Role Description 10a Labs' Investigations Team is looking for a Principal Cyber Investigator to lead day-to-day operations and oversee quality across a cyber investigations team. This role requires senior cybersecurity expertise combined with the operational and leadership experience to manage a high-performing team, interface directly with client stakeholders, and set the standard for investigative and labeling output quality and consistency. In this role, you will: - Oversee day-to-day operations of the cyber investigations team, ensuring investigations are completed accurately, efficiently, and in accordance with outlined requirements and rubrics. - Serve as the senior technical authority on complex and escalated cases, making final determinations on real-world harm potential and offensive uplift. - Monitor and maintain quality metrics across the team, identifying gaps and implementing improvements to investigative processes and detection pipelines. - Interface directly with client stakeholders to communicate findings, surface emerging trends, and align on evolving policy and operational priorities. - Mentor and develop senior and junior investigators, providing guidance on technically demanding and ambiguous cases. - Lead threat actor analysis, synthesizing findings across cases to inform broader detection and mitigation strategies. - Query internal data sources via DQL and programmatically, and cross-reference open-source information (OSINT) to support investigations and validate team output. - Respond to critical escalations and on-call leads, including those not caught by existing safety systems. Qualifications - At least 9+ years of experience in cybersecurity, threat intelligence, Trust & Safety, national security, defense, intelligence, or law enforcement domains. - Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience. - Demonstrated experience leading or managing investigative teams, including oversight of quality, output, and team development. - Deep subject-matter expertise in one or more of the following: scaled data extraction, ransomware, local and remote exploits, or offensive security operations. - Familiarity with LLM systems and how AI technology can be misused for cyber operations. - Proven ability to serve as a final technical authority on complex cases, with a track record of sound judgment on harm potential and offensive uplift. - Strong SQL, Python, and other data language proficiency for querying data, supporting detection workflows, and validating investigative output. - Exceptional written and verbal communication skills, with experience presenting findings to senior stakeholders. - Ability to rapidly context-switch across domains, modalities, and abuse areas in a fast-paced, ambiguous environment. - Ability to clear an insider-threat background check. Preferred Qualifications - Experience working directly with or within frontier AI labs, large technology platforms, or Trust & Safety organizations. - Experience with threat intelligence frameworks such as MITRE ATT&CK. - Background in dark web monitoring, OSINT, or cross-platform threat analysis. - Experience building or scaling detection and mitigation pipelines. - Full professional proficiency in Arabic, Chinese, Farsi, Portuguese, Russian, or Spanish. - Active security clearance (Secret or above). - Relevant certifications such as OSCP, GREM, or GCTI. Benefits - Salary Range: $150K–$180K, depending on experience and location. - Work Environment: Fully remote, U.S.-based. - Health Benefits: Comprehensive health, dental, and vision coverage. - Time Off: Generous PTO and paid holiday schedule. - Retirement: 401(k) plan.

Role Description What You Will Do: - Identity Lifecycle Engineering: Architect and optimize automated end-to-end identity and identity proofing workflows, leveraging IGA tooling to eliminate manual provisioning and strengthen identity security controls across the enterprise. - Protocol & Federation Standards: Design and implement secure identity proofing and verification flows utilizing deep technical proficiency in SCIM, OAuth2, SAML 2.0, and OIDC to ensure seamless, standards-based authentication. - Directory Orchestration & L3 Support: Serve as the Tier 3 escalation authority for complex identity data synchronization and orchestration across hybrid environments, including Microsoft Active Directory, Entra ID, and Virtual Directory Services (VDS). - Security Posture & Audit Governance: Develop and execute automated technical audits and compliance monitors to validate IAM controls, ensuring continuous alignment with stringent internal policies and external regulatory requirements. - Agile Technical Leadership: Drive IAM modernization initiatives as a Subject Matter Expert within an Agile framework, translating complex business requirements into scalable technical architectures while mentoring junior analysts. Qualifications - High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required. - Advanced IAM Certification: Documented expertise through CISSP, CCSP, or CISA; highly specific technical certification in SailPoint is a significant competitive advantage. - Regulated Healthcare Expertise: Extensive experience navigating the unique security constraints and identity interdependencies of a high-volume, highly regulated healthcare ecosystem. - Legacy-to-Modern Migration: Proven success in identifying obsolete access control processes and leading the technical migration toward modern, automated identity fabrics. Benefits - Paid time off (PTO) - Various health insurance options & wellness plans - Retirement benefits including employer match plans - Long-term & short-term disability - Employee assistance programs (EAP) - Parental leave & adoption assistance - Tuition reimbursement - Ways to give back to your community

