Security Analyst Remote Jobs in District of Columbia (US)
This page tracks remote security analyst openings that are location-eligible for District of Columbia.
This page tracks remote security analyst openings that are location-eligible for District of Columbia.
Open jobs
1,969
Hiring companies this week
10
Salary sample
$19 - $108,310
Jobs added last hour
0
1969 Jobs
1258 Companies
Austin-based SDVOSB delivering application development, cybersecurity, instructional design and training to DOD and VA.
• As a Security Analyst on our team, you’ll use your experience to work with Veterans Affairs (VA) Information System Owners (ISO), Information System Security Officers (ISSO), site managers, and other system stakeholders to coordinate and drive the completion of Risk Management Framework (RMF) steps 0-6 ATO activities and requirements, identify and mitigate risks, escalate project risks to leadership, understand and apply VA authorization policies and processes, and provide information system security expertise. • You'll ensure the appropriate operational security posture is maintained for information systems throughout the system’s lifecycle from product acquisition and installation through decommission. • You will complete and maintain very detailed security documentation and coordinate to execute ATO support duties that document security details related to system installations, a variety of IT systems, networks, hardware, and software in a variety of complex and simple installation sites. • You’ll work with your client to translate security concepts into actionable, implementable solution recommendations to help the client make informed security decisions from all aspects of IT deployments ensuring full commissioning is completed through deployment into production and decommissioning. • This is your opportunity to act as an information security and RMF subject matter expert while broadening your skills in cybersecurity.
The Expert-Driven Offensive Security Platform. Continuously validate your security posture all year long.
• Triage, validate, and QA findings surfaced by Sprocket's automation. Reproduce, confirm true positives, and eliminate false positives before anything reaches a client. • Author and refine findings to client-ready quality in the Sprocket voice, and publish them through the platform. • Calibrate severity to real business impact against Sprocket's standards, judging real-world impact over theoretical. • Handle roughly 90% of findings independently and make accurate handle-versus-escalate decisions using the platform workflow, escalating the hard 10% to an Adversarial Engineer with full context attached. • Feed pattern-level signal back to R&D and the Adversarial Engineering team to tune attack automations and cut false positives at the source. You'll be one of the tightest feedback loops we have into R&D. • Log validation notes, flag false-positive patterns, and contribute to the knowledge base. • Script away repetitive validation steps wherever they appear. • Partner with your fellow R&D team members and the Service Delivery team on the automation feedback loop and client-experience improvements. • Seek to programmatically enhance automation pipeline with new or updated capabilities when triage is complete and capacity allows, pairing with an Adversarial Engineer as needed. • Attend daily standups, weekly 1:1s, monthly company calls, and all-hands.
Role Description The Information Security Analyst I will support day-to-day security operations, event/incident investigation, security control assessment, data analysis and reporting, and other infosec-related activities. The analyst will work with the Project team as well as Helpdesk Support team to mitigate risks and vulnerabilities and create documentation or reports regarding infosec activity and incidents. - Must be authorized to work in the U.S. - This is a full-time, direct hire position. - Schedule: Friday, Saturday, Sunday, Monday, 7:00 AM - 6:00 PM (ET) - While working from home, employees must have a reliable internet connection and must work in an environment free of noise and distraction. Essential Duties and Responsibilities - Perform penetration testing; along with internal and external scanning, assess report and escalate to appropriate team and engineers. - Resolve any computers with missing Hard Drive Encryption. - Resolve and report out any violations of Office365 hardening security procedures; this includes but not limited to bypassing multi-factor authentication, device compliance policy, conditional access. - Resolve any computers and servers with missing vulnerability patch and Windows and third-party updates. - Responds to security incidents (Helpdesk Support), conducts forensic investigations and targets reviews of suspect areas as well as develop action plans to address root causes of security-related problems. - Collaborates on projects to ensure that security issues are addressed throughout the project life cycle. - Reports to Risk Manager concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance. - Provides responsive support for problems found during normal working hours as well as outside normal working hours as needed. Qualifications - 1-2+ years of security experience working with Endpoint Security, Intrusion Prevention, and Firewall security. - 2+ years of experience working for an MSP/MSSP or SOC (Security Operations Center). - 2+ years of Incident Response experience. - Proven work experience as a system security engineer or information security engineer. - Experience in building and maintaining security systems. - Detailed technical knowledge of database and operating system security. - Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. - Experience with network security and networking technologies and with system, security, and network monitoring tools. - Thorough understanding of the latest security principles, techniques, and protocols. - Problem solving skills and ability to work under pressure. Development Expectations - Ethical Hacker - Preferred / Development Plan - Associate of (ISC)² - Preferred / Development Plan - CISSP (Certified Information Systems Security Professional) – Preferred / Development Plan - CCNP Security – Preferred / Development Plan Benefits - Insurance Coverage: Health, Dental, Vision, Life/AD&D, Short-Term Disability, Long-Term Disability, Accident, Hospital Indemnity, Critical Illness. - Paid Time Off (Vacation, Holidays, Birthday). - 401k Retirement Plan with Company Match. - Flexible Spending Account, Health Savings Account. - Peer-to-Peer Recognition. - Learning and Development. - Pet Insurance. - Fun On and Off-Site Events. - Referral Bonus Program. - Employee Assistance Program.
