must work 3 times per week from the office in New York, NY. Requirements: JD, LLM or foreign equivalent degree; plus 3 years of experience in position offered or related occupation as an attorney in the U.S. or abroad, advising and representing clients on matters related to European and United States data privacy and cybersecurity laws, and IP laws. Must have 3 years of experience: - working with both EU and U.S. regulatory frameworks, including GDPR and U.S. federal and state privacy laws, to provide comprehensive legal solutions; - drafting and reviewing IP/software license agreements, assignment agreements, technology licensing agreements, IT services agreements, outsourcing agreements, data processing agreements, master services agreements, and privacy compliance related documents, procedures, and policies; - advising clients on implications for EU-US data transfers and regulatory requirements; - advising clients regarding data privacy and cybersecurity laws in the use of cloud services. Must be admitted to practice law in New York. Apply Online: https://www.gtlaw.com/en/careers Ref. Job # 202601039 Not accepting search firm submissions for this position. The expected pay range for this position is: $265,000 per year Salary will be determined based upon education, experience, job related factors permitted by law, internal equity, and market data, including geographic pay differentials in locations where market pay differs from the national average. Full time employees may be eligible for a discretionary bonus, health insurance with an optional HSA, short term disability, long term disability, dental insurance, vision care, life insurance, Healthcare and Dependent Care Flexible Spending Accounts, 401K, vacation, sick time, and an employee assistance program. Additional voluntary programs include: voluntary accident insurance, voluntary life, voluntary disability, voluntary critical illness and cancer insurance and pet insurance. Commuter and Transit programs may also be available in certain markets. GT is an EEO employer with an inclusive workplace committed to merit-based consideration and review without regard to an individual’s race, sex, or other protected characteristics and to the principles of non-discrimination on any protected basis.

Role Description We’re looking for a Senior Security Engineer to join our Security team in Helsinki HQ. In this role, you will: - Work closely with product development to embed security best practices across the entire software development lifecycle and ensure security of our products. - In collaboration with the cloud infrastructure team, improve security of our cloud infrastructure by improving existing and implementing new security controls. - Have a high level of autonomy in your daily work to improve our security posture. Your day-to-day work and responsibilities include: - Security Engineering & Architecture: - Design, implement, and maintain security controls across our SaaS platform and internal infrastructure. - Automate vulnerability and threat detection (SAST, SCA, IAC, container image analysis). - Ensure robust audit logging via SIEM. - Implement and manage IAM policies. - Continuously identify and mitigate security risks. - Reviews and Assessments: - Do internal reviews, threat modeling and testing of new product features. - Use automated tools and manual code review to find security issues in software and infrastructure. - Collaboration & Communication: - Collaborate closely with development and operations teams to integrate security into the Software Development Life Cycle (DevSecOps). - Champion a security-first culture, embedding security principles into all aspects of our operations and product development. - Security Automation: - Improve existing security tooling in CI / CD and add new tools. - Implement automated threat detection and policy-as-code solutions to detect possible data breaches and insecure configurations. Qualifications - 3+ years of full-time experience in information security. - At least 5 years of total full-time work experience in software development. - Expertise in securing cloud infrastructure in AWS, GCP or Azure. - Basic knowledge of Kubernetes and securing Kubernetes clusters and containerized applications. - Software development experience, including proficiency in at least one programming language (e.g., Python, Go, PHP) and understanding of secure coding practices. - Experience reviewing source code. - Experience with modern CI / CD systems (GitLab / GitHub) and implementing automated security scanning tools (SAST, SCA, etc.) as part of pipelines. - Knowledge of security frameworks and standards such as OWASP ASVS, OWASP SAMM, ISO 27001, and CIS Benchmarks, and applying them to product development. - Keen interest in promoting security in a product development organization. Requirements - Expertise in securing Kubernetes clusters in complex, multi-cloud environments (a significant plus). - Familiarity with AI software development tools and AI security. - Hands-on experience in configuring SIEMs, threat detection and response tooling, and web application firewalls. - Experience of incident response in cloud environments. - Relevant technical security certifications (e.g., CISSP, SANS, etc.). Benefits - Attractive pay structure, including equity. - Great work equipment, and home office allowance for those working in our fully remote locations. - Annual personal learning budget. - Sports and wellness allowance. - Benefits vary depending on location.

