Purpose-Driven Careers

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an Elasticsearch Engineer (TS/SCI Clearance) with expertise in designing, deploying and optimizing Elastic Stack solutions in federal environments. This role supports the delivery of Elastic-based solutions across cloud, on-prem and hybrid infrastructures to enable security operations and data-driven outcomes. The Elasticsearch Engineer will lead technical implementations, support migrations and contribute to scalable architectures while engaging directly with client stakeholders. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Architect, deploy and tune Elastic Stack solutions (Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), Elastic Cloud) across cloud, on-prem and hybrid environments.
• Execute legacy security platform migrations, including detection translation (e.g., Search Processing Language (SPL) → (ES|QL) Elasticsearch Query Language) and analyst workflow modernization.
• Design and implement data ingestion pipelines using Elastic Agent, Fleet, Logstash and Beats.
• Harden deployments for federal compliance, including Transport Layer Security (TLS), Personal Identity Verification/Common Access Card (PIV/CAC), Single Sign-On (SSO) / Security Assertion Markup Language (SSO/SAML), Security Technical Implementation Guide (STIG) and audit logging.
• Build outcome-driven dashboards and advanced Kibana visualizations.
• Develop automation using Infrastructure-as-Code (IaC) tools (Ansible, Terraform or equivalent).
• Communicate technical decisions and trade-offs directly to client stakeholders.
• Contribute to internal IP, including reusable templates, automation and reference architectures.

What you need to know:

• Understanding of Elastic Stack capabilities and use cases across deployment, security and operations.
• Knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.

Must have’s:

• 6+ years in systems engineering or infrastructure, including 2+ years of production Elastic Stack experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Strong problem-solving skills and a self-starter mentality.
• Solid written and verbal communication skills.
• Linux Command-Line Interface (CLI) fundamentals and basic networking knowledge.
• Hands-on experience with containerization and IaC tooling.
• Proficiency with at least one major cloud provider.
• Experience with federal security controls (TLS, SSO/SAML, PIV/CAC, STIG).
• Proven track record leading engagements from scoping through delivery.
• Deep knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.
• Ability to drive client relationships and identify expansion opportunities.
• Applicants must currently hold and maintain an active TS/SCI Clearance (Full Scope polygraph preferred).

Beneficial to have:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field.
• Elastic certifications (ECE or being on a defined certification track).
• Elastic Security (SIEM, detection engineering, threat hunting and legacy migration).
• Detection translation experience (SPL → ES|QL or equivalent).
• Scripting proficiency (Python, Bash or PowerShell).
• Exposure to AI-augmented search, RAG or semantic search use cases.
• Prior professional services or consulting experience.

Where it’s done:

• Onsite (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an Expert Cyber Defense Analyst (TS/SCI Clearance) to analyze cyber events and support threat mitigation across enterprise environments. This role leverages data from cyber defense tools to assess security events and guide response activities. The Expert Cyber Defense Analyst position operates as a senior individual contributor within a functional cyber operations team, supporting project execution in alignment with client objectives. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Domain and expert technical knowledge in cyber defense and related technologies.
• Analyze data collected from cyber defense tools, including intrusion detection system (IDS) alerts, firewalls and network traffic logs to identify and mitigate threats.
• Provide technical leadership on major tasks or technology assignments.
• Establish goals and plans that align with project objectives.
• Interface with senior management and support client interactions, including negotiations.
• Apply domain expertise to support decision-making that impacts overall project implementation.
• Develop Standard Operating Procedures (SOPs).
• Supervise team members as required.
• Collaborate with a functional team lead and team members to support mission objectives and execution.

What you need to know:

• Experience working within Microsoft environments such as Microsoft Defender, Microsoft Sentinel and SharePoint.
• Experience with security information and event management (SIEM) tools such as Splunk.
• Experience with network intrusion detection and prevention (NID/NIP) technologies.
• Experience with endpoint detection and response (EDR) tools such as Trellix, and endpoint security concepts.
• Experience with intrusion detection and prevention systems (IDS/IPS) such as tools such as CoreLight.
• Experience with application programming interface (API) development and scanning tools such as Tenable.

Must have’s:

• Bachelor’s degree from an accredited university.
• 15+ years of relevant experience. A postgraduate degree from an accredited university in a related field may substitute for 6 years of experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently hold and maintain an active TS/SCI clearance.

