Purpose-Driven Careers

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a SOC Analyst (Tier 3) who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The SOC Analyst (Tier 3) will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.

What you’ll be doing: 

• Provide first line SOC support with timely triage, routing and analysis of SOC tasks
• Researches, develops, and monitors custom visualizations
• Researches, analyzes, and writes documents such as cybersecurity briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives
• Tunes and develops SIEM correlation logic for threat detection
• Ensures documentation is accurate and complete, meets editorial and government specifications, and adheres to standards for quality, graphics, coverage, format, and style.
• Develop scripts using Python to automate IR functions, including (but not limited to) IOC ingestion and SIEM integration via REST APIs to minimize repetition of duties and automate tasks.
• Produce and review aggregated performance metrics
• Perform Cyber Threat Assessment and Remediation Analysis
• Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data
• Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threats, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring and protecting the enterprise
• Investigate network and host detection and monitoring systems to advise engagement processes
• Develop and Execute bash and python scripts to process discrete log files and extract specific incident indicators; develop tools to aid in Tier 1 and Tier 2 functions
• Participate in on-call rotation for after-hours security and/or engineering issues
• Participate in the increase of effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions
• Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods
• Work directly with Security and SOC leadership on cyber threat intelligence reports to convert intelligence into useful detection
• Participate in on-call rotation for after-hours security and/or engineering issues
• Collaborate with incident response team to rapidly build detection rules as needed
• Responsible for supporting 24x7x365 SOC operations including but not limited to: Alert and notification activities- analysis/triage / response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported Incidents
• Perform analysis across all security tools, uncovering attack vectors involving a variety of malware, data exposure, and phishing and social engineering methods
• Monitoring/triage security events received through alerts from SIEM or other security tools; escalate and support to IR as appropriate
• IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarmsReview and reporting on anomalous patterns (Hunting) across all security tools / SIEM
• Develop in in-depth understanding of customer and SOC operations requirements and policies
• Ensure reports are properly entered into the tracking system
• Perform customer security assessments
• Supporting incident response or remediation as needed
• Participate and develop and run tabletop exercises
• Perform lessons learned activities
• Supporting ad-hoc data and investigation requests
• Composing reports, updates, security alert notifications or other artifacts and documents as needed

What you need to know: 

• Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the Mitre Attack Framework
• Experience supporting 24x7x365 SOC operations including but not limited to Alert and notification activities- analysis/triage/response, Review and action on Threat Intel for IOCs and other operationally impactful information, initial review and triage of reported alerts and Incidents
• Support alert and notification triage, review/analysis through resolution / close
• Manage multiple tickets/alerts in parallel, including end-user coordination
• Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response
• Solid understanding and experience analyzing security events generated from security tools and devices not limited to FireEye, