ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Senior Digital Forensics Analyst. The Candidate will be versed enough in their skills to implement detection measures using data from a wide spectrum of sources and advanced techniques and procedures against all forms of mobile devices. The candidate will also perform opportunistic threat hunting and forensic analysis when required during incidents.

Roles and Responsibilities 

• Review and complete inventory of mobile devices and applications and how security is measured
• Develop mobile monitoring by using any form of collection such as entry log-in, network and host-based data to drive detection and response capabilities
• Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
• Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
• Aid the Ops Watch team in response to incidents by analyzing host behavior and network traffic
• Authorized to view audit records and other SysLogs and action records
• Assess security connectivity and risk areas

Required Skills 

• Knowledge of Incident Response Procedures
• Understanding of mobile device, architecture and security compliance applied
• Be able to correlate data to help detect, remediate, monitory and feedback changes in TTPs
• Monitor emerging threat technologies and adversary strategies
• Determine best methods of detection using a combination of Log Aggregation Tools, scripts and manual surveillance techniques
• Be able to aid forensic team in opening mobile devices as part of Incident Response analysis
• Explores patterns in network and system activity via log correlation using Splunk and supplemental tools
• Compiles and maintains internal standard operating procedure (SOP) documentation.
• Provides network intrusion detection and monitoring, correlation analysis, incident response and support for the Cybersecurity Service Provider (CSSP) and its subscriber sites
• Validates suspicious events or reports and determine if the event constitutes an incident and properly enter associated data into the appropriate reporting systems

Desired Skills

• Ensures tool provides ability to properly analyze, perform and timely and accurately report of the incident is completed
• Logical thinking and analytical ability
• Verbal and written communication ability
• The ability to solve problems independently
• Functional knowledge with mobile forensics tools such as Cellebrite, FTK and EnCase

Education Requirement

• Bachelor or Graduate degree in Cybersecurity, Computer Science, Information Systems

Location 

• Washington D.C.

Security Clearance

• Must have a Top-Secret Clearance with SCI Eligibility

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Cybersecurity Engineer who have experience designing, deploying and operating security tools in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Roles and Responsibilities

• Design, deploy, operate and maintain CDM tools and new capabilities in enterprise on premise and Cloud environments including: ForeScout, McAfee ePO (MVM and Application Control), IBM Big Fix, Service Now, RedHat FUSE, Splunk, Tenable Security Center, Vormetric, SailPoint, CyberArk, Venafi, Elastic, IBM MaaS360, AirWatch, Microsoft Intune, or equivalent security tools and products as required
• Develop installation, configuration, and deployment methods including scripting, use of APIs, orchestration, automation, and database services to support the integration and configuration of CDM applications and security technologies
• Work with architects, integration engineers, and developers to design solutions and improve data quality, security, and compliance or extend current capabilities and offerings to customers
• Work closely with management support teams and customer network and operations teams to establish and document requirements to complete implementation and configuration tasks
• Ability to perform extract, transform, and load (ETL) operations to retrieve and enrich data from existing hardware, software, vulnerability, configuration settings, privilege management, credential management, trust, and behave/training systems
• Assess system designs to validate them against expected technical parameters
• Create solutions to improve data quality, security, and compliance or extend current capabilities and offerings to customers
• Identify, analyze, define, and coordinate user, customer, and stakeholder needs and translates them into enterprise hardware and software requirements
• Identify and manage solution dependencies with other systems and elements of the enterprise IT infrastructure
• Identify technical risks and develop mitigation strategies
• Perform functional, requirements and product analysis, assist to establish interface definitions and translate customer needs into hardware and software requirements
• Perform data validation, analysis, warehousing, and data mining
• Accomplish extract, transform, and load operations to retrieve enrichment content from existing hardware, software, system boundary inventories
• Develop and maintain detailed installation documentation and SOPs as required
• Experience working with databases (Microsoft SQL Server), understanding of DB structures, data types, and creating complex SQL DB queries
• Ability to troubleshoot broad-ranging issues (operating systems, network, firewall, COTS products, access and authentication
• Provide tool operations and maintenance support, Tier 3 customer support, and act as the subject matter expert
• Provide Tier 3 support to customers and act as the subject matter expert
• Provide mentoring and support to other engineers

Desired Skills

• Experience with 3rd party tool integration using APIs and Database connections
• Ability to troubleshoot wide-ranging issues that cross team boundaries (OS, hardware, network, storage, firewall, COTS layers, customer access/authentication)
• In-depth experience with integrated security system architecture using general IT security concepts, network security and monitoring practices/methodologies
• Experience presenting material to senior management level and proficiency in the use of Microsoft Office applications
• Applicable Vendor Certified Administration certification is a plus
• Security+ and/or equivalent related IT Certification
• Effective communications skills, both oral and written
• Experience leading technical discussions with internal and external customers
• Experience in one or more scripting or programming language: Python, Java, UNIX shell, PowerShell
• Experience and use of the key technologies relevant to API and application configuration or integration including SSL, DHCP, Active Directory, LDAP, JDBC, ODBC
• Understanding and use of Microsoft SQL database, database definition, procedures, and advanced SQL
• Understanding of networking technologies including LAN/WAN, wireless, and VPN.
• Understanding of security design, network security architecture, network topology, and understanding of TCP/IP protocols; OSI model
• Experience with DHS Continuous Diagnostics and Mitigation (CDM) a plus
• Experience with AWS Cloud, Azure Cloud, or Cloud implementations and environments
• Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management
• Ability to research and address information security issues as required as an authority on the subject

Years of Experience Requirement

• 10 years of experience in Information Technology
• 3-5 years of hands-on experience with the design and implementation of cyber security tools

Location

• Reston, VA

Security Clearance

• Must be a U.S Citizen

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Cloud Engineer (Customer Facing) who have experience desiging and implementing cybersecurity services in a cloud environment within the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. This position is a key contributor to a dynamic, agile team and part of a larger development effort for a multi-year, well-funded government cybersecurity program.

Roles and Responsibilities 

• Able to create and deliver presentations and demonstrations to both technical and non-technical audiences
• Apply data-driven monitoring, detection, and response capabilities (endpoint detection & response, IDS/IPS, etc)
• Be familiar with Agile/Scrum methodologies and best practices in order to engage with leadership and government clientele on project development
• Have extensive experience with monitoring tools such as Elasticsearch / Elastic Stack (ELK), ECE, Splunk, CloudWatch, etc. in order to engage with project monitoring and incident response activities
• Has a thorough understanding of data transit between APIs (data ingest, indice frameworks), data normalization and cleansing concepts, and the networking and software implications
• Experience in ephemeral software concepts and tooling, including but not limited to: docker, ECS/EKS, and Fargate
• Be able to leverage Infrastructure as Code (IaC) tools such as Ansible, CloudFormation, Terraform, Chef, etc. to structurally automate build requisite infrastructure
• Leverage scripting languages such as Bash, Python, JavaScript, PowerShell, JSON, YAML, etc. to interface a variety of tooling together into a comprehensive package wherever applicable
• Be able to leverage Docker toolset to design, implement and deliver containerized services, troubleshoot failure modes and resolve system/architectural issues
• Have familiarity with implementing STiGs and other security requirement guides to harden both Windows and Linux operating systems
• Be able to create and maintain custom Amazon AMIs that incorporate DoD STIG requirements
• Experience configuring and deployment Virtual Desktop Infrastructure within hybrid environments
• Integrate multiple software products across cloud and hybrid environments
• Closely coordinate and communicate with team as well as sponsors for effort
• Ability to brief and engage directly with sponsors and their supporting staff regarding technical support work and architecture design of cloud environments

Required skills 

• Experience with information security/information assurance policies, principles, and practices (NIST Special Publications: Risk, Security, and Privacy as a basis) in cloud environments including network firewalls, access control lists, encryption, auditing and monitoring, and compliance scanning
• Familiarity with FedRAMP, the MITRE ATT&CK framework and other security frameworks is beneficial

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Tenable Security Engineer who has experience operating and maintaining Tenable security suite for purposes of managing security configuration settings against defined security hardening guidance and on compliance status in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Required skills