Beneficial to have:

• Industry recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Data & Automation Engineer (Q Clearance) with experience supporting document scanning, classification and automation solutions within Microsoft 365 environments. This role supports the development of tools and processes to analyze, manage and migrate large volumes of documents across SharePoint and network file systems. The ideal Data & Automation Engineer will have experience in Python and PowerShell scripting, with an interest in data processing, automation and emerging AI capabilities. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Support development of Python-based tools for document scanning, extraction and processing.
• Assist in automating workflows using PowerShell and Microsoft 365 services.
• Work with SharePoint Online libraries, metadata and document structures.
• Contribute to data migration activities from file shares to SharePoint Online.
• Help implement and test document classification and records management processes.
• Analyze file metadata and content to support categorization and compliance efforts.
• Collaborate with senior engineers on integrating AI services (e.g., Azure OpenAI).
• Perform testing, validation and troubleshooting of automation pipelines.
• Document scripts, processes and technical configurations.

What you need to know:

• Working knowledge of scripting concepts for automation, including Python and PowerShell, in support of data processing and workflow development.
• Understanding of how documents, metadata and file structures are organized and managed within Microsoft 365 and SharePoint Online environments.
• Familiarity with concepts related to document classification, data organization and migration across file systems and enterprise platforms.

Must have’s:

• 3+ years of relevant experience.
• Experience with Python scripting.
• Experience with PowerShell scripting.
• Understanding of SharePoint Online and Microsoft 365 ecosystem.
• Experience with data handling, file systems or data migration concepts.
• Strong analytical and problem-solving skills.
• Strong attention to detail and ability to work with large datasets.
• Willingness to learn and grow in AI-enabled solutions.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently hold and maintain an active DOE Q or equivalent DoD Top Secret clearance.

Beneficial to have:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field.
• Industry recognized certifications.
• Knowledge of records management or information governance concepts.
• Exposure to Azure services or cloud-based tools
• Experience working with structured and unstructured data.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a SOC Level 2 Analyst (Q Clearance) provide advanced monitoring, triage and response within a 24/7 Security Operations Center (SOC) environment. This role plays a key part in identifying and investigating security incidents, advising on mitigation and improving monitoring content and procedures. The SOC Level 2 Analyst will have hands-on experience with security technologies and be ready to contribute to threat detection, content development and continuous service improvement in a fast-paced operational setting. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Monitor client sources of potential security incidents, health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing systems, telephone calls and chat sessions.
• Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
• Escalate potential security incidents to client personnel, implement countermeasures in response to others and recommend operational improvements.
• Keep accurate incident notes in the case management system.
• Maintain awareness of the client’s technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence and recent security incidents.
• Provide advanced analysis of the results of the monitoring solutions, assess escalated outputs and alerts from Level 1 Analysts.
• Perform web hunting for new patterns/activities.
• Advise on content development and testing.
• Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.
• Ensure that all identified events are promptly validated and thoroughly investigated.
• Provide end-to-end event analysis, incident detection and manage escalations using documented procedures.
• Devise and document new procedures and runbooks/playbooks as directed.
• Maintain monthly Service Level Agreements (SLAs).
• Maintain compliance with processes, runbooks, templates and procedures-based experience and best practices.
• Assist the Cyber Hunting team with advanced investigations as needed.
• Provide malware analysis (executables, scripts, documents) to determine indicators of compromise and create signatures for future detection of similar samples.
• Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures, plays, client network models), false positive tuning, identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins, etc.
• Perform peer reviews and consultations with Level 1 Analysts regarding potential security incidents.
• Serve as a subject matter expert in at least one security-related area (e.g., specific malware solution, Python programming, etc.).
• Provide shift status and metric reporting as well as support weekly operations calls.

What you need to know:

• Strong understanding of SOC operations, incident response workflows and monitoring tools.
• Experience with malware behavior analysis and identification of indicators of compromise.
• Familiarity with APT tactics, techniques and procedures.
• Knowledge of security technologies such as SIEM, EDR, IDS/IPS and WAF.
• Understanding of networking fundamentals, protocols (TCP/IP, DNS, HTTP) and infrastructure devices.
• Awareness of security architecture principles and common defensive tools.

Must have’s:

• Bachelor’s degree.
• 2+ years of working in a SOC or similar security operations environment, including 1+ years of experience in security technologies such as:
  • Security Information and Event Management (SIEM).
  • IDS/IPS, DLP, Endpoint Detection and Response (EDR).
  • Web Application Firewall (WAF), anti-virus and sandboxing solutions.
  • Host- and network-based firewalls, threat intelligence platforms or penetration testing tools.
• One or more of the following certifications:
  • (ISC)2 Certified Information Security Professional (CISSP)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Continuous Monitoring (GMON)
  • Certified Ethical Hacker (CEH) or equivalent.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Must have the ability to work shifts on a rotating basis for 24/7 support of clients.
• Travel up to 15%, on average, based on the work you do and the clients and industries/sectors you serve.
• Must currently possess an active DOE Q Clearance or equivalent DoD Top Secret clearance at time of hire.

