Purpose-Driven Careers

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a motivated Blue Team Engineer with expertise in defensive cybersecurity tools and techniques to conduct threat simulations. The ideal candidate will replicate both insider and external threats to operational systems and networks, contributing to the defense of high-profile environments. This is a unique opportunity to shape the growth and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews, and web application testing.
• Develop test plans, execute tests, and prepare detailed after-action reports.
• Document testing processes in accordance with agency regulations and Standard Operating Procedures (SOPs).
• Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management, and continuous monitoring efforts.
• Use signature-based scanners, data collection tools, and hardware analysis tools to assess potential threat events.
• Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats.
• Support vulnerability analysis and develop mitigation strategies to prevent future threats.
• Support remote locations with traveling assessments as scheduled (30% travel expected, Continental United States).

What you need to know:

• Broad knowledge of security methodologies, solutions, and industry best practices.
• Experience with open-source and commercial testing tools such as Nessus, Metasploit, Burp Suite, App Detective, and Nmap.
• Advanced understanding of security tools with the ability to configure and troubleshoot them as needed.
• Expertise in Unix/Linux or Microsoft operating systems, with extensive experience in at least one.
• Familiarity with security policies of the Department of Justice (DOJ), FBI, and National Institute of Standards and Technology (NIST) guidelines (e.g., 800-53, 800-53a).
• Strong critical thinking and analytical skills, with the ability to interpret and synthesize complex data.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field, or 10 years of relevant IT experience.
• Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
• Expertise in at least one of the following areas: Web applications and technologies, Networking technologies, Enterprise solutions, storage, and databases, Cross-domain solutions, Virtualization technologies, Mainframes.
• One or more of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN, GWAPT or CEH.
• Active Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph.

Where it’s done:

• Washington, DC.
• Remote Locations (Travel to these locations once per quarter.)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking an Elasticsearch (Elastic/ELK/ECE) Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Elasticsearch (Elastic/ELK/ECE) Engineer will have the opportunity to be exposed to all aspects of Systems Engineering and will be encouraged to grow as the organization expands.

What you’ll be doing:

• Responsible for working with the Integration, and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) Enterprise solutions deployed in the Cloud or on-premises environment.
• Work closely with architects, engineers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with data requirements.
• Follow life cycle processes to move solutions from Dev to Test to Production.
• Participate in group sessions as well as attend and share in agile sprint daily meetings to track progress to ensure development of solutions is in support of the project and customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
• Configure and maintain Linux based Operating system files in support of the Elasticsearch products (yum updates and product version upgrades).
• Install and configure an Elastic Cloud Enterprise solution and ensuring communication and integration among the Elasticsearch products and data sources.
• Document the installation and configuration for deployment.
• Secure the solution by being familiar with TLS, certificates, SSO/PIV authentication, and encryption technologies.
• Work with the data lifecycle management team.
• Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime.
• Work with a team and provide analysis of alternatives and progress status in daily sprint meetings.
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner.
• Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface.
• Recommend enhancements and modifications to optimize business intelligence processes.

What you need to know:

• Software Development using Java with an IDE (e.g. Eclipse, CodeReady).
• Parsing File formats (e.g., JSON, XML, and CSV).
• SQL SERVER database design, programming, tuning, writing SQL queries/procedures.
• Developing/automating test procedures.
• Web services client development using REST API.
• Release Management and build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN).
• Secure coding practices including use of encryption (e.g., Certificates, TLS Connections).

Must have’s:  

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 2+ years of relevant experience.
• Expertise in Kubernetes (K8s).
• Strong knowledge of observability practices, including Application Performance Management (APM) and Elastic Cloud on Kubernetes (ECK).
• Security+ Certification.
• Must have an active Secret clearance to start.

Beneficial to have the following:  

• Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI.
• Experience with Messaging Queues (e.g., RabbitMQ).
• Experience with Microsoft SQL.
• Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok).
• Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH.
• Understanding of interrelationships between critical infrastructure protection and cybersecurity.
• Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF).

