Purpose-Driven Careers
For the cyber elite
ShorePoint team members are handpicked for their expertise and for their ability to collaborate, communicate, and adapt when our Federal customers face complex and evolving challenges, obstacles, and threats.
#JoinTeamShorePoint! Explore our current openings and apply to begin your journey with us.

Open Positions
Blue Team Engineer
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking a motivated Blue Team Engineer with expertise in defensive cybersecurity tools and techniques to conduct threat simulations. The ideal candidate will replicate both insider and external threats to operational systems and networks, contributing to the defense of high-profile environments. This is a unique opportunity to shape the growth and culture of an exciting and fast-growing company in the cybersecurity market.
What you’ll be doing:
- Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews, and web application testing.
- Develop test plans, execute tests, and prepare detailed after-action reports.
- Document testing processes in accordance with agency regulations and Standard Operating Procedures (SOPs).
- Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management, and continuous monitoring efforts.
- Use signature-based scanners, data collection tools, and hardware analysis tools to assess potential threat events.
- Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats.
- Support vulnerability analysis and develop mitigation strategies to prevent future threats.
- Support remote locations with traveling assessments as scheduled (30% travel expected, Continental United States).
What you need to know:
- Broad knowledge of security methodologies, solutions, and industry best practices.
- Experience with open-source and commercial testing tools such as Nessus, Metasploit, Burp Suite, App Detective, and Nmap.
- Advanced understanding of security tools with the ability to configure and troubleshoot them as needed.
- Expertise in Unix/Linux or Microsoft operating systems, with extensive experience in at least one.
- Familiarity with security policies of the Department of Justice (DOJ), FBI, and National Institute of Standards and Technology (NIST) guidelines (e.g., 800-53, 800-53a).
- Strong critical thinking and analytical skills, with the ability to interpret and synthesize complex data.
Must have’s:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
- 8 years+ of relevant experience. Equivalent combinations of education, certifications or demonstrable work may be considered in lieu of direct experience.
- Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
- Expertise in at least one of the following areas: Web applications and technologies, Networking technologies, Enterprise solutions, storage, and databases, Cross-domain solutions, Virtualization technologies, Mainframes.
- One or more of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN, GWAPT or CEH.
- Active Top Secret clearance required. SCI access will be sponsored for qualified candidates. Must be able to pass a Counterintelligence (CI) polygraph.
Where it’s done:
- Washington, DC.
- Remote Locations (Travel to these locations once per quarter.)
Elasticsearch Engineer
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking an Elasticsearch (Elastic/ELK/ECE) Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Elasticsearch (Elastic/ELK/ECE) Engineer will have the opportunity to be exposed to all aspects of Systems Engineering and will be encouraged to grow as the organization expands.
What you’ll be doing:
- Responsible for working with the Integration, and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) Enterprise solutions deployed in the Cloud or on-premises environment.
- Work closely with architects, engineers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with data requirements.
- Follow life cycle processes to move solutions from Dev to Test to Production.
- Participate in group sessions as well as attend and share in agile sprint daily meetings to track progress to ensure development of solutions is in support of the project and customer requirements.
- Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
- Configure and maintain Linux based Operating system files in support of the Elasticsearch products (yum updates and product version upgrades).
- Install and configure an Elastic Cloud Enterprise solution and ensuring communication and integration among the Elasticsearch products and data sources.
- Document the installation and configuration for deployment.
- Secure the solution by being familiar with TLS, certificates, SSO/PIV authentication, and encryption technologies.
- Work with the data lifecycle management team.
- Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime.
- Work with a team and provide analysis of alternatives and progress status in daily sprint meetings.
- Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner.
- Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface.
- Recommend enhancements and modifications to optimize business intelligence processes.
What you need to know:
- Software Development using Java with an IDE (e.g. Eclipse, CodeReady).
- Parsing File formats (e.g., JSON, XML, and CSV).
- SQL SERVER database design, programming, tuning, writing SQL queries/procedures.
- Developing/automating test procedures.
- Web services client development using REST API.
- Release Management and build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN).
- Secure coding practices including use of encryption (e.g., Certificates, TLS Connections).
Must have’s:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
- 2+ years of relevant experience.
- Expertise in Kubernetes (K8s).
- Strong knowledge of observability practices, including Application Performance Management (APM) and Elastic Cloud on Kubernetes (ECK).
- Security+ Certification.
- Must have an active Secret clearance to start.
Beneficial to have the following:
- Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI.
- Experience with Messaging Queues (e.g., RabbitMQ).
- Experience with Microsoft SQL.
- Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok).
- Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH.