Beneficial to have the following:

• A strong desire to understand the what as well as the why and the how of security incidents.
• Knowledge of Advanced Persistent Threats (APT) tactics, techniques and procedures.
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Understanding of common network infrastructure devices such as routers and switches.
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP.
• Basic knowledge in system security architecture and security solutions.

Where it’s done:

• Onsite (Las Vegas, NV).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an Elasticsearch Engineer (Secret Clearance) with expertise in designing, deploying and optimizing Elastic Stack solutions in federal environments. This role supports the delivery of Elastic-based solutions across cloud, on-prem and hybrid infrastructures to enable security operations and data-driven outcomes. The Elasticsearch Engineer will lead technical implementations, support migrations and contribute to scalable architectures while engaging directly with client stakeholders. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Architect, deploy and tune Elastic Stack solutions (Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), Elastic Cloud) across cloud, on-prem and hybrid environments.
• Execute legacy security platform migrations, including detection translation (e.g., Search Processing Language (SPL) → (ES|QL) Elasticsearch Query Language) and analyst workflow modernization.
• Design and implement data ingestion pipelines using Elastic Agent, Fleet, Logstash and Beats.
• Harden deployments for federal compliance, including Transport Layer Security (TLS), Personal Identity Verification/Common Access Card (PIV/CAC), Single Sign-On (SSO) / Security Assertion Markup Language (SSO/SAML), Security Technical Implementation Guide (STIG) and audit logging.
• Build outcome-driven dashboards and advanced Kibana visualizations.
• Develop automation using Infrastructure-as-Code (IaC) tools (Ansible, Terraform or equivalent).
• Communicate technical decisions and trade-offs directly to client stakeholders.
• Contribute to internal IP, including reusable templates, automation and reference architectures.

What you need to know:

• Understanding of Elastic Stack capabilities and use cases across deployment, security and operations.
• Knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.

Must have’s:

• 6+ years in systems engineering or infrastructure, including 2+ years of production Elastic Stack experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Strong problem-solving skills and a self-starter mentality.
• Solid written and verbal communication skills.
• Linux Command-Line Interface (CLI) fundamentals and basic networking knowledge.
• Hands-on experience with containerization and IaC tooling.
• Proficiency with at least one major cloud provider.
• Experience with federal security controls (TLS, SSO/SAML, PIV/CAC, STIG).
• Proven track record leading engagements from scoping through delivery.
• Deep knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.
• Ability to drive client relationships and identify expansion opportunities.
• Applicants must currently hold and maintain an active Secret Clearance.

Beneficial to have:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field.
• Elastic certifications (ECE or being on a defined certification track).
• Elastic Security (SIEM, detection engineering, threat hunting and legacy migration).
• Detection translation experience (SPL → ES|QL or equivalent).
• Scripting proficiency (Python, Bash or PowerShell).
• Exposure to AI-augmented search, RAG or semantic search use cases.
• Prior professional services or consulting experience.

Where it’s done:

• Onsite (Huntsville, AL or Colorado Springs, CO or Orlando, FL or Virginia Beach, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Senior Malware/Forensics Analyst (Secret Clearance) with extensive expertise in advanced technical domains. This individual contributor will develop solutions for undefined and complex technical issues that impact multiple areas or disciplines. The Sr. Malware/Forensics Analyst will employ ingenuity and creativity to deliver innovative systems and approaches while applying expert knowledge of advanced technical principles, theories and concepts. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Analyze and investigate malware, digital artifacts and forensic evidence.
• Develop and apply advanced methodologies to address complex and undefined technical challenges.
• Perform forensic examinations on systems, applications and networks to identify indicators of compromise.
• Document technical findings and provide detailed reports to stakeholders.
• Recommend improvements to processes and procedures based on forensic analysis.
• Collaborate with peers and cross-functional teams to resolve multi-disciplinary technical problems.
• Apply creativity and technical expertise to develop new solutions and approaches

What you need to know:

• Expert-level knowledge of malware analysis and digital forensics principles.
• Ability to identify, interpret and report on digital evidence from diverse sources.
• Strong understanding of complex system behaviors and potential attack vectors.
• Experience in conceptualizing and applying advanced technical theories and methodologies.
• Strong analytical, problem-solving and communication skills

Must have’s:

• Bachelor’s degree or 3+ additional years of relevant experience in lieu of degree.
• 10+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently hold and maintain an active Secret Clearance.