Where it’s done:

• Hampton, VA or Bedford, MA.

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to provide quality and consistent consultations and deliverables for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Zero Trust Architecture (ZTA) Security Controls Assessor who will work on an existing and established team conducting security controls assessments correlating to CISA’s Zero Trust Maturity Model 2.0 and NIST’s 800-53r5 & 800-207. The goal is to understand the existing environment and aid our client to move to their desired state by performing gap analyses, populating a requirements traceability matrix, developing Zero Trust roadmaps, and aligning cybersecurity strategies with federal policies and requirements. The ideal candidate will have a deep understanding of the Risk Management Framework (RMF) and how RMF maps to the Zero Trust Framework, including Executive Orders and other federal mandates, and will engage with stakeholders to deliver comprehensive assessment results contributing to the agencies Zero Trust maturity goals. The ZTA Security Controls Assessor role requires expertise in analyzing systems, documenting requirements, and designing secure architectures that meet both immediate and long-term objectives. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Conduct Zero Trust-focused gap analyses, mapping current capabilities to the five pillars of the CISA security model and aligning them with the CISA ZTA Maturity Model 2.0 and NIST standards to highlight current and desired states of maturity.
• Review, decompose, and consolidate requirements from diverse government policies, memoranda, and directives.
• Develop and execute a Zero Trust roadmap for implementing and maintaining enterprise cybersecurity capabilities in on-premises and cloud environments.
• Analyze existing capabilities, propose modernization strategies, and incorporate approved recommendations into roadmaps and documentation such as Integrated Master Schedules.
• Document and implement Zero Trust security solutions for on-premises and cloud-based environments, following guidance outlined in OMB Memo M-22-09.
• Collaborate with program managers, technical teams, and stakeholders to define project scope, deliverables, and timelines.
• Provide technical guidance on the realization of cross-cutting security solutions that leverage Zero Trust product services and capabilities.
• Assist in developing and delivering client-facing materials, including presentations, training curricula, whitepapers, and other technical documentation.
• Lead and support the development of documentation for system requirements, system analysis, and integration activities.

What you need to know:

• Strong understanding of the Zero Trust Architecture, including federal policies, CISA guidance, and NIST standards.
• Experience conducting gap analyses and aligning cybersecurity strategies with organizational and federal objectives.
• Knowledge of OMB Memo M-22-09, CISA Zero TrustMaturity Model 2.0, and methodologies for system analysis and risk assessments.
• Familiarity with IT Enterprise architectural principles, including cloud, on-premise, centralized, and federated systems.
• Understanding of integration challenges, cost estimation, system requirements determination, and methodologies for system analysis.
• Ability to develop and deliver effective presentations, training materials, and reports to diverse stakeholders.
• Ability to build and maintain positive relationships, fostering collaboration and support for cybersecurity endeavors across a range of management and IT support staff.
• Strong skills in decomposing and consolidating requirements, strategic planning, and aligning cybersecurity initiatives with organizational goals.
• Familiarity with IT risk assessments, system verification/ hardening, and compliance standards, including Mac, Linux-based, and Microsoft operating systems.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• Demonstrated ability to apply analysis and critical thinking to develop undefined tasks into actionable processes and work streams.
• Experience with mapping CISA Zero Trust model pillars to Zero Trust solutions and developing comprehensive security roadmaps.
• Knowledge of federal cybersecurity standards and compliance requirements, including FISMA, NIST SP 800 series, and OMB guidelines.
• Exceptional analytical thinking and problem-solving skills, with a focus on aligning cybersecurity initiatives with organizational goals.
• Strong communication and collaboration skills to engage with diverse stakeholders effectively.
• Exceptional attention to detail with high standards while delivering high quality deliverables and outcomes.
• Requires U.S. citizenship in compliance with federal contract requirements.