Bringing peace of mind through better health to our customers and communities
Role Description We're looking for an individual who has a deep interest in cybersecurity and will bring fresh perspectives and advanced techniques to identify and analyze potential threats. Your expertise will enhance our team’s ability to detect and respond to sophisticated cyber attacks; experience with cloud security is a plus! As Senior Cyber Threat Hunter, you'll help us stay ahead of emerging threats. As a key member of our team, you will play a crucial role in identifying, analyzing, and mitigating cyber threats to protect our organization’s assets and data. Our team is composed of individuals from various backgrounds and experiences, fostering a rich and inclusive culture where everyone’s voice is heard and valued. Every day brings new and exciting challenges. You’ll have the opportunity to tackle complex problems, think creatively, and push the boundaries of what’s possible in cybersecurity. - Sponsorship is unavailable for this role. - This role has an on-call rotation schedule that lasts for 1 week, every 2 months. - While this is a fully remote position, the final round of interviews will take place onsite in our Chattanooga, TN office. Qualifications - Bachelor's Degree in a Computer Sciences related field or equivalent work experience - 5 years of experience in Information Security required - 1 year of experience with information technology concepts, terminology, and standards required Requirements - Common knowledge of malicious code (worms, viruses, spyware, etc.) - Understanding of Security Methodologies for Windows / Linux / Unix operating systems - Knowledge of TCPIP/UDP/ICMP - Working knowledge of the OSI Reference Model - Knowledge of networking components (routers, switches, load balancers, wireless access points, etc.) - Knowledge of Information Security components (IPS, IDS, WAF, SIEM, etc.) - Knowledge of vulnerability assessments - Knowledge of security incident handling - Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles and accountability - Proficient in Microsoft Office (Outlook, Word, Excel, and PowerPoint) - Must be a team player, be organized, and have the ability to handle multiple projects - Excellent oral and written communication skills - Strong interpersonal and organizational skills Company Description
As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
Role Description - Responsible for daily incident management of customer incidents - Perform incident response and forensic analysis of compromised systems, identify and provide recommendations for remediation - Formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies and artifacts - Ability to manage complicated global incidents - Ability to perform large-scale compromise assessments for customer environments - Build incident response plans and playbooks - Create attack scenarios for customer tabletop training exercises - Creation of detailed incident reports for customers and effective communication of findings to customers - Build and maintain sandbox/test lab environments to evaluate malicious code - Work within a team environment and will be responsible for coordinating work actions Qualifications - This is not an entry level SOC role. - 10+ years of cybersecurity experience out of which 2-5 years are experience performing T3 incident response with an emphasis on system compromise analysis. - Experience of performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. - Experience with enterprise security solutions, incident crisis management. - Experience with performing attack simulation for training security teams. - Experience with creating procedures and documented plans for security teams. - Ability to participate in on-call rotation, including at least one weekend a month. - Domestic and International travel may be required. - Must be eligible to work in the US without sponsorship from an employer now or in the future. - EOE M/F/Veterans/Disabled Company Description As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base. Check Point Software Technologies has been honored by Time Magazine as one of the World’s Best Companies and Newsweek’s list of Americas Best Cybersecurity Companies. We've also earned a spot on the Forbes list of the World’s Best Places to Work for five consecutive years and recognized as one of the World’s Top Female-Friendly Companies. If you're passionate about making the world a safer place and want to be part of an award-winning company culture, we invite you to join us.