• Experience with maintaining, optimizing, and troubleshooting the Tenable solution currently deployed in a UNIX environment, including Tenable.sc, Tenable.io, NNM, LCE, Nessus Manager, Agents, and Scanner
• Experience with deploying, configuring, and maintaining Nessus agents in an enterprise environment, including the application of best practices for schedules and integration with Tenable.sc
• Experience with supporting upgrades of Tenable.sc, Nessus Manager, Nessus scanners, LCE, and PVS
• Experience with performing security compliance and vulnerability assessments specifically developing and applying STIG or CIS baselines for various operating systems, including Windows or RHEL and CentOS
• Experience with configuring authentication methods, including PIV, SAML and LDAP, and development of role-based access controls (RBAC)
• Experience with performing enterprise-wide networking scanning, agent scan, container, including credential scan of UNIX, Windows, Network devices, and VMware
• Ability to provide design and architectural guidance for tool capabilities during technical stakeholder meetings
• Ability to prepare and maintain solution documentation, including security, configuration, and CONOPS

Desired skills 

• Experience with using Tenable APIs, integrating tenable products and automating daily activities
• Experience with creating dynamic asset, dashboards, and reports
• Experience with administering Windows and UNIX in an enterprise environment
• Experience with using security tools and technologies, including Domain Naming Service (DNS), Active Directory (AD), Windows PowerShell, Windows credential stores, Microsoft Certificate Authority, Python, REST, JSON, SOAP, Shell Scripting, TCP stack, and Wireshark

Roles and Responsibilities

• As the Elastic Product Owner, you will lead the Elasticsearch deployment in the cloud and on premise
• Collaborate with Data Architects and Data Scientists to help design our Elasticsearch systems
• Ability to develop the solution with the end-state in mind
• Optimize the deployed solutions; such as view customization, search tuning and schema mapping
• Works closely with other service area leads to ensure deployed solutions remain capable of meeting ongoing and future requirements
• Champion development and implementation of quality controls and standards
• Develop, recommend and implement metrics/measures to tune and show improvements to data ingestion, parsing, transformation and visualization
• Maintaining high-level oversight on data quality metrics and deliverables
• A strong understanding of Project Management, Kanban Boards and Agile methodologies
• Escalate issues to project leaders as per established project and corporate requirements
• Provides technical leadership for the Data integration into the ELK Stack

Required Skills

• Experience in architecting, designing, developing solutions using the ELK (Elasticsearch, Logstash and Kibana) stack in a production environment
• Hands-on configuration, deployment, integration, and maintenance of systems using Kafka, Logstash, Elasticsearch, Kibana and REST API integration
• Understanding of installation, system level tasks, handling data collections, network issues, data pipes, and cluster level administration
• Proven experience with Python
• Ability to perform data related benchmarking, performance analysis and tuning
• Experience in cloud IaaS environments such as AWS, GCP or Azure
• Experience developing code releases using Agile/Scrum software development methodologies
• Detail-oriented with excellent writing, verbal, and technical skills
• Proven ability to lead small- to medium-sized development teams (5-15 people) to prioritize and accomplish business and mission objectives
• Expert level communicator to all levels of personnel

Desired Skills

• Excellent understanding of database administration and data management functions
• Prior experience in data conversion, data migration, requirements gathering, data mapping and data source gap analysis
• Experience optimizing software to run fast, be reliable and fail safely

Roles and Responsibilities

• Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
• Deploying additional Elastic clusters using infrastructure as code (Ansible playbooks)
• Maintain, secure, and upgrade ECE deployments
• Integrate log and sensor data into ELK
• Data modeling, query development and optimization, cluster tuning and scaling with a focus on fast search and analytics at scale
• Streamline cybersecurity tactics, techniques and procedures
• Create dashboards and reports in ELK
• Leverage data analytics can machine learning algorithms for cyber operations
• Provide adoption awareness and training for the ELK SIEM
• Working with a multi-tenant platform and working with tenants to understand requirements
• Providing subject matter expertise to assist the rest of the team in their roles

Required Skills

• 4+ years of experience with IT with a focus in Linux sysadmin, databases, containers or cyber operations
• 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Kafka, Logstash, Beats, Elasticsearch, Kibana, or Splunk
• Knowledge of planning and executing data retention and life cycle management plans
• Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
• Knowledge of information retrieval and/or analytics domain
• Experience with load balancing, DNS, TLS certificate generation and SAML integration.
• Experience working with data solutions in a public sector
• Excel at working directly with customers to gather, prioritize, plan and execute solutions to customer business requirements as it relates to our technologies
• Familiar with SOC operations, open-source security frameworks, and Linux

Roles and Responsibilities

• Conducts independent comprehensive assessments of the management, operational, and technical security/privacy controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).

Required Skills

• Extensive experience conducting security control assessments using NIST SP 800-53, including preparation of complete authorization packages.
• Strong technical skills in performing security reviews, identifying gaps in security architectures, and developing a security risk management plan.
• Expertise in technical security assessment techniques, tools, and practices.
• Experience performing risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Extensive experience in reviewing authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
• Experience in developing security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
• Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
• Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
• Must be able to multi-task, work independently and as part of a team, share workloads,and deal with sudden shifts in project priorities.
• Three (3) years experience with conducting Cloud Assessments.
• In depth understanding of and experience reviewing security baseline configurations.

Desired Skills

• Deep knowledge in the following areas: network and host based firewalls, intrusion detection/prevention systems, data loss prevention, vulnerability scanning, anti-malware and spam protection, secure data transmission technologies, and network monitoring/protection solutions.
• Deep understanding and proficiency in network security architecture concepts including topology, protocols, components, and principles.
• Knowledge of modern software development and deployment practices including unit testing, continuous integration and continuous deployment.
• Skill in designing security controls based on cybersecurity principles and tenets.
• Ability to effectively interact with various levels of senior management is necessary.
• Experience as a member of a certified FedRAMP Third-party Assessment Organization (3PAO) desired.
• Experience with McAfee Policy orchestrator

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Engineering Technical Lead/ Technical Architect who is a motivated individual with strong technical competency that will guide an integrated approach to all Enterprise Solutions and Solutions Architecture support services.  The candidate will also perform Security application and System Administration support for a variety of security tools for a customer in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Ensures that the security requirements necessary to protect the organization’s mission and business processes are properly addressed in all aspects of enterprise architecture. This includes reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

Required Skills

• Experience with Security Assessment and Authorization process
• Experience in designing countermeasures to identified security risks
• Experience designing the integration and optimization of hardware and software solutions in an enterprise environment
• Experience configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware)
• Experience using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic)
• Experience applying methods, standards, and approaches for describing, analyzing, and documenting an organization’s enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF])
• Experience conducting vulnerability scans and recognize vulnerabilities and cyber threats in security systems and optimizing systems to meet enterprise performance requirements
• Experience applying security systems design, tools, methods and techniques
• Experience applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• Experience serving as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls

Desired Skills

• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of risk management processes and methodology (e.g., methods for assessing and mitigating risk)
• Knowledge of capabilities and requirements analysis
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL])
• Knowledge of CSP (AWS OR Azure)
• Knowledge of N-tiered typologies (e.g. including server and client operating systems)
• Knowledge of configuration management techniques
• Knowledge of Information Theory (e.g., source coding, channel coding, algorithm complexity theory, and data compression)

ShorePoint is seeking a Cybersecurity Analyst for a Federal client in Chantilly, Virginia. The Cybersecurity Analyst provides 24×7 analysis and collection of relevant incident information for further investigation and possible escalation, as well as logs, tracks, prioritizes, and reports cyber incidents according to standard incident reporting protocols and categories as outlined in the CSOC SOP. The Cybersecurity Analyst also provides support for internal/external investigations to include combining disparate data sources to identify anomalous trends and activities, and acknowledging and disseminating vulnerability alerts, bulletins, and other taskings.

ShorePoint is a Cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are  This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the Cybersecurity market.

Roles and Responsibilities

• Provides detection, identification, and reporting of possible cyber-attacks/intrusions, anomalous activities, and misuse activities
• Characterizes and performs analysis of network traffic and system data to identify anomalous activity and potential threats to resources
• Performs security event and incident correlation using information gathered from a variety of sources within the enterprise
• Performs cyber incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation
• Tracks and documents cyber incidents from initial detection through final resolution
• Analyzes and assesses damage to the data / infrastructure as a result of cyber incidents
• Performs cyber incident trend analysis and reporting

Required Skills

•  Proficient in Windows and Linux Operating Systems
•  Experience working in a Cybersecurity Operations Center environment
•  Experience with COTS technologies used in a Cybersecurity Operations Center environment
•  Working knowledge of current COTS Cybersecurity technologies
• Working knowledge of database and operations system security
• Understanding of latest security principles, techniques, and protocols
• Ability to function in a fast-paced environment and effectively manage mutliple tasks simultaneously; coordinating resources and ensuring scheduled goals are met
• Candidates must have excellent oral and written communication skills
• Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Principle Security Engineer (Elastic Stack Enterprise) who have experience with design, documenting, build, and securing of Elastic Stack solutions in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Roles and Responsibilities

• Responisible for working with the technical team to design, document, build, secure and maintain Elastic Stack Enterprise solutions (Elasticsearch, Logstash, Kibana, and Beats) deployed in the Cloud or on-premise to support federal agency production deployments
• Works closely with architects, engineers, developers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with dashboard data requirements
• Participate in group sessions as well as attend and share in agile sprint daily meetings in order to track progress to ensure development of solutions is in support of the customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations
• Configuring and maintaining Linux based Operating Systems in support of the Elasticsearch products (yum updates and product version upgrades)
• Working with a team and providing analysis of alternatives and progress status in daily sprint meetings
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner
• Develop and manage effective working relationships with other departments, groups and personnel with whom work must be coordinated or interface
• Recommend enhancements and modifications to optimize business intelligence processes

Required Skills

• Knowledge and experience using NoSQL and related solutions
• Experience with engineering and administrating the Elastic Stack (Elasticsearch,Logstash, Kibana, Beats) in production at scale (multi-node clusters, hot/warm architectures, index lifecycle management, snapshots, etc.)
• Experience managing Linux hosts (CentOS / RHEL 7.X preferred), to include securing to defined baselines (such as NIST 800-53, DISA STIGs, etc.)
• Experience with data lifecycle management, to include common ETL (Extract,Transform, Load) techniques, preferably with Logstash and Beats
• Experience planning and integrating data schemas and KQL / Lucene query syntax
• Experience developing custom visualizations (preferably in Kibana) to convey business analytics of value to customers
• Experience with automated configuration management tools (Ansible, Chef, Puppet, SaltStack) and containers/orchestration (Docker, Kubernetes), and version control systems (GitHub, GitLab)
• Experience with cloud infrastructure, preferably Amazon Web Services (AWS)
• Experience with implementation of and challenges with message queue technologies, such as Apache or Confluent Kafka, RabbitMQ, SQS, etc
• Proficiency with programming and scripting concepts, preferably in Python, for custom development and integrations
• Strong networking background with analytical and problem-solving/troubleshooting skills to effectively resolve problems both in development and production
• Experience working in DevOps structured and Agile organizations

Desired Skills

• Experience with RMF process a plus
• Experience with ECE/ECK a plus

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers, who demand experience and proven security models to protect their data. We are seeking Cybersecurity Engineers who have diverse experience and strong familiarity providing Cybersecurity assessment services utilizing a multitude of cyber tools, proven methodologies and industry best practices across the federal government space. This is a unique opportunity to grow and foster cyber skills, as well as shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. This position provides the opportunity to travel to client sites both locally and nationally.

Roles and Responsibilities

As part of the Cyber Assessments team, provide cybersecurity scanning and testing services, threat intelligence integration to provide cybersecurity customers with findings and information that informs the risk management and decision-making processes.

Required Skills

• Knowledge of host identification and exploitation of vulnerabilities
• Knowledge of phishing procedures
• Knowledge of script writing and crafting of payloads
• Knowledge of database operations and system/network administration
• In-depth knowledge and understanding of operation of assessment tools (including but not limited to Metasploit, Nmap, Burp Suite, Powersploit, and Cobalt Strike)
• Ability to operate in a critical fashion in dynamic environments
• Knowledge of FISMA and NIST 800 series standards
• In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing
• In-depth knowledge of the procedures of Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Assessments
• Advanced penetration testing knowledge such as payload development, technical research, and customized exploitation
• Serves as liaison and coordinates operations between the federal lead and the Level I contract support
• Serves as Subject Matter Expert for the team and guides operational tempo at the discretion of the Federal Lead
• Attends and participates in Briefings and Conference Calls with Federal lead before and after assessment, providing technical expertise when required