Beneficial to have the following:

• Cybersecurity related certifications such as Security+, CASP or CISSP.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a skilled Penetration Tester with experience conducting security assessments of web applications, mobile platforms, APIs, and client-side tools. The ideal candidate will have a strong background in penetration testing methodologies, proficiency in using industry-standard tools, and a proven ability to identify and remediate vulnerabilities. The Penetration Tester role involves working closely with clients and internal teams to enhance security posture and ensure compliance with federal standards. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Conduct security assessments of web applications, mobile applications, databases, client-side tools, and APIs.
• Collaborate with team members and clients to define project scopes, develop business cases, review test results, and identify remediation steps.
• Perform risk analysis and root cause analysis for security findings.
• Use approved test protocols and procedures to perform network- and application-level penetration tests.
• Generate comprehensive reports with detailed findings, exploitation procedures, and mitigation strategies.
• Participate in client meetings, providing incremental progress updates, and addressing roadblocks or technical challenges.
• Attend client meetings to document findings, record technical interviews, and create detailed reports and memoranda.
• Execute script writing and payload crafting to simulate attacks and evaluate system security.

What you need to know:

• Strong knowledge of penetration testing methodologies and best practices for assessing system security.
• Familiarity with security assessment tools and techniques used in identifying vulnerabilities across networks, applications, and cloud technologies.
• General understanding of federal cybersecurity frameworks, compliance standards, and risk management principles.
• Proficiency in analyzing and communicating complex security findings to both technical and non-technical stakeholders.

Must have’s:

• Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
• Experience using scanning tools like Nessus and Nmap, as well as penetration tools like the Kali Linux suite, Burp Suite and Metasploit.
• One or more of the following certifications: OSCP, OSWA, OSWE, CBBH, GWAPT or other relevant hands-on certification.
• Knowledge of FISMA and NIST 800 series standards.
• Ability to participate in cybersecurity control testing engagements for the customer’s network, websites, applications, and cloud technologies.
• Proven experience in web application penetration testing.
• Experience in network mapping, vulnerability scanning, and penetration testing of web applications.
• Experience using approved test protocols and procedures to conduct network and application-level penetration tests.
• Experience attending client meetings, recording internal and technical client interviews and preserving the contents of reports and memoranda.
• Experience in script writing and crafting of payloads.
• Must be willing to travel as needed.
• Must be able to obtain and maintain a Secret Clearance.

Beneficial to have the following:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Project Coordinator who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Project Coordinator will have the opportunity to be exposed to all aspects of the program and will be encouraged to grow as the organization expands.

What you’ll be doing:

• Organize, direct, and manage engagement operations across multiple, complex, and interrelated project task areas.
• Monitor engagement performance through the development and analysis of key metrics and reporting.
• Conduct quality control activities to ensure the highest standards in deliverable and service quality.
• Manage teams of engagement support personnel across multiple locations.
• Maintain and foster strong relationships with clients at senior levels of their organization.
• Meet with clients and project teams to formulate and review task plans and deliverables.
• Contribute to the development of short and long-term security initiatives that align with client executives’ goals and business objectives.
• Proactively identify potential issues and facilitate the resolution process.
• Determine project resource requirements and identify the appropriate staff, tools, and technologies for successful service delivery.
• Ensure adherence to program task schedules and cost constraints.
• Lead periodic program reviews and status meetings, presenting updates in a clear, concise, and engaging manner.

What you need to know:

• Strong understanding of project coordination methodologies, tools, and best practices.
• Excellent communication skills with the ability to build and maintain client relationships.
• Strong analytical and problem-solving skills.
• Experience managing cross-functional teams and engagement personnel across multiple locations.
• Proficiency in project management software and tools for tracking tasks, resources, and reporting metrics.
• Ability to lead meetings and provide clear, concise updates to stakeholders at various levels of the organization.

Must have’s:

• Bachelor’s degree in Computer Science, Information Systems, Engineering or a related field.
• 3-5 years of relevant experience.
• Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
• Ability to obtain federal agency required security clearance.