- Understanding of interrelationships between critical infrastructure protection and cybersecurity.
- Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF).
Where it’s done:
- Hampton, VA or Bedford, MA.
ZTA Security Controls Assessor
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to provide quality and consistent consultations and deliverables for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking a Zero Trust Architecture (ZTA) Security Controls Assessor who will work on an existing and established team conducting security controls assessments correlating to CISA’s Zero Trust Maturity Model 2.0 and NIST’s 800-53r5 & 800-207. The goal is to understand the existing environment and aid our client to move to their desired state by performing gap analyses, populating a requirements traceability matrix, developing Zero Trust roadmaps, and aligning cybersecurity strategies with federal policies and requirements. The ideal candidate will have a deep understanding of the Risk Management Framework (RMF) and how RMF maps to the Zero Trust Framework, including Executive Orders and other federal mandates, and will engage with stakeholders to deliver comprehensive assessment results contributing to the agencies Zero Trust maturity goals. The ZTA Security Controls Assessor role requires expertise in analyzing systems, documenting requirements, and designing secure architectures that meet both immediate and long-term objectives. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.
What you’ll be doing:
- Conduct Zero Trust-focused gap analyses, mapping current capabilities to the five pillars of the CISA security model and aligning them with the CISA ZTA Maturity Model 2.0 and NIST standards to highlight current and desired states of maturity.
- Review, decompose, and consolidate requirements from diverse government policies, memoranda, and directives.
- Develop and execute a Zero Trust roadmap for implementing and maintaining enterprise cybersecurity capabilities in on-premises and cloud environments.
- Analyze existing capabilities, propose modernization strategies, and incorporate approved recommendations into roadmaps and documentation such as Integrated Master Schedules.
- Document and implement Zero Trust security solutions for on-premises and cloud-based environments, following guidance outlined in OMB Memo M-22-09.
- Collaborate with program managers, technical teams, and stakeholders to define project scope, deliverables, and timelines.
- Provide technical guidance on the realization of cross-cutting security solutions that leverage Zero Trust product services and capabilities.
- Assist in developing and delivering client-facing materials, including presentations, training curricula, whitepapers, and other technical documentation.
- Lead and support the development of documentation for system requirements, system analysis, and integration activities.
What you need to know:
- Strong understanding of the Zero Trust Architecture, including federal policies, CISA guidance, and NIST standards.
- Experience conducting gap analyses and aligning cybersecurity strategies with organizational and federal objectives.
- Knowledge of OMB Memo M-22-09, CISA Zero TrustMaturity Model 2.0, and methodologies for system analysis and risk assessments.
- Familiarity with IT Enterprise architectural principles, including cloud, on-premise, centralized, and federated systems.
- Understanding of integration challenges, cost estimation, system requirements determination, and methodologies for system analysis.
- Ability to develop and deliver effective presentations, training materials, and reports to diverse stakeholders.
- Ability to build and maintain positive relationships, fostering collaboration and support for cybersecurity endeavors across a range of management and IT support staff.
- Strong skills in decomposing and consolidating requirements, strategic planning, and aligning cybersecurity initiatives with organizational goals.
- Familiarity with IT risk assessments, system verification/ hardening, and compliance standards, including Mac, Linux-based, and Microsoft operating systems.
Must have’s:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
- Demonstrated ability to apply analysis and critical thinking to develop undefined tasks into actionable processes and work streams.
- Experience with mapping CISA Zero Trust model pillars to Zero Trust solutions and developing comprehensive security roadmaps.
- Knowledge of federal cybersecurity standards and compliance requirements, including FISMA, NIST SP 800 series, and OMB guidelines.
- Exceptional analytical thinking and problem-solving skills, with a focus on aligning cybersecurity initiatives with organizational goals.
- Strong communication and collaboration skills to engage with diverse stakeholders effectively.
- Exceptional attention to detail with high standards while delivering high quality deliverables and outcomes.
- Requires U.S. citizenship in compliance with federal contract requirements.
Beneficial to have the following:
- Cybersecurity related certifications such as Security+, CASP or CISSP.
Where it’s done:
- Remote (Herndon, VA).
Project Coordinator
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking a Project Coordinator who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Project Coordinator will have the opportunity to be exposed to all aspects of the program and will be encouraged to grow as the organization expands.
What you’ll be doing:
- Organize, direct, and manage engagement operations across multiple, complex, and interrelated project task areas.
- Monitor engagement performance through the development and analysis of key metrics and reporting.
- Conduct quality control activities to ensure the highest standards in deliverable and service quality.
- Manage teams of engagement support personnel across multiple locations.