• We are seeking a Security Consultant (Staff) to provide security leadership and guidance across application modernization and database migration workstreams. • This role will establish security, logging, observability, and compliance standards while ensuring the modernized environment aligns with public sector and healthcare data protection requirements. • As the primary security resource supporting multiple workstreams, the consultant will focus on defining patterns, governance, and best practices rather than implementing every security control directly. • Define and oversee security, logging, and observability standards throughout modernization and migration efforts • Establish secure architecture patterns for AWS-based target environments • Develop and promote IAM, secrets management, and least-privilege access strategies • Ensure proper handling and protection of PHI and PII data within healthcare and Medicaid-related systems • Advise teams on compliance requirements applicable to state government workloads • Review application security controls, authentication and authorization approaches, and secure coding practices • Assess converted database access patterns and connection security, including Aurora PostgreSQL endpoints • Provide guidance on encryption, monitoring, logging, and auditability requirements • Support risk identification, remediation planning, and security governance activities • Collaborate with technical teams to embed security best practices throughout the delivery lifecycle

Role Description Senior hands-on technical lead for security assessment execution and for developing and validating the SCSEMs and automated evaluation files that drive every review. Distinct from the Computer & Information Systems Manager: this role is the deep technical author/assessor rather than the team manager. Key Responsibilities - Develop, update, and validate SCSEMs and automated evaluation files (Nessus audit / SCAP XCCDF), mapping to CIS Benchmarks, DISA STIGs, and applicable NIST controls. - Validate that automated checks accurately reflect required configurations and correctly evaluate both binary and non-binary conditions. - Lead hands-on system configuration checks and automated/manual compliance scanning during reviews. - Perform corrective actions and ad hoc fixes for identified issues, including logic errors in automated evaluation files. - Maintain configuration instructions and supporting documentation; ensure alignment between SCSEMs and automated files. Qualifications - Demonstrated experience identifying and applying information-security/cybersecurity requirements and ensuring they are addressed through development, implementation, and configuration. - Demonstrated experience implementing security controls, configuration changes, software/hardware updates, and vulnerability management within government organizations. - Hands-on experience securing configurations and authoring or tailoring SCSEM/STIG/CIS/Nessus content (preferred). Requirements - High School Diploma or higher. - Certifications / Licenses (minimum of ONE of the following): - CCNA Security - CySA+/CSA+ - GICSP - GSEC - Security+ CE - CND - SSCP - CASP+ CE - CCNP Security - CISA - CISSP (or Associate) - GCED - GCIH - CCSP - CAP - CISM - GSLC - CCISO - HCISPP - CEH - GSNA - CFR - PenTest+ - In lieu of a certification, graduation from a minimum 2-year IT/Cybersecurity program at an accredited college or university may be substituted. Preferred - Prior FTI/Safeguards review experience; demonstrated SCSEM/STIG/CIS/Nessus authoring. Commitment to Diversity eTelligent Group provides equal employment opportunities (EEO) to all applicants without regard to race, color, religion, gender, sexual orientation, gender identity, nations origin, age, disability, genetic information, marital status, amnesty, status as a covered veteran, and any other characteristic provided in accordance with applicable, federal, state and local laws.