Beneficial to have the following:

• One or more of the following certifications: Project Management Professional (PMP) or Program Management Professional (PgMP) training.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a detail-oriented HR Coordinator to support the operational needs of our HR department. This role will focus on managing and maintaining the onboarding process in close collaboration with the Facility Security Officer (FSO), assisting with employee benefits administration, ensuring compliance with HR policies, and supporting initiatives to foster employee engagement. The ideal candidate will thrive in a dynamic and collaborative environment while developing their HR expertise.

What you’ll be doing:

• Manage the end-to-end onboarding process for new hires, ensuring a seamless experience.
• Assist with employee benefits programs, including enrollment, changes, and annual open enrollment processes.
• Support annual compliance filings and ensure HR records are maintained accurately.
• Collaborate with the HR Manager on policy development, implementation, and updates.
• Participate in HR projects and initiatives aimed at improving employee engagement and organizational effectiveness.
• Support the HR Manager with offboarding tasks as needed.
• Maintain accurate HR records and data, ensuring confidentiality and compliance with data protection regulations.
• Ensure compliance with federal and state employment law postings by managing and updating digital display content.
• Assist with the creation, implementation, and management of internal learning and development programs.
• Support HR Manager with special projects that enhance company culture and employee engagement.

What you need to know:

• Ability to adapt to changing environments and priorities.
• Ability to handle sensitive and confidential information with discretion.

Must have’s:

• 1-2 years of progressive experience in human resources roles.
• Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
• Ability to work collaboratively in a team environment and independently
• Attention to detail is important for this role to ensure accuracy and efficiency.
• Knowledge of state and federal employment laws and regulations.
• Proficiency in HRIS systems and Microsoft Office Suite.
• Strong interpersonal and communication skills.
• Excellent organizational and time-management skills.
• Must be a U.S. citizen and eligible to obtain and maintain a security clearance if required.

Beneficial to have the following:

• College degree.
• SHRM-CP certification.

Where it’s done:

• Hybrid (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community. 

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking an Incident Response Manager who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Incident Response Manager will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands. 

What you’ll be doing:

• Advise senior management on risk levels and security posture.
• Coordinate and provide technical support for Cyber Fusion Center operations.
• Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
• Provide 24x7x365 support for cyber incident identification, triage, escalation, and tactical coordination for Amtrak Digital Technology Incident Management Severity Bridges.
• Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.
• Analyze incident data to identify vulnerabilities and recommend remediation.
• Perform log file analysis to detect potential threats.
• Conduct cyber defense incident triage and trend analysis.
• Interface with internal and external organizations for incident dissemination.
• Perform real-time incident handling tasks and document incident lifecycle.
• Write and publish incident findings and after-action reviews.
• Coordinate incident response functions and provide cybersecurity recommendations.
• Support Disaster Recovery and Continuity of Operations Plans.
• Provide 24×7 support for cyber incident identification and escalation.
• Create and maintain Standard Operating Procedures and knowledge base articles.
• Respond to crises and investigate and analyze response activities.
• Supervise and lead cyber incident response activities.
• Provide overwatch coverage and on-call status during off hours.

What you need to know:

• Conduct vulnerability scans and assess resource requirements.
• Develop cyber incident plans in compliance with regulations.
• Tailor technical information for different audiences.
• Apply cybersecurity principles to organizational requirements.
• Utilize cyber investigative tools and processes.

Must have’s:

• 5-8 years of relevant experience.
• Determine security system functionality and protection needs.
• Preserve evidence integrity and perform damage assessments.
• Recognize vulnerabilities and perform incident handling.
• Evaluate security controls and use security event correlation tools.
• Apply crisis planning procedures and prepare briefings.
• Ability to tailor technical and planning information to a customer’s level of understanding.
• Ability to develop cyber incident plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
• Ability to obtain and maintain customer required Secret clearance.

