Purpose-Driven Careers

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Senior Cyber Support Developer with expertise in ServiceNow development and integration. The ideal candidate will design, develop and implement ServiceNow solutions that address business requirements while ensuring high-quality, secure and maintainable code. The Sr. Cyber Support Developer role requires strong technical knowledge, hands-on software development experience and the ability to collaborate effectively with stakeholders to deliver scalable solutions in a mission-driven environment. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Develop ServiceNow solutions and enhancements using core platform capabilities.
• Develops the applications including configuration, report development and data migration as required.
• Identify and implement best-practice solutions to meet client requirements.
• Perform unit testing and resolve code defects.
• Migrate code changes into the production environment.
• Assist with technical design activities and prepare supporting documentation.
• Collaborate with internal stakeholders and team members to build ServiceNow solutions aligned with business needs.

What you need to know:

• Strong knowledge of ServiceNow development.
• Experience with one or more scripting languages.
• Understanding of software development lifecycle practices including testing, migration and documentation.
• Familiarity with secure coding practices and compliance requirements in federal environments.
• Ability to troubleshoot, problem-solve and deliver scalable technical solutions.

Must have’s:

• Bachelor’s degree or 4+ additional years of software development experience in lieu of degree.
• DoD 8570 certification meeting IAT Level II requirements (e.g., CCNA-Security, CySA+ GICSP, GSEC, Security+ or SSCP) or ability to obtain within six (6) months of hire.
• 5+ years of software development experience, including 2+ years on large and complex development projects.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience developing Service Catalog and ServiceNow workflows.
• Experience with at least one scripting language (Ruby, Python, Perl, Bash or JavaScript).
• Applicants must currently hold and maintain an active TS/SCI clearance with Polygraph.

Beneficial to have:

• Certified ServiceNow Administrator (CSA).

Where it’s done:

• Onsite (Denver, CO).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Senior Cyber Security Engineer (Splunk) to support mission-critical cybersecurity operations through administration and engineering of a large enterprise Splunk environment. The ideal candidate brings strong hands-on Splunk experience and works effectively with engineers and cyber analysts across a dynamic enterprise environment. The Sr. Cyber Security Engineer (Splunk) role contributes directly to cyber defense initiatives by maintaining, tuning and securing Splunk systems while supporting integrations and enterprise data collection. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Manage day-to-day operations of large enterprise Splunk deployments.
• Troubleshoot data collection issues and resolve system conditions impacting stability or integrity.
• Deploy and maintain supported and unsupported Splunk add-ons.
• Execute Splunk Enterprise upgrades and patches.
• Configure and deploy Splunk forwarders using centralized management tools.
• Maintain and tune Splunk Enterprise Security (ES) content and platform performance.
• Manage knowledge objects, data models, dashboards, alerts and operational content.
• Support API integrations and external system connectivity.
• Develop and maintain engineering and compliance documentation.
• Contribute to Splunk deployment documentation, architecture diagrams and system documentation.
• Enforce role-based access controls and operational security policies.
• Collaborate with cyber analysts and engineering teams to improve detection and response capabilities.
• Apply relevant security policies, standards and technical guidelines to ensure compliance.

What you need to know:

• Strong experience administering and engineering Splunk in large enterprise environments, including upgrades, patching, add-on management and forwarder deployment.
• Hands-on experience with Splunk Enterprise Security (ES), including content configuration, tuning and performance optimization.
• Ability to troubleshoot complex data collection and onboarding issues while maintaining platform stability, integrity and operational security controls (RBAC).
• Proficiency across Unix and Windows environments, with the ability to produce clear engineering and compliance documentation, diagrams and operational artifacts.

Must have’s:

• Bachelor’s degree or 4+ additional years of cybersecurity experience in lieu of a degree.
• 5+ years of experience in an enterprise and/or cybersecurity-focused environment.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience with Splunk administration and engineering.
• Experience with Splunk Enterprise Security (ES) operations and configurations.
• Proficiency with Unix and Windows environments.
• DoD 8570 IAT Level II certification (e.g., Security+, CCNA-Security, GSEC).
• Applicants must hold and maintain an active TS/SCI with CI Polygraph.

Beneficial to have:

• Splunk certifications such as Architect, Consultant I/II, Admin or Power User.
• Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl, .NET).
• Familiarity with developing and deploying operational and security use cases within Splunk.

Where it’s done:

• Onsite (Chantilly, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Blue Team Engineer with experience supporting defensive cybersecurity operations across enterprise environments. This role focuses on assessing system security, validating controls and identifying vulnerabilities through testing, analysis and monitoring activities. The Blue Team Engineer supports authorization, continuous monitoring and threat detection efforts while working closely with stakeholders to strengthen overall security posture. This is a unique opportunity to shape the growth and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Support incident response, threat hunting and forensics activities, while also conducting security assessments and vulnerability testing.
• Use signature-based scanners, data collection tools and hardware analysis tools to assess potential threat events.
• Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats.
• Support vulnerability analysis and develop mitigation strategies to prevent future threats.
• Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management and continuous monitoring efforts.
• Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews and web application testing.
• Develop test plans, execute tests and prepare detailed after-action reports.
• Document testing processes in accordance with agency regulations and Standard Operating Procedures (SOPs).
• Support remote locations with traveling assessments as scheduled (~60% travel expected, Continental United States).