Beneficial to have the following:

• Industry-recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Tier 2 Analyst (Secret Clearance) to support enterprise SOC operations by reviewing and responding to escalated tickets from Tier 1. This role applies working knowledge of cybersecurity to improve incident detection, analyze threat intelligence and support both classified and unclassified environments. The Tier 2 Analyst position requires the ability to work under limited supervision while applying technical expertise to moderately complex problems. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Review and respond to tickets escalated from Tier 1 analysts.
• Analyze and apply cyber threat intelligence to support detection and response.
• Support incident detection and analysis across unclassified and classified environments.
• Investigate alerts and anomalies, escalating to Tier 3 when necessary.
• Apply technical knowledge to resolve problems of moderate scope and complexity.
• Document findings and contribute to incident reports.
• Collaborate with peers to improve workflow detection and escalation processes.
• Support continuous improvement of SOC processes and procedures.

What you need to know:

• Working knowledge of cybersecurity principles, SOC operations and incident response.
• Familiarity with cyber threat intelligence and its application in SOC workflows.
• Experience investigating alerts and supporting incident detection.
• Ability to resolve moderately complex technical issues with limited supervision.
• Understanding of both classified and unclassified operational environments.

Must have’s:

• Bachelor’s degree or 3+ additional years of relevant experience in lieu of degree.
• 3+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently hold and maintain an active Secret clearance.

Beneficial to have the following:

• Industry-recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a DOE Sector Growth and Capture Manager with experience supporting dynamic, fast-paced public sector environments. This role provides broad exposure to program strategy, partner engagement, business development and capture execution. The DOE Sector Growth and Capture Manager will play a key role in driving program success on the CIO Business Support Services (CBOSS) 2 Program by supporting development, execution and collaboration with partners as a prime contractor. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Program Strategy and Execution: Develop and execute a comprehensive DOE sector and CBOSS 2-specific program strategy aligned with company goals and objectives. Define the go-to-market strategy using market trends, corporate capabilities and customer priorities. Support program planning and execution activities that advance DOE sector objectives.
• Partner Relationship Management: Cultivate and maintain relationships with strategic partners to ensure alignment, communication and shared success. Collaborate with internal teams to manage partner expectations and support delivery commitments.
• Program Growth and Business Development: Support, identify and execute growth strategies for existing DOE programs within and outside of CBOSS 2. Identify, develop and pursue DOE Task Order opportunities that contribute to revenue growth and market expansion. Align pursuit activities with ShorePoint capabilities, go-to-market strategy and business objectives.
• Capture Management: Build, maintain and execute comprehensive Capture Plans for strategic pursuits. Coordinate capture activities using matrixed resources across internal and external team members. Support solution development, win strategy formulation, teaming and competitive positioning.
• Market Analysis and Insight Development: Stay informed about industry trends, market shifts and DOE strategic and priority initiatives to identify new opportunities and potential risks. Use market insights to refine business development and capture strategies.
• Matrixed Portfolio Leadership: Work collaboratively with ShorePoint Director of Business Development and Capture, Director of Proposal Operations and Executive Director of DOE and Federal Law Enforcement. Contribute to a collaborative, accountable and results-driven environment positioned for consistent growth.

What you need to know:

• Excellent leadership and creative problem-solving skills with the ability to understand customer priorities and drive program strategy and solution development.
• Effective approaches for identifying and executing growth strategies for existing and new business opportunities.
• Proficiency in ShorePoint’s CRM system (Salesforce) and the Microsoft Office Suite.

Must have’s:

• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Proven experience in Business Development and Capture Management, preferably in cybersecurity.
• Strong track record of driving customer engagement, growth and revenue generation.
• Exceptional interpersonal and communication skills with the ability to build and maintain relationships at all levels.
• Strategic thinker with demonstrated ability to develop and execute complex program strategies.
• Ability to contribute to solution development, content creation and quality reviews throughout the pre-proposal and proposal lifecycle.
• Ability and willingness to travel up to 25 percent for onsite meetings and events.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Demonstrated success growing DOE professional services revenue.
• Strong analytical skills.
• Experience supporting AI-driven use case implementation.

Where it’s done:

• Hybrid (must be local to Herndon, VA and attend in person meetings as needed).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance, reimbursement and more.

Who we’re looking for:

We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security Testing (SAST & DAST) methodologies and enterprise-level security controls. Your mission is to fortify our software supply chain by integrating rigorous security testing directly into the development lifecycle to preemptively neutralize vulnerabilities. The Application Security Engineer will be responsible for the end-to-end administration of Burp Suite and Veracode, managing Integrated Development Environment (IDE) plugins and ensuring all enterprise web applications align with federal compliance and OWASP standards. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Support and operate application security testing capabilities across SAST, DAST and IDE plug-in environments, with primary focus on Burp Suite and Veracode.
• Configure, maintain and troubleshoot Burp Suite and Veracode integrations to enable consistent application security testing workflows.
• Partner with development and engineering teams to identify, validate and remediate security vulnerabilities.
• Apply vulnerability standards and scoring methodologies to findings, including OWASP Top 10, CVSS, CWE, WASC and SANS-25.
• Navigate and troubleshoot within Linux or UNIX environments, including basic website connectivity issues.
• Support the design and implementation of enterprise-wide security controls that secure applications, systems, networks or infrastructure services.
• Use IDEs and development toolchains (Eclipse, JDeveloper, Visual Studio) to support developer workflows, including pipeline development activities where applicable.
• Support compliance-aligned security activities in federal environments leveraging NIST 800-53, FIPS and/or FedRAMP standards.

What you need to know:

• Strong understanding of application security testing concepts and operational support for SAST, DAST and IDE plug-in environments.
• Hands-on capability with enterprise web application security and common vulnerability classes.
• Familiarity with vulnerability scoring, classification and prioritization frameworks (OWASP Top 10, CVSS, CWE, WASC, SANS-25).
• Working knowledge of federal compliance standards (NIST 800-53, FIPS, FedRAMP).
• Ability to work effectively in Linux or UNIX environments for navigation and basic troubleshooting.
• Ability to communicate findings clearly and work cross-functionally to support remediation.

Must have’s:

• Bachelor’s degree in an IT-related field.
• 6+ years of Information Technology experience.
• 3+ years of experience supporting SAST, DAST and IDE plug-in environments using Burp Suite, including 3+ years of hands-on Burp Suite experience.
• 1+ year of experience supporting SAST, DAST and IDE plug-in environments using Veracode.
• 3+ years of experience using the design and implementation of enterprise-wide security controls to secure applications, systems, networks or infrastructure services.
• 2+ years of experience with Java, Python, .NET or C#.
• 2+ years of experience working in Linux-based environments, including navigating and troubleshooting basic website connectivity issues.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience with Eclipse, JDeveloper and/or Visual Studio, including pipeline development experience.
• Experience securing enterprise web applications, including familiarity with OWASP Top 10, CVSS, CWE, WASC and SANS-25.
• Knowledge of federal compliance standards, including NIST 800-53, FIPS and/or FedRAMP.
• Applicants must be a U.S. citizen in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications.
• Experience with Interactive Application Security Testing (IAST) tools and capabilities.
• Experience with HackerOne.
• Experience with Selenium.
• Experience writing bash scripts.
• Experience with OWASP ZAP or Burp Proxy.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Systems Security Administrator (Imperva) with experience supporting the integration, testing, operations and maintenance of systems security. The ideal candidate has experience applying cybersecurity principles, assessing system security implementations, and supporting monitoring activities to identify vulnerabilities and security risks across systems and databases. The Systems Security Administrator (Imperva) role focuses on analyzing system and organizational security posture, evaluating security controls and supporting cybersecurity risk management activities across the system lifecycle. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Analyze and report organizational and system security posture trends, including monitoring activities related to database security risks.
• Apply security policies and cybersecurity principles to ensure systems meet defined security objectives and requirements.
• Assess access control implementations to ensure alignment with least privilege and need-to-know principles.
• Evaluate configuration management, change management and release management processes for security compliance.
• Assess and monitor cybersecurity practices associated with system implementation, testing and operational activities.
• Assess the effectiveness of implemented security controls, including controls protecting databases and data stores, and identify areas requiring improvement.
• Ensure systems security operations and maintenance activities are properly documented and kept current.
• Implement security measures to resolve vulnerabilities, mitigate risks and support system confidentiality, integrity, availability, authentication and non-repudiation.
• Support security testing of applications and systems, including identifying security deficiencies and supporting remediation or risk acceptance processes.
• Conduct security architecture reviews, identify gaps and contribute to the development of security risk management plans.
• Support Risk Management Framework (RMF) activities and related documentation, including lifecycle support plans, operational procedures and system documentation updates.
• Collaborate with stakeholders to resolve security incidents, address vulnerabilities and ensure minimum security requirements are implemented across applications.