Beneficial Knowledge:

• Cyber risk management processes, laws, and regulations.
• Intrusion detection methodologies and hacking methodologies.
• Incident response and handling methodologies.
• System and application security threats and vulnerabilities.
• Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161).
• Knowledge of cyber attackers and attack stages.

Where it’s done:

• Hybrid  –  Washington, D.C (2-3 times per week).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a self-motivated Cyber Data Architect with a growth mindset and experience supporting dynamic, fast-paced environments in the public sector. This role involves designing and configuring cyber data delivery, collection and analysis systems. The Cyber Data Architect will collaborate with software developers, system architects, and data analysts to build systems that meet evolving cyber data modernization goals. This is a unique opportunity to shape the future of government cyber data modernization capabilities.

What you’ll be doing:

• Provide senior-level leadership and direction for a team of Data Engineers and Data Analysts.
• Analyze diverse data sources to assess their structure, quality, and relevance for cybersecurity insights.
• Evaluate the feasibility, constraints, and value of integrating various data sources into the analytics environment.
• Engineer a cyber log collection system in a government-owned cloud environment using automation for both infrastructure and configuration management.
• Define and implement a data strategy that outlines storage, retention policies, and accessibility guidelines.
• Design and maintain a standardized data schema for security events collected from diverse sources.
• Coordinate with stakeholders across HQ, labs, plants, and field sites to align data initiatives with operational needs.
• Drive customer engagement efforts by gathering feedback, addressing concerns, and improving user experience.
• Identify and implement cloud-managed data services to support discoverability and search within petabyte-scale data sets.
• Lead a team in an Agile environment by facilitating daily stand-up meetings, sprint planning, and sprint retrospectives.
• Communicate effectively and collaboratively with internal leadership and government stakeholders on deliverables.

What you need to know:

• Experience leading a team within an Agile framework to process and prioritize tasks.
• Clear, concise, and effective communication across a diverse range of individuals, from highly technical engineers to business/mission leaders.
• Continuous learning mindset, with the ability to adapt to shifting requirements.
• Ability to apply lessons learned proactively without explicit direction.
• Basic understanding of cybersecurity data logs, including Zeek, Suricata, Firewall, Proxy, and EDR.
• Expertise in Elasticsearch 8.x, particularly in structured data optimization, query development, and dashboard configuration.
• Knowledge of basic AWS services, including EC2 and S3.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or equivalent combination of education and experience.
• Minimum of 5+ years of experience in system engineering or application development/integration and Agile Project Management.
• Demonstrated ability to apply critical thinking in decomposing complex requirements into actionable tasks and processes.
• Current Elasticsearch Certified Engineer certification, or the ability to obtain within three months.
• Requires Q clearance or eligibility to obtain the federally required security clearance before starting.

Beneficial to have the following:

• Knowledge of cyber data analytics as it relates to SIEM system design.
• Familiarity with industry big data solutions (Apache Spark, Kafka, Redis).
• Proficiency in Linux operating systems.
• Familiarity with information security principles and concepts.
• Familiarity with data taxonomy and common schemas.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Senior Penetration Tester with a strong background in conducting comprehensive security assessments of agency systems, applications, and networks. The ideal candidate will have expertise in penetration testing methodologies, vulnerability exploitation, and threat modeling, with the ability to develop penetration testing documentation, including SOPs, test plans, and reports. The Sr Penetration Tester role requires a proactive professional who can collaborate with system administrators, developers, and security teams to identify, analyze, and remediate security weaknesses. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. 

What you’ll be doing:                  

• Developing Penetration SOPs, Test Plans, Pen Testing Reports.
• Conducting comprehensive penetration tests on agency systems, applications, and networks to identify vulnerabilities and assess security posture.
• Developing or modifying tools that automate discovery or exploitation (e.g., bash, Python, JavaScript and PowerShell).
• Develop and execute comprehensive test plans, including threat modeling, exploitation, and post-exploitation analysis.
• Delivering detailed reports outlining security risks, vulnerabilities, and recommended mitigation actions to stakeholders.
• Collaborate with system administrators, developers, and security teams to remediate identified security weaknesses.
• Effectively communicate technical findings, risks, and recommendations to both technical and non-technical stakeholders.
• Ability to convey complex security issues in an understandable and actionable manner is critical for driving remediation efforts and strengthening the organization’s security posture.
• Work with customers to define the scope, objectives, and rules of engagement for penetration tests.
• Clarify testing methodologies, timelines, and expected outcomes to ensure alignment with customer expectations.
• Provide ongoing updates during engagements to keep customers informed of progress.
• Deliver detailed reports outlining identified vulnerabilities, exploitation methods, and risk assessments.
• Develop executive summaries for leadership, translating technical risks into business impact.
• Present prioritized remediation strategies based on the severity and exploitability of findings.
• Conduct debriefs meetings to walk through findings, answer questions, and provide guidance on mitigation efforts.

What you need to know:

• Experience providing Incident Response capabilities.
• Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.
• Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53.
• Experience compiling and maintaining internal standard operating procedure (SOP) documentation.
• Experience working with host identification and exploitation of vulnerabilities.
• Knowledge of phishing procedures.
• Knowledge of script writing and crafting of payloads.
• Knowledge of database operations and system/network administration.
• Experience briefing findings to stakeholders and recommending remediations.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field from an accredited college or university.
• Minimum of 5 years of experience conducting penetration testing.
• Experience with penetration testing tools such as Metasploit, Nmap and Burp Suite.
• Experience conducting penetration tests of mainframes, cloud systems, mobile, Software-as- a-Service and APIs.
• Demonstrated experience writing and reviewing technical and non-technical.
• Ability to quickly grasp complex technical concepts and make them easily understandable in text and pictures.
• Excellent verbal and written skills.
• Strong working knowledge of Microsoft Office.
• Requires U.S. citizenship in compliance with federal contract requirements.

Beneficial to have the following:

• Relevant industry certification.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Mid-Level SOC Analyst (Rotating Shift) – Top Secret Clearance with experience in monitoring, detecting, and responding to cybersecurity threats in a high-security environment. The ideal candidate will have a strong foundation in SOC operations and a passion for protecting mission-critical systems. The Mid-Level SOC Analyst (Rotating Shift) – Top Secret Clearance role involves real-time alert monitoring, incident analysis, and response, with exposure to hybrid environments that include both on-premises equipment and cloud services. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Monitor and triage real-time security alerts to identify potential threats.
• Coordinate and assist with the preparation of incident reports.
• Conduct incident analysis, including reviewing forensic artifacts and basic malware analysis.
• Support incident containment, eradication, and recovery efforts.
• Assist in maintaining and updating the Incident Response Plan (IR Plan).
• Collaborate on incident response testing and training initiatives.
• Generate and contribute to SOC best practices reports to enhance cybersecurity controls.
• Provide support for Continuity of Operations (COOP) as needed.
• Work alongside senior team members to ensure effective SOC operations.

What you need to know:

• Real-time alert monitoring, incident reporting, and analysis.
• incident containment and recovery procedures.
• Familiarity with forensic artifact and malware analysis techniques.
• Understanding of FISMA, NIST SP 800 series, and other federal cybersecurity mandates and policies.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field (or 4 additional years of experience in lieu of a degree).
• 5+ years of experience providing cybersecurity operations or consulting.
• Experience in cybersecurity incident management and SOC operations.
• Strong understanding of cybersecurity frameworks and standards.
• Flexibility to work rotating day and night shifts including weekends and holidays.
• Active Top-Secret agency required security clearance to start.

Rotating Shift Schedule:

• Day and night shifts including weekends and holidays. Flexibility required

Beneficial to have the following:

• Industry recognized certifications.

Where it’s done:

• Washington D.C.