What you need to know:

• Experience with open-source and commercial testing tools such as Nessus, Metasploit, Burp Suite, App Detective and Nmap.
• Familiarity with security policies of the Department of Justice (DOJ), FBI and National Institute of Standards and Technology (NIST) guidelines (e.g., 800-53, 800-53a).
• Advanced understanding of security tools with the ability to configure and troubleshoot them as needed.
• Expertise in Unix/Linux or Microsoft operating systems, with extensive experience in at least one.
• Broad knowledge of security methodologies, solutions and industry best practices.
• Strong critical thinking and analytical skills, with the ability to interpret and synthesize complex data.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or 10 years of relevant IT experience.
• 8 years+ of relevant experience. Equivalent combinations of education, certifications or demonstrable work may be considered in lieu of direct experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Expertise in at least one of the following areas: Web applications and technologies, Networking technologies, Enterprise solutions, storage and databases, Cross-domain solutions, Virtualization technologies, Mainframes.
• One or more of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN, GWAPT or CEH.
• Applicants must hold and maintain an active Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph.

Where it’s done:

• Onsite (Washington, DC; ~60% travel within the continental United States).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are looking for a Elasticsearch (Elastic/ELK/ECE) Architect to join our dynamic, fast-paced team within the public sector. The ideal candidate will not only bring technical expertise but also a passion for learning and growth. The Elasticsearch (Elastic/ELK/ECE) Architect will have exposure to all facets of Systems Engineering and be encouraged to continuously expand your skill set as the company evolves. This is a unique opportunity to play a key role in a fast-growing company at the forefront of the cybersecurity market.

What you’ll be doing:

• Assess current Elasticsearch deployment and architecture, including validation of ingestion patterns, index lifecycle management (ILM) and data retention configurations.
• Ingest and normalize at least five data sources using the Elastic Common Schema (ECS) format.
• Verify ILM policies and retention requirements and perform upgrades of the existing Elastic Stack as needed.
• Provide enablement for dashboards and SIEM capabilities following ingestion, validation and upgrade activities.
• Design and implement containerized Elastic deployments to support multiple Docker containers per server, including deployment of Elastic Agent and Defender.
• Collaborate with the Integration and Architecture teams to design, document, build, secure and maintain Elasticsearch, Logstash, Kibana (and X-Pack) enterprise solutions in both cloud and on-premises environments.
• Work closely with architects, engineers and integrators to assess customer requirements and design Elasticsearch Stack solutions that meet data compliance and performance needs.
• Follow the development lifecycle processes to transition solutions from Dev to Test to Production environments.
• Participate in Agile sprint meetings, share progress and ensure that the development aligns with project and customer requirements.
• Serve as a subject matter expert and trusted advisor, providing guidance and best practice recommendations for Elasticsearch deployments.
• Configure and maintain Linux-based operating systems (including updates and version upgrades) to support the Elasticsearch platform.
• Install, configure and manage Elastic Cloud Enterprise (ECE) solutions, ensuring seamless communication and integration among Elasticsearch components and data sources.
• Create detailed installation and configuration documentation to support deployment.
• Secure the solution by implementing TLS, certificates, SSO/PIV authentication and encryption technologies.
• Collaborate with the data lifecycle management team to ensure optimal data flow and integrity.
• Troubleshoot and monitor data flows and the overall health of the Elasticsearch solution to maximize performance and minimize downtime.
• Build and maintain effective working relationships across departments and teams to coordinate work and deliver results on schedule.
• Recommend and implement enhancements to optimize business intelligence processes.

What you need to know:

• Experience in software development using Java with an IDE (e.g., Eclipse, CodeReady).
• Proficiency in parsing file formats (e.g., JSON, XML, CSV).
• Knowledge of SQL Server database design, programming, tuning and writing SQL queries/procedures.
• Experience in developing/automating test procedures.
• Familiarity with REST API web services client development.
• Experience with release management, build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN).
• Understanding of secure coding practices, including encryption (e.g., certificates, TLS connections).

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or relevant experience in lieu of degree.
• 2+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must hold and maintain an active Top Secret clearance.

Beneficial to have:

• Experience with SAML authentication and familiarity with domain structures, user authentication and PKI.
• Experience with Messaging Queues (e.g., RabbitMQ).
• Knowledge of Microsoft SQL.
• Experience with programming and regular expressions (XML, Java, JSON, Python, PowerShell, Painless, Grok).
• Relevant security certifications such as CISSP, CISM, CISA, Security+ or CEH.
• Understanding of the relationship between critical infrastructure protection and cybersecurity.
• Knowledge and experience with Assessment & Authorization (A&A) processes in federal environments, including familiarity with the NIST Risk Management Framework (RMF).