University of Rochester, located on the banks of the Genesee River in Rochester, New York, is a four-year private institution of higher learning that has offered educational opport
Role Description Responsible for support of day-to-day operations of information security incident response and triage. Verifies, classifies and documents events, escalating incidents as required. Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. This role requires an on-call rotation. - Provides first-level and second-level response for information security events, including threat analysis, root cause analysis and remediation. - Manages various security operations tools to ensure continued security and performance. - Responds to requests for operational and security logs. - Assists with development of incident response processes and systems. - Participates in daily, quarterly, weekly and as needed meetings. - Monitors security blogs, articles, reports and other sources to keep up to date on the latest security threats and trends. - Other duties as assigned. Qualifications - Bachelor's degree and 1 year of related experience required. - Or equivalent combination of education and experience. - Experience with Security Information and Event Management (SIEM) systems, such as QRadar, ArcSight or LogRhythm, preferred. Requirements - Demonstrated analytical and problem solving skills required. - Strong interpersonal, verbal and written communication skills required. - Self-motivated and directed required. - Dedication to continued learning required. - Ability to effectively prioritize and execute tasks in a high-pressure environment required. - On-call rotation required. - Knowledge of intrusion detection systems, system administration, network protocols and industry-standard techniques and practices preferred. Company Description The University of Rochester is committed to fostering, cultivating, and preserving an inclusive and welcoming culture to advance the University’s Mission to Learn, Discover, Heal, Create – and Make the World Ever Better. In support of our values and those of our society, the University is committed to not discriminating on the basis of age, color, disability, ethnicity, gender identity or expression, genetic information, marital status, military/veteran status, national origin, race, religion, creed, sex, sexual orientation, citizenship status, or any other characteristic protected by federal, state, or local law (Protected Characteristics). This commitment extends to non-discrimination in the administration of our policies, admissions, employment, access, and recruitment of candidates, for all persons consistent with our values and based on applicable law.
• plan, implement, upgrade, or monitor security measures for the protection of computer networks and information • specialize in endpoint security, vulnerability management, and application security • ensure that appropriate security controls are in place and safeguard digital files and vital electronic infrastructure • respond to computer security incidents and malware • Windows endpoint administration: Windows patches, 3rd Party Patches, Firewall, Vulnerability management • Manage Active Directory / Group Policy infrastructure • Mobile device management: Encryption, Multi-Factor authentication • Provide computer security consulting support for the university • Monitor security logs on all systems and address any incidents or anomalies recorded • Document computer security and emergency measures, policies, procedures, and testing protocols • Assure end-point protection software is kept current in accordance with departmental policy • Analysis of applications/software/policies in enterprise environment and the effects of workflows to the end-user • Ability to use powershell to automate security processes, parse security logs, and secure the environment • Confer with users to discuss issues such as computer data access needs, security violations, and programming changes • Coordinate implementation of computer system plan with establishment personnel and outside vendors • Monitor use of data files and regulate access to safeguard information in computer files • Desktop architecture • Microsoft Server and Active Directory administration • Group policy management • Building and deploying secure golden OS images
GovCIO is a service-disabled-veteran-owned small business (SDVOSB) that offers technology services to improve business performance for government organizations.
Role Description GovCIO is currently hiring for a remote Cyber Threat Analyst to support the US Courts. This position will be within the United States and will be fully remote. - Conduct cyber threat analysis, identify mitigation and/or remediation courses of action; develop actionable intelligence used to protect organizational IT assets. - Utilize Threat Intelligence and Threat Models to create threat hypotheses. - Prepare and report risk analysis and threat findings. - Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. - Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise. - Proactively and iteratively search through systems and networks to detect advanced threats. - Analyze host, network, and application logs in addition to malware and code. - Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). - Bring a comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cybersecurity posture of the IT operating environment. - Implement defined procedures for remediation, or make an informed decision to escalate. Qualifications - Bachelor's with 8+ years of cyber threat analysis experience (or commensurate experience). - The candidate should have at minimum ONE of the following certifications: - Certified Information System Security Professional (CISSP). - SANS - GCIA Intrusion Analyst. - SANS - GREM Reverse Engineering Malware. - SANS - GISF Security Fundamentals. - SANS - GXPN Exploit Researcher and Advanced Penetration Tester. - SANS - GMON Continuous Monitoring Certification. - OSCP (Certified Professional). - OSCE (Certified Expert). - OSWP (Wireless Professional). - OSEE (Exploitation Expert). - CCSP Certified Cloud Security Professional. - LPT Licensed Penetration Tester. - ECSA EC-Council Certified Security Analyst. Requirements - Clearance Required: Must be able to attain and maintain an AOUSC Public Trust. Benefits - Posted Salary Range: USD $108,310.00 - USD $160,000.00 /Yr.