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a DevOps Engineer who has experience developing and managing the automated build system, automated deployment system, continuous integration environment, and continuous test environment for a suite of open source/COTS product configurations and custom code in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Roles and Responsibilities

• Work closely with Configuration Management Analysts and the Release Train Engineer to automate build/test/deploy processes from Dev->Test->Staging
• Deploying, integrating, and managing source control (Git/GitHub), continuous build/delivery (Jenkins), software quality tools (SonarQube), artifact hosting (Nexus), issue management (Jira), documentation/ collaboration (Confluence), automated testing (Selenium), and deployment of solutions (Open Source Java solutions and COTs configuration files)

Required Skills

• Expertise automating build/test/deploy processes
• Expertise in scripting deployments using bash scripting or similar
• Expertise with identification of controlled artifacts (configuration items) and implementation of standard CM control processes
• Experience with configuration management tools and technologies
• Expertise integrating Content Management systems and/or Wikis with SCM (for example JIRA integration with Confluence)
• Experience in system architecture and engineering disciplines
• Efficiently manage AWS resources to control costs
• Experience with he cyber security domain to include: governance and risk management, compliance, business continuity and disaster recovery, encryption, software development security, access control, network security / secure architecture, and security operation
• Excellent problem-solving ability and strong work ethic that is proactive and self-motivated
• Experience in product release planning and associated deliverable tracking

Desired Skills

• Git or similar distributed repository technology preferred
• Experience integrating with an Active Directory
• Familiarity with DoD STIGs, SRGs, etc

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking Compliance and Continuous Monitoring Engineers to: Provide Security Assessment & Authorization (A&A) and Information Assurance (IA) Support; Conduct Technical Security Assessments; Perform Enterprise Vulnerability Scanning & Reporting Functions; and Conduct Enterprise Vulnerability System Scanning. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

Roles and Responsibilities

• Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required
• Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations
• Provide support to Vulnerability Management programs
• Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items
• Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested
• Assist with establishing footholds on endpoints within monitored organizations networks in order to provide day-to-day visibility into the security posture
• Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard
• Utilize industry standard tools for automating the review of system configuration and security control compliance
• Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring
• Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents
• Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches
• Conduct vulnerability scanning using industry standard tools (e.g. Tenable Nessus) on a weekly to bi-weekly basis
• Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches
• Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g. 30-60-90-day patch deadlines based on each finding’s severity level)
• Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation
• Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations’ self-assessments
• Conduct long term trend analysis, identifying improvements or degradations in system security
• posture across the enterprise
• Provide dashboard views of data roll-ups from all facets of assessed systems (e.g. risk, vulnerability data, POA&M status) in order to present high-level executive summary reports to government leadership

Required Skills

• Must be able to perform Vulnerability and Compliance assessments on all devices identified during enterprise network scans, including: Operating systems, Oracle and MySQL Databases, and Web applications
• Comfortable using enterprise-class network scanning tools such as: (Tenable Nessus, Tenable Security Center), database scanning tools (AppDetective and DbProtect) and Web scanning tools (Web Inspect), and should be knowledgeable about the security best practices and most common vulnerabilities that exist for each of these technologies, including SANS and OWASP Top 1
• Experience performing enterprise-level assessment scanning of Networks, databases, and Web Applications
• Comfortable configuring and performing host, ports and services discoveries on large enterprise networks, and identify target operating systems and applications/services based on discovery scan results
• Experience with open source and commercial testing tools; A non-comprehensive list includes Nessus, NMAP, App Detective, Hailstorm, Guardium, and Web Inspect
• Comfortable using, configuring, troubleshooting, and administering Tenable Security Center, Tenable Nessus (standalone), AppDetective, and Web Inspect
• Solid understanding of the security policies used by intelligence organizations, as well as security guidelines published by the National Institute of Standards (e.g., 800-53 and 800-53a)
• Ability to think critically and creatively. Capable of synthesizing and analyzing large amounts of scan data
• Ability to articulate thoughts and findings in a concise and comprehensive manner