Where it’s done:

• On-site (Buckley SFB – Aurora or Schriever SFB – Colorado Springs, CO).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a SOC Project Technical Manager to lead cybersecurity operations and ensure effective incident response, comprehensive reporting and strong Bureau coordination. This role will guide a key workstream within SOC operations, driving collaboration across initiatives and ensuring alignment with enterprise cybersecurity objectives. The SOC Project Technical Manager position requires proven expertise in SOC management, large-scale incident response and hybrid environments. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Lead cybersecurity operations, ensuring unified execution and collaboration across SOC initiatives.
• Oversee incident response processes and ensure comprehensive incident reporting.
• Strengthen Bureau communications and coordination to support enterprise SOC integration.
• Collaborate with SOC project leadership and other operational leads to align priorities and objectives.
• Provide strategic and operational direction through subordinate managers and experienced specialists.
• Drive adoption of consistent practices, reporting and escalation standards.
• Influence executive leadership and stakeholders on cybersecurity operations performance.
• Ensure SOC operations align with the full NIST Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover.

What you need to know:

• Expertise in managing enterprise SOC operations across hybrid on-premises and cloud environments.
• Strong background in incident response and operational reporting within large enterprise environments.
• Experience leading subordinate managers and technical teams in SOC operations.
• Ability to influence executive leadership and coordinate across multiple organizational levels.
• Familiarity with frameworks such as the NIST Cybersecurity Framework and enterprise SOC best practices.

Must have’s:

• Bachelor’s degree or 3+ additional years of relevant experience in lieu of degree.
• 10+ years’ experience managing SOC operations and incident response for enterprise environments (50,000+ endpoints), including 5+ years leading hybrid on-premises/cloud SOCs with full NIST Cybersecurity Framework coverage.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must possess an active Top Secret Clearance.

Beneficial to have the following:

• Industry-recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Cyber Threat Intelligence (CTI) Analyst who serves as a technical subject matter expert (SME) in penetration testing. This role analyzes vulnerability scan data to identify security weaknesses across Information Technology (IT) and/or Operational Technology (OT) networks and deliver actionable risk mitigation recommendations. The CTI Analyst role will contribute to analysis, reporting, and coordination activities in a fast-moving team environment. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Analyze scan data from multiple at-risk entities to identify and assess security weaknesses in IT and/or OT networks.
• Provide risk mitigation recommendations for identified security weaknesses.
• Produce clear written reports and summaries of findings and recommendations for stakeholders.
• Coordinate with internal team members to support prioritization and tracking of identified security weaknesses.

What you need to know:

• Ability to translate technical findings into clear written deliverables and stakeholder-ready updates.
• Working understanding of how vulnerability findings are prioritized and tracked through remediation.

Must have’s:

• 10+ years of experience in penetration testing.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience working with large datasets involving cyber vulnerability risk information.
• Experience working with vulnerability scanning applications (ex: Shodan, Censys).
• Knowledge of scripting languages such as Python, JavaScript, or SQL.
• Familiarity with the CTI lifecycle and experience handling public source cyber threat/vulnerability intelligence.
• Familiarity and knowledge of MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge).
• Ability to work within a fast-moving team with minimal supervision and demonstrate problem-solving skills.
• Demonstrated analytical mindset, attention to detail, and strong reporting skills.
• Applicants must hold and maintain an active Top Secret clearance (no dual citizenship).

Beneficial to have:

• Penetration testing experience with Industrial Control Systems (ICS) and/or Operational Technology (OT).

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Cloud Security Engineer for a potential opportunity with deep cybersecurity expertise and automation capabilities to strengthen the security posture across Azure, VMware VCF and on-premise infrastructure. This role supports Zero Trust and DevSecOps initiatives, enforces compliance and streamlines operations through secure architecture design, automation and advanced threat detection. The Cloud Security Engineer will play a critical role in securing cloud environments, supporting authorization efforts and integrating security throughout the development lifecycle. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market. Employment for this position is dependent on the successful award of the contract.

What you’ll be doing:

• Serve as subject matter expert (SME) for cloud security incidents, coordinating with Cyber Operations and Security Control Assessor teams.
• Integrate security scanning tools into CI/CD pipelines (e.g., Gitlab, SonarQube, Trivy).
• Support and enhance Zero Trust architecture implementations, including Conditional Access, Privileged Identity Management (PIM) and Identity Governance.
• Perform cloud compliance checks aligned with DoD and FedRAMP baselines (NIST 800-53, RMF).
• Monitor and manage cloud-native SIEM tools (e.g., Azure Sentinel, SPLUNK) and log analytics for threat detection and operational insights.
• Automate security and operational tasks through scripting and platform-native automation tools (e.g., Logic Apps, PowerShell, Python).
• Contribute to risk assessments, Authorization to Operate (ATO) documentation and policy enforcement strategies.
• Assist with token management, certificate renewal automation and credential lifecycle tasks.
• Support performance monitoring, system patching and endpoint protection across the cloud landscape.