- Maintain and foster strong relationships with clients at senior levels of their organization.
- Meet with clients and project teams to formulate and review task plans and deliverables.
- Contribute to the development of short and long-term security initiatives that align with client executives’ goals and business objectives.
- Proactively identify potential issues and facilitate the resolution process.
- Determine project resource requirements and identify the appropriate staff, tools, and technologies for successful service delivery.
- Ensure adherence to program task schedules and cost constraints.
- Lead periodic program reviews and status meetings, presenting updates in a clear, concise, and engaging manner.
What you need to know:
- Strong understanding of project coordination methodologies, tools, and best practices.
- Excellent communication skills with the ability to build and maintain client relationships.
- Strong analytical and problem-solving skills.
- Experience managing cross-functional teams and engagement personnel across multiple locations.
- Proficiency in project management software and tools for tracking tasks, resources, and reporting metrics.
- Ability to lead meetings and provide clear, concise updates to stakeholders at various levels of the organization.
Must have’s:
- Bachelor’s degree in Computer Science, Information Systems, Engineering or a related field.
- 3-5 years of relevant experience.
- Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
- Ability to obtain federal agency required security clearance.
Beneficial to have the following:
- One or more of the following certifications: Project Management Professional (PMP) or Program Management Professional (PgMP) training.
Where it’s done:
- Remote (Herndon, VA).
Mid-Level SOC Analyst (Rotating Shift) - Top Secret Clearance
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking a Mid-Level SOC Analyst (Rotating Shift) – Top Secret Clearance with experience in monitoring, detecting, and responding to cybersecurity threats in a high-security environment. The ideal candidate will have a strong foundation in SOC operations and a passion for protecting mission-critical systems. The Mid-Level SOC Analyst (Rotating Shift) – Top Secret Clearance role involves real-time alert monitoring, incident analysis, and response, with exposure to hybrid environments that include both on-premises equipment and cloud services. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.
What you’ll be doing:
- Monitor and triage real-time security alerts to identify potential threats.
- Coordinate and assist with the preparation of incident reports.
- Conduct incident analysis, including reviewing forensic artifacts and basic malware analysis.
- Support incident containment, eradication, and recovery efforts.
- Assist in maintaining and updating the Incident Response Plan (IR Plan).
- Collaborate on incident response testing and training initiatives.
- Generate and contribute to SOC best practices reports to enhance cybersecurity controls.
- Provide support for Continuity of Operations (COOP) as needed.
- Work alongside senior team members to ensure effective SOC operations.
What you need to know:
- Real-time alert monitoring, incident reporting, and analysis.
- incident containment and recovery procedures.
- Familiarity with forensic artifact and malware analysis techniques.
- Understanding of FISMA, NIST SP 800 series, and other federal cybersecurity mandates and policies.
Must have’s:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field (or 4 additional years of experience in lieu of a degree).
- 5+ years of experience providing cybersecurity operations or consulting.
- Experience in cybersecurity incident management and SOC operations.
- Strong understanding of cybersecurity frameworks and standards.
- Flexibility to work rotating day and night shifts including weekends and holidays.
- Active Top-Secret agency required security clearance to start.
Rotating Shift Schedule:
- Day and night shifts including weekends and holidays. Flexibility required
Beneficial to have the following:
- Industry recognized certifications.
Where it’s done:
- Washington D.C.
Data Infrastructure Engineer
Who we are:
ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We are seeking an Data Infrastructure Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market. The Data Infrastructure Engineer will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.
What you’ll be doing:
- Integrate multiple Commercial Off the Shelf (COTS) and open-source products, software configuration packages and custom code to work together to operate as a single solution, tailored to meet customer requirements.
- Work as part of an agile development team to conduct systems design, analysis and development of the solution.
- Create data pipelines and implement ETL processes for both stream processing (such as tool and sensor log data) and batch processing (such as daily vulnerability updates), integrating functionality between applications, leveraging APIs and scripting languages (Python preferred).
- Conduct data modeling, hands on configuration, tuning and operating of distributed data storage stacks, with a focus on Elasticsearch and Kafka.
- Query data to include aggregations, calculations and producing metrics from data.
- Design and implement data visualizations.
- Engage in all agile ceremonies including backlog grooming, demos and retrospectives.
What you need to know:
- Demonstrated experience writing well-structured code and applications using coding best practices to deliver enterprise applications.
- Proven experience in developing robust, scalable data pipelines and integrations.
- Solid understanding of application architecture and interfaces as well as experience with data modeling.
- Expertise in working with streaming data and implementing real-time data processing solutions.
- Ability to develop and deploy in containerized environments (Docker, Kubernetes).
- Experience with open-source tools including Kafka, Logstash, Beats, Elasticsearch, Kibana, or Splunk.
Must have’s:
- Minimum of 5-7 years of relevant experience.
- Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
- Strong written and verbal communication skills.
- Strong documentation skills.
- Experience leveraging data processing technologies such as Apache Kafka and Elasticsearch.
- Skilled problem-solver with strong ability to troubleshoot complex data pipeline issues.
- Ability to work with cross functional teams.
- Requires U.S. citizenship in compliance with federal contract requirements.
Beneficial to have the following:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
- Industry related certifications.
- Experience with cloud platforms (AWS, Azure, GCP).
- Familiarity with cybersecurity concepts and tools.
- Experience with real-time data processing frameworks (e.g., Apache Flink, Apache Spark).
Where it’s done:
- Remote (Herndon, VA).
ExtraHop Subject Matter Expert (SME)
Who we are:
ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we’re looking for:
We’re looking for an experienced ExtraHop Subject Matter Expert (SME) to lead the implementation, management and optimization of our ExtraHop platform. This role focuses on leveraging network performance monitoring and security analytics to extract actionable insights and enhance infrastructure efficiency. The ExtraHop SME will play a critical role in improving application performance and strengthening our overall security posture. This role provides an opportunity to contribute to a high impact cybersecurity mission supporting federal infrastructure and operations.
What you’ll be doing:
- Serve as the primary point of contact and technical authority for all matters related to the ExtraHop platform.
- Lead the planning, design, implementation, configuration and integration of the ExtraHop deployment.
- Develop and implement best practices for utilizing ExtraHop in network performance monitoring, application performance management (APM) and security investigations.
- Create and customize dashboards, alerts, reports and triggers to support the needs of teams across Network, Security and Applications.
- Proactively monitor the ExtraHop environment to ensure optimal performance, scalability and operational health.
- Troubleshoot complex issues related to network and application performance, as well as security incidents, using ExtraHop data.
- Collaborate with Network Engineering, Security Operations, Application Development and IT Operations teams to deliver data-driven insights and recommendations.
- Develop and maintain documentation on ExtraHop configurations, processes and system architecture.
- Provide training and knowledge transfer to team members on effective use of the ExtraHop platform.
- Stay current with ExtraHop features and enhancements and proactively recommend and implement improvements.
- Coordinate with ExtraHop support and professional services to resolve issues and integrate new functionalities.
- Contribute to the development and refinement of security policies and procedures informed by ExtraHop insights.
- Support capacity planning and forecasting efforts for the ExtraHop environment.
What you need to know:
- Working knowledge of network and application performance monitoring methodologies.
- Ability to develop data-driven insights to support IT operations, cybersecurity and application teams.
- Familiarity with SIEM and SOAR platforms for correlated threat detection and automated response.
- Understanding of how to align ExtraHop capabilities with security policy development and operational processes.
- Adaptability to stay current with evolving ExtraHop features, updates and best practices.
- Effective collaboration skills across multidisciplinary technical teams.
- Strong documentation and knowledge-sharing capabilities to support team development.
Must have’s:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field
- 3+ years of experience as an ExtraHop administrator or subject matter expert.
- Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
- Proven ability to design, implement and manage large-scale ExtraHop deployments.
- Hands-on experience with ExtraHop Reveal(x) and other ExtraHop modules.
- Deep understanding of network protocols (TCP/IP, DNS, HTTP), network infrastructure (routers, switches, firewalls, load balancers) and application architectures.
- Experience creating custom dashboards, alerts and reports within ExtraHop.
- Strong analytical and problem-solving skills with the ability to translate complex data into actionable insights.
- Familiarity with security concepts, threat detection methodologies and SIEM platforms such as Splunk.
- Experience integrating ExtraHop with tools like Splunk, Splunk SOAR and Palo Alto firewalls.
- Excellent written and verbal communication skills, with the ability to explain technical concepts to both technical and non-technical audiences.
- Ability to work independently and collaboratively within a team environment.
- U.S. citizenship required for federal compliance and eligibility to obtain and maintain agency required clearance.
Beneficial to have the following:
- ExtraHop certification(s), such as ExtraHop Certified Administrator.
- Experience integrating ExtraHop with security and IT tools including Splunk SOAR and Palo Alto firewalls.
- Familiarity with scripting languages such as Python for automation and data manipulation.
Where it’s done:
- Hybrid with ability to travel to customer site minimum 2-3 days per week (Rockville, MD).