Role Description A fast-growing healthcare services company is undergoing its first SOC 2 audit and building its information security program from the ground up. The organization operates in a HIPAA-compliant, high-trust environment and is now taking on enterprise clients who require formal compliance credentials. We are placing one Security Analyst / Compliance Lead as a dedicated, embedded resource. This person will function as an extension of the internal team — owning day-to-day security operations and SOC 2 evidence collection. This is a hybrid role, not a senior architect or vCISO seat, and it does not involve facing the auditor directly. What You Will Do - Upload and manage security policies within a leading compliance automation platform - Gather, organize, and upload evidence for SOC 2 controls across the defined audit scope - Map evidence to applicable Trust Service Criteria; identify and flag gaps - Support remediation efforts and compensating controls as audit findings surface - Monitor and triage EDR alerts; perform initial investigations on security incidents - Execute incident response procedures in accordance with the client's IR plan - Handle ad hoc security and compliance tasks as directed by client leadership - Support the team in establishing repeatable security processes as the program matures Qualifications - Hands-on experience with SOC 2 compliance — familiarity with Trust Service Criteria, evidence collection, and control mapping - Proficiency with Vanta or a comparable GRC / compliance automation platform - Working knowledge of CrowdStrike or comparable EDR platforms for alert triage and basic incident response - Understanding of HIPAA compliance requirements and high-trust environments - Ability to translate technical security controls into audit-ready documentation - Strong organizational skills — able to independently manage a large volume of evidence across multiple control areas - Available to start mid-July 2026 and commit through December 31, 2026 - U.S.-based, available to work fully remote Preferred Qualifications - Prior experience in a healthcare or health services organization - Familiarity with third-party audit firms and evidence submission processes - Exposure to additional frameworks such as ISO 27001, NIST RMF, GDPR, or PCI DSS - Experience with Azure environments or cloud-hosted infrastructure - Background in GRC (Governance, Risk, and Compliance) in addition to hands-on security operations What This Role Is Not - Not a senior security architect or vCISO seat — this is a mid-level, hybrid role - Not the primary interface with the auditor — client leadership owns that relationship - Not initially scoped for vulnerability management or third-party risk — those may be added as the engagement grows
Integreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of over 3,000 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our team’s experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.
Role Description Integreon is a leading provider of Document Review services to the post-breach Cyber Incident Response value chain. Following a breach, in cases of data exfiltration, potentially accessed documents need to be reviewed for exposure of PII/PHI wherein individuals or entities need to be notified within stipulated timelines as per jurisdictional requirements. This entails review of documents on a platform (e.g., Relativity) and extraction of defined data points as directed by a protocol. This is a great opportunity to work with the top managed review group in the industry! - Review documents on Relativity platform and identify/capture Personal Identifiable Information (PII) and Protected Health Information (PHI) as per protocol. Qualifications - Must be located within the United States. - Work in a team led by a Review Manager who will provide guidance, monitor progress, provide feedback, and answer questions. - Must be available online during core hours, as set by the Review Manager; there may be some flexibility in hours. Requirements - Use of basic Microsoft Office tools. - High-speed internet connection. - Quiet, private workspace. - Ability to work 40 hours per week, with the possibility of overtime/weekend work. - Previous data breach/incident response review experience required. - Relativity proficiency preferred. - Experience working with sensitive information. Benefits - Pay Range: USD $19.00 - USD $20.00 /Hr. Company Description Integreon is a trusted, global provider of award-winning legal and business solutions to leading law firms, corporations, and professional services firms. Our highly trained, experienced staff of around 3,500 employees globally service a comprehensive range of client needs that require scale and expertise, enabling clients to become more operationally efficient. Integreon works with corporations and law firms who rely on our experience and expertise in documents, administrative and business services. With delivery centres on three continents, Integreon offers multi-lingual, around-the-clock support, as well as onshore, offshore, and onsite delivery of our award-winning services.
1,959more opportunities are still waiting for you.Log in now and take your next shot before someone else does.
Microsoft Windows, Observability/Monitoring, SIEM, Microsoft Office, Cyber Security, Python