What you need to know:

• Strong understanding of secure cloud architecture, Zero Trust principles and identity governance.
• Proficiency in integrating security tools into CI/CD pipelines and automating security workflows.
• Hands-on experience with cloud-native SIEM platforms and log analytics.
• Ability to support ATO documentation, compliance activities and enforcement of security policies.
• Skilled in scripting for security automation using platform-native tools and languages.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 5+ years of experience in:
  • Cybersecurity Expertise and Automation.
  • Designing and implementing automated operations across IL2/IL3 / IL4 environments using tools like Azure Policy, VMWARE Auria and Gitlab.
  • Experience in Microsoft Azure, including security and identity management.
  • Develop and manage Infrastructure as Code (IaC) for repeatable, secure cloud deployments using Terraform, Bicep or ARM templates.
  • Proficient with IaC tools (Terraform, Bicep) and automation scripting (PowerShell, Python).
  • DoD cybersecurity frameworks (RMF, NIST 800-53, STIGs).
  • Experience with CI/CD pipelines, Gitlab and security integration.
  • Strong understanding of networking, firewalls and role-based access control (RBAC).
  • Analyzing logs and security alerts and develop proactive countermeasures.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently hold and maintain an active DOE Q or equivalent DoD Top Secret clearance.

Beneficial to have the following:

• Master’s degree in Cybersecurity, Information Systems or a related technical discipline.
• Experience with cloud security architectures in AWS and Azure.
• Proficiency with containerization and orchestration technologies such as Docker and Kubernetes.
• Knowledge of DevSecOps best practices.

Where it’s done:

• Onsite (Washington, D.C.)

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Journeyman Cyber Vulnerability Analyst to support ongoing vulnerability management efforts across critical systems. This role is responsible for conducting vulnerability scans, analyzing results and working with stakeholders to coordinate timely remediation. The Journeyman Cyber Vulnerability Analyst will bring a solid foundation in vulnerability assessment tools, a strong understanding of common exploits and proven organizational skills to effectively manage and prioritize multiple efforts. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Conducting vulnerability assessments and scans.
• Analyzing vulnerability reports and prioritizing risks.
• Coordinating with other teams to patch and mitigate vulnerabilities.
• Developing vulnerability management policies and procedures.
• Create and maintain documentation for vulnerability management processes.
• Assist in the development of metrics and dashboards to track remediation progress.
• Support compliance efforts by mapping vulnerabilities to applicable standards and frameworks.
• Leveraging CrowdStrike to inform vulnerability management scanning strategies and scope.
• Using CrowdStrike telemetry and findings to support dispositioning and validation of scan results (e.g., confirming exposure, reducing false positives, and documenting evidence).

What you need to know:

• Strong understanding of vulnerability scanning and assessment tools.
• Knowledge of common vulnerabilities and exploits.
• Strong organizational and time management skills.
• Understanding of patch management processes and system hardening practices.
• Experience working with enterprise vulnerability assessment platforms.
• Knowledge and experience using CrowdStrike in support of vulnerability management workflows, including using endpoint data to guide scans and to disposition scan results.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 4+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Hands-on experience with enterprise vulnerability assessment tools and platforms.
• Knowledge and experience using CrowdStrike to inform vulnerability management scans and to disposition vulnerability scan results using CrowdStrike data/telemetry.
• Must possess an active DOE Q Clearance or equivalent DoD Top Secret clearance at time of hire.

Beneficial to have the following:

• Industry recognized certifications.
• Threat Intel Analysis experience.

Where it’s done:

• Onsite (Las Vegas, NV)

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are looking for a Elasticsearch (Elastic/ELK/ECE) Engineer to join our dynamic, fast-paced team within the public sector. The ideal candidate will not only bring technical expertise but also a passion for learning and growth. The Elasticsearch (Elastic/ELK/ECE) Engineer will have exposure to all facets of Systems Engineering and be encouraged to continuously expand your skill set as the company evolves. This is a unique opportunity to play a key role in a fast-growing company at the forefront of the cybersecurity market.

What you’ll be doing:

• Lead and support SIEM migration activities, including transitioning customers from ArcSight to the Elastic Stack.
• Implement, configure, and document four Elasticsearch clusters in support of enterprise SIEM and analytics requirements.
• Develop detailed installation, configuration, and operational documentation to support deployment and sustainment.
• Design and implement data pipelines to support log ingestion, normalization, enrichment, and analytics.
• Support SIEM development activities, including migration execution, validation, and reporting.
• Collaborate with the Integration and Architecture teams to design, document, build, secure and maintain Elasticsearch, Logstash, Kibana (and X-Pack) enterprise solutions in both cloud and on-premises environments.
• Work closely with architects, engineers and integrators to assess customer requirements and design Elasticsearch Stack solutions that meet data compliance and performance needs.
• Follow the development lifecycle processes to transition solutions from Dev to Test to Production environments.
• Participate in Agile sprint meetings, share progress and ensure that the development aligns with project and customer requirements.
• Serve as a subject matter expert and trusted advisor, providing guidance and best practice recommendations for Elasticsearch deployments.
• Configure and maintain Linux-based operating systems (including updates and version upgrades) to support the Elasticsearch platform.
• Install, configure and manage Elastic Cloud Enterprise (ECE) solutions, ensuring seamless communication and integration among Elasticsearch components and data sources.
• Create detailed installation and configuration documentation to support deployment.
• Secure the solution by implementing TLS, certificates, SSO/PIV authentication and encryption technologies.
• Collaborate with the data lifecycle management team to ensure optimal data flow and integrity.
• Troubleshoot and monitor data flows and the overall health of the Elasticsearch solution to maximize performance and minimize downtime.
• Provide regular status updates and analysis of alternatives in daily sprint meetings.
• Build and maintain effective working relationships across departments and teams to coordinate work and deliver results on schedule.
• Recommend and implement enhancements to optimize business intelligence processes.