Title: Senior Network Security Engineer Location: Chantilly, VA Job Description: GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. About GuidePoint Security GuidePoint Security is a leading cybersecurity solutions and services firm enabling federal government organizations to make smarter security decisions that minimize risk. With more than 800 vetted technology vendor partnerships and deep practitioner expertise across every major cybersecurity domain, GuidePoint serves more than half of the U.S. Government’s cabinet-level agencies across Civilian, DoD, and Intelligence Community segments, as well as Federal System Integrators and major defense prime contractors. We are growing our federal presales engineering team and looking for technically exceptional engineers who thrive at the intersection of federal mission and cybersecurity technology. The Senior Network Security Engineer will engineer, design, and sustain Comply-to-Connect (C2C) deployment support to migrate and maintain critical services across unclassified and classified environments. Key Responsibilities - Engineering, designing, and implementing C2C deployment support while managing the appliances, servers, and supporting infrastructure. - Coordinating with the network service provider to develop and maintain comprehensive network architecture diagrams. - Evaluating and recommending technology upgrades to address performance, standardization, and industry best practices. - Monitoring and investigating C2C performance and faults to recommend and implement necessary improvements. - Interacting with team members and customers at multiple levels to gather and coordinate vital technical information. - Supporting Assessment and Authorization (A&A) activities related to cybersecurity technologies and system accreditation. - Requirements - An active TS/SCI with Polygraph is required. - Bachelor’s degree or 4+ years of additional experience in lieu of a degree. - 5+ years of experience in Information Systems Security and/or Cyber Engineering. - Experience with technologies involved in large-scale enterprise deployments and data center environments. - Experience deploying enterprise security software products such as firewalls, IPS, Anti-Virus, and network management systems. - Knowledge of Windows and Linux systems, TCP/IP networking, 802.1x, and general network security concepts. - IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification or the ability to obtain it within 6 months of hire. - Preferred Qualifications - Certified Information Systems Security Professional (CISSP) certification. - Experience implementing vendor-agnostic C2C capabilities and services within DoD engineering and sustainment environments. - Proficiency with Cisco Identity Services Engine (ISE) and tools such as Nmap, Nessus, and tcpdump. - Knowledge of Shell, Perl, and XML Scripting to automate security tasks. - Physical Qualifications - Must be able to remain in a stationary position 50%. - Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. - Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. - Must be able to exchange accurate information in these situations. - “Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.” We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application. Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers. Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity. This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation. Some added perks…. - Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) - Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options) - Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans - 12 corporate holidays and a Flexible Time Off (FTO) program - Healthy mobile phone and home internet allowance - Eligibility for retirement plan after 2 months at open enrollment - Pet Benefit Option -

Title: Senior Cybersecurity Engineer Location: VA, Alexandria Overview GovCIO is currently hiring for a Senior Cybersecurity Engineer to support cybersecurity, compliance, and risk management activities supporting the U.S. Coast Guard (USCG). This role provides high-level engineering, technical execution, and security management to maintain federal security standards, manage vulnerabilities, and ensure mission-critical systems achieve and retain authorization. This position will be located in Alexandria, VA, and will be a hybrid position. Responsibilities As a Senior Cybersecurity Engineer, the ideal candidate will be proficient in architecting and integrating a suite of security tools, including EDR, SOAR, ACEM, SIEM, and HBSS, to create a multi-layered defense. Core responsibilities include: - Manage security projects from inception to completion, ensuring the successful planning and execution of the DoW Zero Trust Architecture. - Develop automated response playbooks within orchestration systems to accelerate incident mitigation. - Ensure continuous endpoint compliance and monitor security policies across enterprise platforms. - Lead the drafting and maintenance of comprehensive Authority to Operate (ATO) paperwork. - Provide advanced engineering support in the selection and tailoring of security controls applicable to the system environment. - Direct the selection and application of appropriate Security Technical Implementation Guide (STIG) Checklists. - Create, manage, and actively monitor Plan of Action and Milestones (POA&Ms) to ensure systemic remediation. - Lead efforts in conducting Privacy Threshold Analysis (PTA) across various system platforms. - Actively monitor ACAS scans and collaborate closely with technical infrastructure teams to engineer solutions for identified vulnerabilities. - Coordinate Contingency Plan (CP) testing activities and finalize associated compliance documentation. - Manage the completion and routing of technical change management paperwork. - Coordinate and execute Cybersecurity Service Provider (CSSP) onboarding processes. - Engage and coordinate with required operational commands and departments. - Respond accurately and promptly to Cyber Operational Readiness Assessment (CORA) data calls and operational data calls. Qualifications High School with 10+ years (or commensurate experience) Required Skills & Experience - Certifications: DoD 8570 IAT Level II or higher (e.g., Security+ CE, CySA+,etc.). - Demonstrated project management experience leading the execution of complex IT security tool deployments from inception to completion. - Proven technical experience architecting, integrating, and deploying EDR, SOAR, ACEM, SIEM, and HBSS tools. - Demonstrated advanced practical user experience with Assured Compliance Assessment Solution (ACAS) for enterprise vulnerability scanning. - Proven experience implementing and utilizing Security Information and Event Management (SIEM) systems for analyzing security alerts and logs. - Hands-on technical proficiency with Extended Detection and Response (XDR) or Endpoint Detection and Response (EDR) platforms for threat detection. - Direct operational experience navigating the Enterprise Mission Assurance Support Service (eMASS) for IT security, compliance, and risk management. Clearance Level: Must have an active Secret clearance Preferred Skills & Experience - Prior experience supporting Department of Defense (DoD) or Federal software modernization programs and Zero Trust migrations. - Advanced baseline cybersecurity or management certifications such as CompTIA CASP+, CISSP, CISM, or PMP. - Knowledge of scripting languages (e.g., Bash, Python) to automate continuous monitoring tasks and playbook responses. #JP #DICE #USCG Posted Salary Range USD $140,000.00 - USD $180,000.00 /Yr. Company Overview GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? Employee Perks At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including: - JD-FOOTER.LIST_TEXT_3" token-type="text">Employee Assistance Program (EAP) - JD-FOOTER.LIST_TEXT_4" token-type="text">Corporate Discounts - JD-FOOTER.LIST_TEXT_5" token-type="text">Learning & Development platform, to include certification preparation content - JD-FOOTER.LIST_TEXT_6" token-type="text">Training, Education and Certification Assistance* - JD-FOOTER.LIST_TEXT_7" token-type="text">Referral Bonus Program - JD-FOOTER.LIST_TEXT_8" token-type="text">Internal Mobility Program - JD-FOOTER.LIST_TEXT_9" token-type="text">Pet Insurance - JD-FOOTER.LIST_TEXT_10" token-type="text">Flexible Work Environment *Available to full-time employees Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.