What you need to know:

• Experience assessing security controls and security system designs using cybersecurity frameworks and principles (for example CIS Critical Security Controls, NIST SP 800 series or the Cybersecurity Framework).
• Understanding of vulnerability identification, security testing methods and vulnerability scanning practices and monitoring of systems and database environments.
• Knowledge of configuration management, operating systems and system security testing and evaluation methods.
• Knowledge of network security architecture, networking concepts and protocols and how traffic flows across networks.
• Knowledge of cybersecurity risk management processes, laws, policies and governance relevant to cybersecurity and privacy.
• Knowledge of cybersecurity threats, vulnerabilities, cryptography concepts, identity and access management principles and security practices protecting sensitive or regulated information.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or cyber-related field. Relevant certifications and/or additional years of relevant work experience may be accepted in lieu of degree.
• 4+ years of experience in cybersecurity, information security or a related field.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Hands on experience with Imperva on-prem PROD and Imperva Azure PROD.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community. 

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals’ technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of premium insurance covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an Incident Response Lead to serve as the Subject Matter Expert (SME) on all cybersecurity matters, including high-level analysis, design, integration and implementation of information assurance strategies. The ideal candidate brings deep technical expertise, a strategic mindset and hands-on leadership experience in incident response, security architecture and threat mitigation. The Incident Response Lead role offers the opportunity to shape cybersecurity posture by driving best practices and recommending emerging technologies and countermeasures. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Lead the development and implementation of information assurance solutions across systems and environments.
• Provide expert analysis and recommendations on new and emerging cybersecurity technologies, tools and methodologies.
• Coordinate and lead incident response efforts, ensuring rapid detection, containment and recovery from cyber events.
• Serve as the senior cybersecurity advisor, contributing to architecture, documentation and security strategy development.
• Analyze evolving threat landscapes and deliver countermeasure recommendations to proactively mitigate risks.
• Support the integration of information assurance requirements into system designs, architectures and operational workflows.
• Develop and maintain security documentation, reports, policies and procedures to align with industry best practices and client needs.

What you need to know:

• Strong understanding of information assurance principles, including confidentiality, integrity and availability.
• Demonstrated expertise in incident response lifecycle, including detection, containment, forensics, eradication and recovery.
• Experience designing and implementing security controls and countermeasures.
• Familiarity with cybersecurity frameworks (e.g., NIST, ISO, FISMA) and compliance requirements.
• Excellent communication skills with the ability to advise technical and non-technical stakeholders.
• Proven ability to deliver strategic security recommendations and guide cross-functional teams.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 5+ years of relevant experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications.

Where it’s done:

• Onsite (Washington, DC).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Post-Quantum Cryptography (PQC) Security Engineer with deep subject matter expertise in cybersecurity and a demonstrated ability to operate effectively in a fully remote environment. The ideal candidate brings strong technical foundations, communicates with precision and reliability and drives work forward through independent research and sound judgment. The PQC Security Engineer will contribute meaningfully to large, complex deliverables across disciplines, collaborate well with distributed teams and senior stakeholders and maintain a consistent commitment to quality and accountability across all aspects of their work. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Serve as the technical SME on information systems and infrastructure security, designing and enforcing cryptographic-based security measures and policies.
• Lead engineering aspects of a Post-Quantum Cryptography (PQC) migration program, advising on emerging technologies and translating strategy into operational outcomes.
• Support modernization of cryptographic inventory from manual to fully automated processes using discovery and inventory tools.
• Design and execute test plans for cryptographic tools, products and services in controlled lab and pre-production environments, documenting results and configuration settings based on findings.
• Assess quantum vulnerabilities, conduct risk assessments and support migration to quantum-resistant encryption aligned to NIST FIPS 203, 204 and 205.
• Collaborate with ISOs and ISSOs to enforce security policies and maintain compliance with federal IT security requirements.
• Research evolving PQC standards, tools and methodologies and synthesize findings into actionable engineering guidance.
• Contribute to large deliverables across the full program, including areas adjacent to the primary expertise.
• Communicate proactively across a fully remote, distributed team; written and async communication is core to how this team operates.
• Support Agile ceremonies, sprint coordination, stakeholder engagement and meeting documentation.

What you need to know:

• Network security architecture and risk assessment across complex federal or enterprise environments.
• Cryptographic principles and standards, including public key infrastructure (PKI), transport layer security (TLS) and the implications of quantum computing on current encryption.
• PQC frameworks and NIST standardization efforts, including the drivers and timelines behind federal migration requirements.
• How to independently research an evolving technical domain and translate findings into recommendations others can act on.

Must have’s:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or 4+ additional years of relevant experience in lieu of degree.
• 5+ years of experience in information security engineering, including network security, cryptographic systems and risk management.
• (ISC)2 Certified Information Security Professional (CISSP) or Certified Information Security Manager (CISM).
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience implementing security controls and policies in enterprise IT environments
• Hands-on experience with security tools and automation.
• Familiarity with NIST cryptographic standards, PKI, TLS and Zero Trust Architecture (ZTA) frameworks.
• Applicants must be a U.S. citizen in compliance with federal contract requirements.