What you need to know:

• Experience in software development using Java with an IDE (e.g., Eclipse, CodeReady).
• Proficiency in parsing file formats (e.g., JSON, XML, CSV).
• Knowledge of SQL Server database design, programming, tuning and writing SQL queries/procedures.
• Experience in developing/automating test procedures.
• Familiarity with REST API web services client development.
• Experience with release management, build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN).
• Understanding of secure coding practices, including encryption (e.g., certificates, TLS connections).

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or relevant experience in lieu of degree.
• 2+ years of relevant experience.
• CompTIA Security + certification.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must hold and maintain an active Secret clearance.

Beneficial to have:

• Experience with SAML authentication and familiarity with domain structures, user authentication and PKI.
• Experience with Messaging Queues (e.g., RabbitMQ).
• Knowledge of Microsoft SQL.
• Experience with programming and regular expressions (XML, Java, JSON, Python, PowerShell, Painless, Grok).
• Relevant security certifications such as CISSP, CISM, CISA, Security+ or CEH.
• Understanding of the relationship between critical infrastructure protection and cybersecurity.
• Knowledge and experience with Assessment & Authorization (A&A) processes in federal environments, including familiarity with the NIST Risk Management Framework (RMF).

Where it’s done:

• On-site (Schriever SFB – Colorado Springs, CO).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Malware/Forensics Analyst to support cyber investigations through malware analysis and digital evidence collection. This role applies advanced analytic techniques to uncover adversary capabilities, identify security weaknesses and provide actionable findings. The Malware/Forensics Analyst position requires deep technical knowledge, proficiency in digital forensics and the ability to collaborate with internal experts to solve difficult problems. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Analyze malware samples to determine functionality, intent and potential impact.
• Collect, preserve and examine digital evidence in support of cyber investigations.
• Apply advanced analytics to identify patterns, anomalies and indicators of compromise.
• Develop forensic reports and communicate findings to investigators and stakeholders.
• Collaborate with internal experts to develop solutions for complex technical problems.
• Support incident response teams with forensic analysis and malware insights.
• Contribute to improving forensic methodologies, processes and tools.
• Provide input into strategies that strengthen enterprise cybersecurity posture.

What you need to know:

• Strong knowledge of malware analysis and reverse engineering techniques.
• Expertise in digital forensics, evidence handling and forensic reporting.
• Familiarity with advanced analytics methods to support cyber investigations.
• Experience working in SOC environments and supporting incident response.
• Ability to collaborate across teams to resolve unclear or complex technical issues.

Must have’s:

• Bachelor’s degree or 3+ additional years of relevant experience in lieu of degree.
• 7+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must hold and maintain an active Secret clearance.

Beneficial to have the following:

• Industry-recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Cyber Analytics Developer to enhance threat detection and response capabilities within enterprise SOC operations. This role focuses on optimizing data analytics and building advanced analytics and custom detection solutions. The Cyber Analytics Developer position requires deep technical expertise, creativity in developing innovative approaches and the ability to address complex, multi-dimensional problems. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Enhance threat detection and response capabilities through advanced analytics solutions.
• Optimize data analytics workflows to improve accuracy and efficiency of SOC operations.
• Build and implement custom detection capabilities tailored to evolving threats.
• Resolve undefined and complex technical problems requiring advanced conceptualization.
• Collaborate with experts to design and apply cutting-edge methodologies and tools.
• Develop innovative solutions that strengthen enterprise cybersecurity operations.
• Mentor and coach junior staff in analytics development and advanced detection methods.
• Contribute to the advancement of knowledge in cyber analytics and detection practices.

What you need to know:

• Expertise in cyber analytics, detection engineering and custom rule development.
• Strong knowledge of optimizing data analytics for threat detection and response.
• Experience building advanced analytics and detection workflows for enterprise SOCs.
• Ability to solve complex problems using advanced technical principles and concepts.
• Skilled in mentoring and guiding junior technical staff.

Must have’s:

• Bachelor’s degree or 3+ additional years of relevant experience in lieu of degree.
• 12+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must hold and maintain an active Secret clearance.

Beneficial to have the following:

• Industry-recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are looking for a Elasticsearch (Elastic/ELK/ECE) Engineer to join our dynamic, fast-paced team within the public sector. The ideal candidate will not only bring technical expertise but also a passion for learning and growth. The Elasticsearch (Elastic/ELK/ECE) Engineer will have exposure to all facets of Systems Engineering and be encouraged to continuously expand your skill set as the company evolves. This is a unique opportunity to play a key role in a fast-growing company at the forefront of the cybersecurity market.

What you’ll be doing:

• Collaborate with the Integration and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) enterprise solutions in both cloud and on-premises environments.
• Work closely with architects, engineers, and integrators to assess customer requirements and design Elasticsearch Stack solutions that meet data compliance and performance needs.
• Follow the development lifecycle processes to transition solutions from Dev to Test to Production environments.
• Participate in Agile sprint meetings, share progress, and ensure that the development aligns with project and customer requirements.
• Serve as a subject matter expert and trusted advisor, providing guidance and best practice recommendations for Elasticsearch deployments.
• Configure and maintain Linux-based operating systems (including updates and version upgrades) to support the Elasticsearch platform.
• Install, configure, and manage Elastic Cloud Enterprise (ECE) solutions, ensuring seamless communication and integration among Elasticsearch components and data sources.
• Create detailed installation and configuration documentation to support deployment.
• Secure the solution by implementing TLS, certificates, SSO/PIV authentication, and encryption technologies.
• Collaborate with the data lifecycle management team to ensure optimal data flow and integrity.
• Troubleshoot and monitor data flows and the overall health of the Elasticsearch solution to maximize performance and minimize downtime.
• Provide regular status updates and analysis of alternatives in daily sprint meetings.
• Build and maintain effective working relationships across departments and teams to coordinate work and deliver results on schedule.

What you need to know:

• Experience in software development using Java with an IDE (e.g., Eclipse, CodeReady).
• Proficiency in parsing file formats (e.g., JSON, XML, CSV).
• Knowledge of SQL Server database design, programming, tuning, and writing SQL queries/procedures.
• Experience in developing/automating test procedures.
• Familiarity with REST API web services client development.
• Experience with release management, build tools (e.g., Maven, Jenkins), and configuration tools (e.g., SVN).
• Understanding of secure coding practices, including encryption (e.g., certificates, TLS connections).

Must have’s:  

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or relevant experience in lieu of degree.
• 2+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen (non-dual citizenship) and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:  

• Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI.
• Experience with Messaging Queues (e.g., RabbitMQ).
• Experience with Microsoft SQL.
• Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok).
• Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH.
• Understanding of interrelationships between critical infrastructure protection and cybersecurity.
• Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF).

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a DOE Sector Growth and Capture Manager with experience supporting dynamic, fast-paced public sector environments. This role provides broad exposure to program strategy, partner engagement, business development and capture execution. The DOE Sector Growth and Capture Manager will play a key role in driving program success on the CIO Business Support Services (CBOSS) 2 Program by supporting development, execution and collaboration with partners as a prime contractor. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Program Strategy and Execution: Develop and execute a comprehensive DOE sector and CBOSS 2-specific program strategy aligned with company goals and objectives. Define the go-to-market strategy using market trends, corporate capabilities and customer priorities. Support program planning and execution activities that advance DOE sector objectives.
• Partner Relationship Management: Cultivate and maintain relationships with strategic partners to ensure alignment, communication and shared success. Collaborate with internal teams to manage partner expectations and support delivery commitments.
• Program Growth and Business Development: Support, identify and execute growth strategies for existing DOE programs within and outside of CBOSS 2. Identify, develop and pursue DOE Task Order opportunities that contribute to revenue growth and market expansion. Align pursuit activities with ShorePoint capabilities, go-to-market strategy and business objectives.
• Capture Management: Build, maintain and execute comprehensive Capture Plans for strategic pursuits. Coordinate capture activities using matrixed resources across internal and external team members. Support solution development, win strategy formulation, teaming and competitive positioning.
• Market Analysis and Insight Development: Stay informed about industry trends, market shifts and DOE strategic and priority initiatives to identify new opportunities and potential risks. Use market insights to refine business development and capture strategies.
• Matrixed Portfolio Leadership: Work collaboratively with ShorePoint Director of Business Development and Capture, Director of Proposal Operations and Executive Director of DOE and Federal Law Enforcement. Contribute to a collaborative, accountable and results-driven environment positioned for consistent growth.

What you need to know:

• Excellent leadership and creative problem-solving skills with the ability to understand customer priorities and drive program strategy and solution development.
• Effective approaches for identifying and executing growth strategies for existing and new business opportunities.
• Proficiency in ShorePoint’s CRM system (Salesforce) and the Microsoft Office Suite.

Must have’s:

• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Proven experience in Business Development and Capture Management, preferably in cybersecurity.
• Strong track record of driving customer engagement, growth and revenue generation.
• Exceptional interpersonal and communication skills with the ability to build and maintain relationships at all levels.
• Strategic thinker with demonstrated ability to develop and execute complex program strategies.
• Ability to contribute to solution development, content creation and quality reviews throughout the pre-proposal and proposal lifecycle.
• Ability and willingness to travel up to 25 percent for onsite meetings and events.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Demonstrated success growing DOE professional services revenue.
• Strong analytical skills.
• Experience supporting AI-driven use case implementation.

Where it’s done:

• Hybrid (must be local to Herndon, VA and attend in person meetings as needed).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance, reimbursement and more.

Who we’re looking for:

We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security Testing (SAST & DAST) methodologies and enterprise-level security controls. Your mission is to fortify our software supply chain by integrating rigorous security testing directly into the development lifecycle to preemptively neutralize vulnerabilities. The Application Security Engineer will be responsible for the end-to-end administration of Burp Suite and Veracode, managing Integrated Development Environment (IDE) plugins and ensuring all enterprise web applications align with federal compliance and OWASP standards. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Support and operate application security testing capabilities across SAST, DAST and IDE plug-in environments, with primary focus on Burp Suite and Veracode.
• Configure, maintain and troubleshoot Burp Suite and Veracode integrations to enable consistent application security testing workflows.
• Partner with development and engineering teams to identify, validate and remediate security vulnerabilities.
• Apply vulnerability standards and scoring methodologies to findings, including OWASP Top 10, CVSS, CWE, WASC and SANS-25.
• Navigate and troubleshoot within Linux or UNIX environments, including basic website connectivity issues.
• Support the design and implementation of enterprise-wide security controls that secure applications, systems, networks or infrastructure services.
• Use IDEs and development toolchains (Eclipse, JDeveloper, Visual Studio) to support developer workflows, including pipeline development activities where applicable.
• Support compliance-aligned security activities in federal environments leveraging NIST 800-53, FIPS and/or FedRAMP standards.

What you need to know:

• Strong understanding of application security testing concepts and operational support for SAST, DAST and IDE plug-in environments.
• Hands-on capability with enterprise web application security and common vulnerability classes.
• Familiarity with vulnerability scoring, classification and prioritization frameworks (OWASP Top 10, CVSS, CWE, WASC, SANS-25).
• Working knowledge of federal compliance standards (NIST 800-53, FIPS, FedRAMP).
• Ability to work effectively in Linux or UNIX environments for navigation and basic troubleshooting.
• Ability to communicate findings clearly and work cross-functionally to support remediation.

Must have’s:

• Bachelor’s degree in an IT-related field.
• 6+ years of Information Technology experience.
• 3+ years of experience supporting SAST, DAST and IDE plug-in environments using Burp Suite, including 3+ years of hands-on Burp Suite experience.
• 1+ year of experience supporting SAST, DAST and IDE plug-in environments using Veracode.
• 3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, networks or infrastructure services.
• 2+ years of experience with Java, Python, .NET or C#.
• 2+ years of experience working in Linux-based environments, including navigating and troubleshooting basic website connectivity issues.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience with Eclipse, JDeveloper and/or Visual Studio, including pipeline development experience.
• Experience securing enterprise web applications, including familiarity with OWASP Top 10, CVSS, CWE, WASC and SANS-25.
• Knowledge of federal compliance standards, including NIST 800-53, FIPS and/or FedRAMP.
• Applicants must be a U.S. citizen in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications.
• Experience with Interactive Application Security Testing (IAST) tools and capabilities.
• Experience with HackerOne.
• Experience with Selenium.
• Experience writing bash scripts.
• Experience with OWASP ZAP or Burp Proxy.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an IT Project Manager – Senior with experience leading IT projects and coordinating end-to-end service delivery in a federal environment. In this role, you will drive successful delivery of IT services and projects by aligning customer needs, operational performance and cybersecurity requirements to measurable outcomes. The IT Project Manager – Sr. will manage stakeholder coordination, requirements and contract alignment, performance reporting, risk and compliance monitoring and continual service improvement across the project lifecycle. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Serve as a primary stakeholder in IT operational processes supporting the service, providing direction and monitoring significant activities to ensure successful delivery.
• Coordinate and manage end-to-end service delivery for customers, balancing requirements, constraints and priorities across stakeholders.
• Develop and manage system, network, performance and cybersecurity requirements and ensure they are incorporated into delivery plans and contract language.
• Define and manage Service-Level Agreements (SLAs) and support Operating Level Agreements (OLAs) with internal process owners to ensure performance expectations are clear and measurable.
• Lead and oversee project budgets, staffing and contractual performance, including tracking delivery against cost, schedule and quality objectives.
• Participate in acquisition activities as needed, ensuring procurements and outsourcing efforts include information security requirements consistent with organizational goals.
• Perform needs analysis to identify opportunities for new or improved business process solutions and provide recommendations for upgrades and enhancements.
• Develop methods to monitor and measure risk, compliance and assurance efforts for assigned projects, initiating corrective actions when issues or variances arise.
• Review service performance reports, ensure follow-up on outstanding issues and drive continual improvement through customer satisfaction and internal performance feedback.
• Conduct or support audits of IT projects and evaluate procurement effectiveness in meeting information security requirements, recommending improvements as needed.
• Conduct import/export reviews for acquiring systems and software and address supply chain risk considerations when applicable.

What you need to know:

• Advanced knowledge of the acquisition/procurement life cycle, including system life cycle management principles, software security and the integration of Risk Management Framework (RMF) requirements.
• Proficiency in Import/Export control regulations (specifically for cryptography and security technologies) and the ability to evaluate the trustworthiness of project suppliers and products.
• Mastery of service management concepts (ITIL) and organizational process improvement models, such as CMMI for Development, Services and Acquisitions.
• Understanding of Cloud-based knowledge management, enterprise architectural frameworks and the operational impacts of cybersecurity lapses on the organization’s core business mission.
• Skill in identifying system performance indicators and translating complex information needs into intelligence collection requirements across the extended enterprise.

Must have’s:

• Advanced degree in a technical/cyber-related field. Direct experience or relevant certifications may substitute for the academic credentials.
• 7+ years of relevant experience.
• Application Security (App Sec) experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an HR Coordinator (Compliance & HR Operations) with a primary focus on HR compliance support, documentation and process coordination. This role supports the administrative and operational foundation of the HR function through hands-on execution, structured processes and close partnership with the HR team. While administrative-heavy initially, the HR Coordinator role provides exposure to a broad range of HR functions and opportunities for professional growth as experience and capability develop. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Provide administrative and operational support for HR compliance activities, including annual and ongoing filings and tracking (e.g., state compliance requirements, ACA reporting support, EEO-1, VETS-4212, annual training compliance).
• Monitor state-specific compliance requirements for a remote workforce, assisting with documentation and tracking as needed.
• Maintain accurate and complete HR records, employee data and documentation within HR systems, ensuring confidentiality, consistency and audit readiness.
• Own and manage the job description (Value Statement) process, including development coordination, maintenance, tracking, documentation, version control and alignment across roles.
• Provide backup administrative support for onboarding activities, including documentation coordination, system updates and checklist execution in partnership with the HR team.
• Assist with tracking and supporting annual compliance training in coordination with the HR Coordinator responsible for learning and development.
• Support administrative HR processes, including preparing separation letters, assisting with FMLA documentation and supporting corporate goal setup and tracking.
• Support offboarding processes as needed, including administrative coordination and system updates.
• Assist with monitoring and maintaining required State and Federal employment law postings (digital and/or physical).
• Help document HR processes, workflows and administrative procedures to support consistency, scalability and continuity.
• Provide backup support for employee-experience HR coordination and benefits administration tasks as needed to ensure continuity and team coverage.
• Provide general administrative support for HR projects and initiatives as assigned.

What you need to know:

• Ability to manage multiple administrative tasks and deadlines.
• Clear written and verbal communication skills.
• Comfort working within structured processes and guidelines.

Must have’s:

• 1–2 years of experience in an HR, administrative or related support role.
• Basic understanding of HR operations and compliance concepts or strong willingness to learn.
• Knowledge of state and federal employment laws and regulations.
• Proficiency in HRIS systems and Microsoft Office Suite.
• Ability to handle sensitive and confidential information with discretion.
• Strong organizational skills and attention to detail to ensure accuracy and efficiency.
• Strong interpersonal and communication skills.
• Ability to work collaboratively in a team-based environment and independently.
• Ability to adapt to changing priorities, learn new systems and processes and follow direction while developing independent problem-solving skills.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance if required.

Beneficial to have:

• Bachelor’s degree preferred.

Where it’s done:

• Hybrid (must be local to Herndon, VA and attend in-person meetings as needed).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Systems Security Analyst with experience supporting the integration, testing, operations and maintenance of systems security. The ideal candidate has experience applying cybersecurity principles, assessing system security implementations, and supporting monitoring activities to identify vulnerabilities and security risks across systems and databases. The Systems Security Analyst role focuses on analyzing system and organizational security posture, evaluating security controls and supporting cybersecurity risk management activities across the system lifecycle. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Analyze and report organizational and system security posture trends, including monitoring activities related to database security risks.
• Apply security policies and cybersecurity principles to ensure systems meet defined security objectives and requirements.
• Assess access control implementations to ensure alignment with least privilege and need-to-know principles.
• Evaluate configuration management, change management and release management processes for security compliance.
• Assess and monitor cybersecurity practices associated with system implementation, testing and operational activities.
• Assess the effectiveness of implemented security controls, including controls protecting databases and data stores, and identify areas requiring improvement.
• Ensure systems security operations and maintenance activities are properly documented and kept current.
• Implement security measures to resolve vulnerabilities, mitigate risks and support system confidentiality, integrity, availability, authentication and non-repudiation.
• Support security testing of applications and systems, including identifying security deficiencies and supporting remediation or risk acceptance processes.
• Conduct security architecture reviews, identify gaps and contribute to the development of security risk management plans.
• Support Risk Management Framework (RMF) activities and related documentation, including lifecycle support plans, operational procedures and system documentation updates.
• Collaborate with stakeholders to resolve security incidents, address vulnerabilities and ensure minimum security requirements are implemented across applications.

What you need to know:

• Experience assessing security controls and security system designs using cybersecurity frameworks and principles (for example CIS Critical Security Controls, NIST SP 800 series or the Cybersecurity Framework).
• Understanding of vulnerability identification, security testing methods and vulnerability scanning practices and monitoring of systems and database environments.
• Knowledge of configuration management, operating systems and system security testing and evaluation methods.
• Knowledge of network security architecture, networking concepts and protocols and how traffic flows across networks.
• Knowledge of cybersecurity risk management processes, laws, policies and governance relevant to cybersecurity and privacy.
• Knowledge of cybersecurity threats, vulnerabilities, cryptography concepts, identity and access management principles and security practices protecting sensitive or regulated information.

Must have’s:

• 4+ years of experience in cybersecurity, information security or a related field.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field.
• Industry recognized certifications.

Where it’s done:

• Remote (Herndon, VA).