Cyber Resilience for
Complex Ecosystems

  1. Home
  2. »
  3. Careers
  4. »
  5. Current Openings

Current Openings

Purpose-Driven Careers

For the cyber elite

ShorePoint team members are handpicked for their expertise and for their ability to collaborate, communicate, and adapt when our Federal customers face complex and evolving challenges, obstacles, and threats.

#JoinTeamShorePoint! Explore our current openings and apply to begin your journey with us.

Open Positions

Cybersecurity & Cloud Engineer

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Cybersecurity and Cloud Security Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Cybersecurity and Cloud Security Engineer will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.

What you’ll be doing: 

  • Performs analysis, design, and development of security features for system architectures
  • Designs, develops, engineers, and implements solutions that meet security requirements of agency customer
  • Analyzes general security-related technical problems and provides engineering and technical support in resolving such problems
  • Ensures that all information systems are functional and secure

What you need to know:  

  • Experience performing analysis of proposed changes to security controls
  • Ability to support security workflows by performing analysis (e.g., DLP, SafeLinks, log file reviews)
  • Experience and ability to configure, implement, and maintain security tools
  • Prior experience analyzing security tools (e.g., Microsoft Sentinel, Microsoft Defender for Cloud, Azure Information Protection) to ensure they align with agency policies and procedures and are properly configured (ex. Microsoft Secure Score, Guard Duty, etc)
  • Ability to continuously research, engineer and recommend areas for improvement to the agency’s security environment and toolset
  • Experience providing support to incident response and security operations by coordinating with agency service providers and agency directly during investigations
  • Experience with developing and ability to run security tests on cloud resources (ex. Data loss prevention, security configuration) using native tools

Must have’s: 

  • Minimum of 5 years of IT Security experience, preferably in a security engineering or cloud engineering role
  • Degree in Computer Science, Information Systems or related discipline from an accredited college or university required
  • Certification in information technology security (e.g., CISSP or CISSM)
  • Excellent written and verbal communications skills including the ability to communicate effectively with internal stakeholders
  • Experience with NIST 800 series publications
  • Ability to obtain federal agency required clearance

Where it’s done: 

  • Herndon, VA or Remote

Business & System Owner Support Analyst

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Business and System Owner Support Analyst who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Business and System Owner Support Analyst will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.

What you’ll be doing: 

  • Provides the business and system owners cyber security guidance and recommendations
  • Assist the business and system owners with navigating and completing IT and cyber
  • security tasks
  • Serve as a liaison between the business owner, system owner and cyber security staff
  • Provide security support and guidance to the agency business and systems owners
  • Drafts waivers to approve deviations from policies and risk acceptance memos
  • Support the business owner by monitoring for changes to FIPS 199 data types
  • Support the business owner with drafting and maintaining policies and procedures governing the generation, collection, processing, dissemination, and disposal of the information stored and process by the information system
  • Support the business owner with drafting the rules for appropriate use and protection of the information processed by the information system (Risk Management Framework Procedures)
  • Supports the business owner with determining content that is approved to be released publicly
  • Defines and documents the types of accounts allowed and specifically prohibited for use within the system
  • Reviews system access requests and provides approval/ disapproval recommendation to the System Owner and Business Owner
  • Reviews system accounts against account management requirements and provides recommendations

What you need to know:  

  • Experience determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; or preparing cost estimates.
  • Ability to implement cybersecurity systems and infrastructure by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; or completing documentation.
  • Ability to verify and harden cybersecurity systems by developing conducting test procedures as required
  • Ability to implement information security requirements for IT systems through the Risk Management Framework (RMF).
  • Excellent written and verbal communications skills including the ability to communicate effectively with internal stakeholders.
  • Experience with NIST 800 series publications

Must have’s: 

  • Minimum of 10 years of relevant IT Security experience
  • BS in Computer Science, Information Systems or related discipline from an accredited college or university required
  • Certification in information technology security (e.g., CISSP or CISSM)
  • Ability to obtain federal agency required clearance

Where it’s done: 

  • Herndon, VA or Remote

SOC Analyst (Tier 3)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a SOC Analyst (Tier 3) who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The SOC Analyst (Tier 3) will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.

What you’ll be doing: 

  • Provide first line SOC support with timely triage, routing and analysis of SOC tasks
  • Researches, develops, and monitors custom visualizations
  • Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives
  • Tunes and develops SIEM correlation logic for threat detection
  • Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style.
  • Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks.
  • Produce and review aggregated performance metrics
  • Perform Cyber Threat Assessment and Remediation Analysis
  • Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data
  • Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise
  • Investigate network and host detection and monitoring systems to advise engagement processes
  • Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions
  • Participate in on-call rotation for after-hours security and/or engineering issues
  • Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions
  • Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods
  • Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection
  • Participate in on-call rotation for after-hours security and/or engineering issues
  • Collaborate with incident response team to rapidly build detection rules as needed
  • Responsible for supporting 24x7x365 SOC operations including but not limited to: Alert and notification activities- analysis/triage / response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported Incidents
  • Perform analysis across all security tools, uncovering attack vectors involving a variety of malware, data exposure, and phishing and social engineering methods
  • Monitoring/triage security events received through alerts from SIEM or other security tools; escalate and support to IR as appropriate
  • IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarmsReview and reporting on anomalous patterns (Hunting) across all security tools / SIEM
  • Develop in in-depth understanding of customer and SOC operations requirements and policies
  • Ensure reports are properly entered into the tracking system
  • Perform customer security assessments
  • Supporting incident response or remediation as needed
  • Participate and develop and run tabletop exercises
  • Perform lessons learned activities
  • Supporting ad-hoc data and investigation requests
  • Composing reports, updates, security alert notifications or other artifacts and documents as needed

