Top Cybersecurity Jobs

Provide cybersecurity and RMF engineering support for Air Force systems: supervise troubleshooting, manage security controls and infrastructure, lead risk and vulnerability assessments, develop ATO/SSP evidence, track POA&Ms, implement continuous monitoring in IL5-ready environments, and collaborate with development teams to select and deploy secure controls and detection capabilities.

The Cybersecurity Quality Engineer supports the integration of cybersecurity in product development, ensuring adherence to quality standards and regulatory requirements, while maintaining documentation and participating in cross-functional collaboration.

Support cybersecurity compliance, hardening, and RMF processes for mission-critical platforms. Integrate security into CI/CD, perform vulnerability scanning and remediation tracking, maintain security artifacts (POA&Ms), assist incident response, and implement secure network and IAM controls aligned with DoD/IC requirements.

Provide technical leadership for system security lifecycle: system categorization, security controls selection/implementation/assessment, and ATO for cybersecurity tools. Design and implement enterprise network defense using layered defense and zero trust. Manage teams and complex tasks. Configure and operate IDS/IPS, HBSS, SIEM, firewalls, proxies, DNS security, web/email security, advanced log and packet analysis, network monitoring and access control.

Support cybersecurity team by assisting with policy implementation, monitoring alerts, conducting vulnerability assessments, deploying and maintaining security software, and participating in training and awareness programs.

Perform advanced SIEM engineering and threat detection using Splunk (including Enterprise Security), build queries, dashboards, and correlation searches, investigate incidents, tune and maintain Splunk infrastructure, collaborate with IT/network teams, leverage endpoint security tools (Trellix/HBSS), document findings and recommend remediation, and stay current on cybersecurity threats and best practices for classified on-site work.

Provide legal counsel on cybersecurity, privacy, and information security matters; advise on cyber requirements in government and commercial contracts; support incident response, compliance frameworks, and enterprise cybersecurity initiatives; develop training and monitor regulatory developments while collaborating with legal, cybersecurity, and business stakeholders.

Perform onsite 12-hour-shift cybersecurity monitoring and incident response using SIEM (Splunk preferred). Develop queries, dashboards, and use cases, investigate incidents, maintain Splunk infrastructure, collaborate with cross-functional teams, document findings, and improve security posture while supporting classified TS/SCI missions.

Lead cybersecurity systems engineering for the Sentinel program: decompose and trace cyber requirements, design baked-in protections, assess vulnerabilities, guide verification/validation and RMF artifacts, author cybersecurity program documentation, and support cybersecurity governance and risk management.

Support enterprise cyber risk program by facilitating risk acceptance with senior leadership, maintaining the risk register, performing qualitative risk analysis, evaluating control effectiveness, producing executive-ready presentations, and contributing to process improvement and program design.

Lead detection and response activities: analyze alerts and threat intelligence, serve as Incident Commander, coordinate containment/recovery, drive remediation with engineering teams, improve detection via automation and tuning, mentor teammates, and participate in on-call rotation.

Engineer and manage security tools (Tenable, Splunk, McAfee); evaluate and enforce cybersecurity policies; perform risk assessments, incident triage and coordination; conduct system hardening and security testing; develop and maintain security toolsets and posture assessments; monitor threats and recommend mitigations.

Design, implement, and manage network security and Palo Alto firewall configurations (including cloud deployments in AWS/GCP/Azure). Monitor traffic and alerts, investigate and respond to incidents, enforce security policies, document changes, and collaborate with IT/security teams to maintain continuous monitoring and compliance.

Design, implement, and manage NSA CSfC-compliant secure communications for Data-at-Rest and Data-in-Transit. Create architectures, perform risk/vulnerability assessments, troubleshoot CSfC implementations, produce technical documentation, and collaborate with stakeholders to ensure classified data protection and compliance.

Manage a 24x7 SOC for federal customers: lead incident detection, triage, analysis, and escalation. Maintain SIEM and monitoring tools, develop TTPs, enforce policies, conduct risk assessments, drive SOC process improvements, and communicate incidents and summaries to leadership while ensuring compliance with DoW contract requirements.

Designs, implements, and maintains on‑premises and cloud cybersecurity infrastructure (Windows/Linux). Deploys AWS services, engineers NDR/EDR/NGFW/IDS solutions, creates architecture diagrams and roadmaps, supports security assessments and authorization, leads technical exchanges, and may lead teams while developing test plans and modernization strategies.

Lead identity and access management across Azure/Entra ID, on‑prem Active Directory, Okta, and Microsoft 365. Administer Azure platform services, implement RBAC, MFA, SSO and conditional access, ensure security/compliance, perform monitoring/troubleshooting, automate with PowerShell/Azure CLI, support incident response, and mentor junior engineers.

Support USPACOM J6 MPE engineering and integration: translate mission requirements into technical plans, support RMF documentation and POA&M, validate security controls, perform vulnerability and risk analysis, and produce technical briefings and recommendations for stakeholders.

Lead enterprise identity and access management for Azure AD/Entra ID, on‑prem Active Directory, Okta, Azure, and M365. Implement SSO, MFA, Conditional Access, RBAC, and identity governance; automate with PowerShell/Azure CLI; monitor, troubleshoot, and secure environments; participate in audits and incident response; mentor junior engineers.

Lead cybersecurity engineering for DTRA DSMS: advise leadership on risk and posture, coordinate inspections and compliance, develop policies and SOPs, report metrics, and architect/implement security platforms (Splunk, Palo Alto) and cloud security (AWS/Azure).

Monitor, triage, investigate, and respond to security alerts across endpoints, cloud, and networks. Administer security tools (EDR/XDR, SIEM, Azure Sentinel, PIM/PAM), tune detections, support incident containment and remediation, assist threat hunting and playbook development, and help maintain compliance with CMMC/NIST/DFARS while documenting investigations and collaborating with IT and engineering teams.

Lead and build IT and cybersecurity program management for DoD-aligned initiatives. Establish Disciplined Agile frameworks, governance, and PMO foundations; manage end-to-end delivery, compliance (NIST 800-171/CMMC, ITAR/EAR, CUI), contracts (FAR/DFARS), risk, schedules, and cross-functional teams; support customer communications, accreditation, and proposal/capture activities.

Monitor, triage, investigate, and respond to security alerts across endpoints, cloud, and networks. Administer SOC tools (EDR/XDR, SIEM, Azure Sentinel), assist containment and remediation, tune detections, support compliance (CMMC, NIST 800-171, DFARS), and collaborate with IT and engineering to improve security posture.

Monitor, triage, investigate, and respond to security alerts across endpoints, cloud, and networks. Administer SOC tools (EDR/XDR, SIEM, Azure Sentinel), support incident response, threat hunting, detection rule tuning, vulnerability tracking, compliance (CMMC, NIST 800-171, DFARS), and collaborate with IT and engineering to improve security posture.

Build and operate cloud security posture and related platforms; co-own enterprise cybersecurity programs; perform security architecture reviews; design and implement cloud security solutions (IAM, network, data protection, DevSecOps); automate security processes; advise IT on secure infrastructure and compliance with frameworks; maintain relevant certifications. On-site hybrid role in Los Angeles.