Beneficial to have:

• Prior experience working directly with or in support of federal agency IT programs, including familiarity with federal governance structures, compliance frameworks and inter-agency coordination.
• ZTA principles and how they intersect with cryptographic security controls.
• Hands-on experience with PQC concepts or NIST PQC algorithms (FIPS 203, 204, 205).
• Familiarity with automated cryptographic discovery and inventory tools, DevSecOps pipelines or FedRAMP environments.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community. 

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Threat Hunter to support and enhance our 24/7 Security Operations Center. This role combines advanced threat detection, incident investigation and threat hunting with hands-on development of SIEM use cases, automation and analytics to identify and respond to sophisticated threats, including lateral movement. The ideal Threat Hunter brings strong investigative expertise and a builder mindset to continuously improve detection capabilities and strengthen overall SOC effectiveness. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing: 

• Provide first-line SOC support, including alert monitoring, triage, routing, escalation and response across 24x7x365 operations.
• Monitor, analyze and investigate security events, network traffic and host-based detections, distinguishing malicious activity from false positives.
• Perform proactive and creative threat hunting and anomaly detection across SIEM and security tools, identifying patterns, lateral movement and emerging threats.
• Conduct incident investigation, Cyber Threat Assessment and Remediation Analysis, including processing and correlating incident indicators with threat intelligence.
• Tune and develop SIEM correlation rules and detection logic and rapidly build detection use cases in collaboration with incident response (IR) teams.
• Develop and maintain scripts and tools (Python, Bash) to automate SOC and IR functions, including Indicator of compromise (IoC) ingestion, log processing and SIEM integrations via APIs.
• Research, develop and maintain dashboards, visualizations and analytics to support detection, reporting and SOC performance monitoring.
• Produce, review and maintain documentation and reporting, including cybersecurity briefings, metrics, incident reports and deliverables for stakeholders at all levels, ensuring alignment with editorial standards and government specifications.
• Support threat intelligence operations, including reviewing and actioning IoCs and translating intelligence into actionable detections.
• Coordinate with internal teams and stakeholders to support engagements such as Insider Threat, Rule of Engagement (ROE), threat hunting, testing activities and after-action reporting.
• Support SOC operations processes, including ticket tracking, customer security assessments, ad hoc investigations, tabletop exercises and lessons learned activities.
• Contribute to continuous SOC improvement by enhancing detection capabilities, processes, communication and overall operational effectiveness; participate in on-call rotation.

What you need to know: 

• Deep understanding of cyber threat TTPs, threat hunting methodologies and application of the MITRE ATT&CK framework.
• Experience supporting 24x7x365 SOC operations, including alert monitoring, triage, analysis, response and review/action of threat intelligence and reported incidents.
• Ability to manage multiple alerts and tickets in parallel, perform end-to-end triage through resolution and appropriately prioritize response actions including coordination with end-users.
• Strong experience analyzing and correlating security events across multi-source ecosystem, including endpoint, network, email security tools, SIEM platforms and federal threat intelligence (e.g., CISA).
• Demonstrated proficiency with enterprise security tools and platforms, including but not limited to FireEye, Elastic, Sourcefire, Malwarebytes, Carbon Black/Bit9, Splunk, Prisma Cloud, Cisco IronPort, Bluecoat, Palo Alto, Cylance and OSSEC.
• Hands-on experience with enterprise SIEM or security analytics platforms (e.g., Elastic Stack, Splunk), including log analysis, event correlation and detection support.
• Experience with malware analysis and understanding of attack vectors involving malware, data exposure, phishing and social engineering techniques.
• Experience developing and maintaining SOPs, performing event timeline analysis and investigating logs across Windows/Linux environments and network security devices.

Must have’s: 

• 5+ years of technical experience.
• Ability to support working hours: 8:45 AM – 5:15 PM Eastern Time
• Ability to participate in a rotating SOC on-call; rotation is based on number of team members.
• Demonstrated proficiencies with one or more toolsets such as Bit9/CarbonBlack, CrowdStrike, FireEye ETP, Elastic Kibana.
• Solid understanding and experience analyzing security events generated from security tools and devices such as: Carbon Black, CrowdStrike, FireEye, Palo Alto, Cylance and OSSEC.

Beneficial to have:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• One or more of the following certifications: GIAC (GCIH, GCFE, GCFA, GREM, GNFA, GCTI, GPEN, GWAPT), CEPT, CASS, CWAPT or CREA.

Where it’s done: 

• Remote (Herndon, VA)

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Senior System Security Engineer to safeguard critical systems and infrastructure through the design, implementation and management of security strategies. This role leverages deep technical expertise to build and secure systems that protect against evolving threats. The Sr. System Security Engineer position works independently and with security teams to maintain system integrity, support compliance and ensure operational continuity. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Develop security solutions and ensure hardening of network, Linux-based and Windows systems.
• Diagnose complex security issues and deliver timely, effective solutions.
• Secure cloud environments such as AWS, Microsoft Azure and GCP, as well as containerized platforms such as Docker and Kubernetes, ensuring systems meet DISA-STIG standards.
• Serve as the sole System Security Engineer in a hands-on capacity, proactively maintaining system and security integrity and driving efforts forward independently.
• Work directly with other security team members to ensure uptime and compliance of security tools and processes.
• Report security findings, communicate risk and collaborate with teams and leadership.

What you need to know:

• Experience with Linux and Microsoft Windows environments, including system administration, security configuration and troubleshooting.
• Experience with infrastructure hardening across on-premises and cloud-based environments.
• Experience securing cloud platforms and containerized environments.
• Understanding of networking, protocols and cryptography.
• Familiarity with security frameworks, compliance standards and security tools.
• Exceptional analytical and problem-solving skills to diagnose complex security issues and deliver robust, timely solutions.

Must have’s:

• 10+ years of relevant work experience. Associate’s degree substitutes for 2 years; Bachelor’s degree substitutes for 3 years; Postgraduate degree substitutes for 6 years.
• Extensive hands-on experience with Linux operating systems such as RHEL, CentOS and Ubuntu, including system internals, administration, template hardening and troubleshooting.
• Extensive hands-on experience with Microsoft Windows security, including Active Directory security, system hardening and configuration, Windows security stack and logging and monitoring using Windows Event Logs, Sysmon and integration with SIEM systems for threat detection.
• Hands on experience with infrastructure hardening and configuration of on-premises and cloud-based servers, network devices and hypervisors, including secure network engineering using firewalls, VLAN segmentation and access control lists (ACLs).
• Advanced proficiency in scripting languages such as Python and Bash to automate tasks and build security tools.
• Experience securing cloud environments such as AWS, Azure and GCP and containerization technologies such as Docker and Kubernetes.
• Strong understanding of network security, including protocols such as TCP/IP, firewalls, encryption and authentication systems.
• Proficiency with security frameworks and compliance standards such as PCI-DSS, SOC 2, NIST, ISO.
• Proficiency with for vulnerability scanning tools (Tenable Nessus), network tools (Cisco FMC, Extrahop and others), SIEM (Splunk), EDR (Trellix) and other various toolsets.
• Must have excellent verbal and written communication skills to effectively report security findings, communicate risk and collaborate with diverse teams and leadership.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications.

Where it’s done:

• Remote (Herndon, VA).

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking a Compliance Manager to lead and support corporate compliance, policy management and operational process initiatives across the organization. This role is responsible for maintaining compliance with corporate certifications, managing regulatory and policy-related activities and supporting internal process improvement efforts. The Compliance Manager position partners with internal stakeholders and external audit bodies to ensure organizational alignment, compliance readiness and continuous process maturity. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Interact with all stakeholders within the company to develop, maintain and update internal policies and procedures on behalf of the company.
• Interact with external audit bodies to ensure ongoing compliance with corporate certifications to include ISO 9001:2015, ISO 27001:2022, CMMI Services Maturity Level 3; also research and support activities to achieve additional corporate certifications such as CMMC.
• Provide support for Individual Development Programs to assist in employee certification goals; also manage internal training such as Lunch & Learn programs.
• Prepare and submit regulatory paperwork to ensure compliance with state legal requirements; also manage state mandated policies such as leave programs.
• Manage the company’s job descriptions, updating and converting position descriptions into a value-driven format, ensuring alignment with organizational goals and applicable frameworks (e.g., NICE framework for KSAs).
• Review corporate documents (such as proposals) to ensure documents/proposals are free of errors, structured for maximized impact/ease of evaluation and adhere to requirements.

What you need to know:

• Strong leadership to drive people and process.
• Strong organizational and time-management skills.
• Ability to think creatively to find solutions that work across multiple stakeholders.
• Experience with creating and maintaining policies and procedures.
• Proficiency in MS Office 365, MS SharePoint, Adobe Acrobat and Adobe Creative Suite.

Must have’s:

• Bachelor’s degree in Business Administration or a related field.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must currently be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• 1 to 2 years of experience in a growing business, creating policies and procedures.

Where it’s done:

• Hybrid (Herndon, VA. Must be able to attend in person meetings as needed).