What you need to know: 

  • Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the Mitre Attack Framework
  • Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents
  • Support alert and notification triage, review/analysis through resolution / close
  • Manage multiple tickets/alerts in parallel, including end-user coordination
  • Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response
  • Solid understanding and experience analyzing security events generated from security tools and devices not limited to FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat
  • Experience and solid understanding of Malware analysis
  • Demonstrated proficiencies with one or more toolsets such as Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana
  • Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs)
  • In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources
  • Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development
  • Experience with bash, python, and Windows Powershell scripting
  • Demonstrated experience with triage and resolution of SOC tasks, including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools – alert analysis
  • Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources
  • Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools
  • Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk.
  • Solid understanding and experience analyzing security events generated from security tools and devices not limited to: Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC
  • Experience and solid understanding of Malware analysis
  • Understanding of security incident response processes

Must have’s: 

  • Ability to support working hours: 8:45 AM – 5:15 PM Eastern Time
  • Ability to participate in a rotating SOC on-call; rotation is based on number of team members
  • Minimum of Twelve (12) years technical experience
    • 7+ years of SOC
    • 3+ years of rule development and tuning experience
    • 1+ years Incident response
  • Ability to obtain federal agency required clearance

Beneficial to have the following:

    • GIAC-GCIH – Global Certified Incident Handler
    • GIAC-GCFE – Global Information Assurance Certification Forensic Examiner
    • GIAC-GCFA – Global Information Assurance Certification Forensic Analyst
    • GIAC-GREM –  GIAC Reverse Engineering Malware
    • GIAC-GNFA – GIAC Network Forensic Analyst
    • GIAC-GCTI – GIAC Cyber Threat Intelligence
    • GIAC-GPEN – GIAC Certified Penetration Tester
    • GIAC-GWAPT – GIAC Certified Web Application Penetration Tester
    • CEPT – Certified Expert Penetration Tester (CEPT)
    • CASS – Certified Application Security Specialist (CASS)
    • CWAPT – Certified Penetration Tester (CWAPT)
    • CREA – Certified Reverse Engineering Analyst (CREA)

Where it’s done: 

  • Herndon, VA or Remote

Elasticsearch Engineer

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking an Elasticsearch (Elastic/ELK/ECE) Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Elasticsearch (Elastic/ELK/ECE) Engineer will have the opportunity to be exposed to all aspects of Systems Engineering and will be encouraged to grow as the organization expands.

What you’ll be doing:

  • Responsible for working with the Integration, and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) Enterprise solutions deployed in the Cloud or on-premises environment
  • Work closely with architects, engineers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with data requirements
  • Follow life cycle processes to move solutions from Dev to Test to Production.
  • Participate in group sessions as well as attend and share in agile sprint daily meetings to track progress to ensure development of solutions is in support of the project and customer requirements.
  • Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
  • Configure and maintain Linux based Operating system files in support of the Elasticsearch products (yum updates and product version upgrades)
  • Install and configure an Elastic Cloud Enterprise solution and ensuring communication and integration among the Elasticsearch products and data sources.
  • Document the installation and configuration for deployment
  • Secure the solution by being familiar with TLS, certificates, SSO/PIV authentication, and encryption technologies
  • Work with the data lifecycle management team
  • Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime
  • Work with a team and provide analysis of alternatives and progress status in daily sprint meetings
  • Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner
  • Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface
  • Recommend enhancements and modifications to optimize business intelligence processes

What you need to know:

  • Software Development using Java with an IDE (e.g. Eclipse, CodeReady)
  • Parsing File formats (e.g., JSON, XML, and CSV)
  • SQL SERVER database design, programming, tuning, writing SQL queries/procedures
  • Developing/automating test procedures
  • Web services client development using REST API
  • Release Management and build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN)
  • Secure coding practices including use of encryption (e.g., Certificates, TLS Connections)

Must have’s:  

  • BS in Computer Science or related field Experience required
  • 2+ years of experience
  • Must be a US citizen (non-dual citizenship)
  • Able to obtain and maintain agency required clearance

Beneficial to have the following:  

  • Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI
  • Experience with Messaging Queues (e.g., RabbitMQ)
  • Experience with Microsoft SQL
  • Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok)
  • Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH
  • Understanding of interrelationships between critical infrastructure protection and cybersecurity
  • Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF)

Where it’s done:

  • Reston, VA (REMOTE)

Applicants have rights under Federal Employment Laws. For more information please see: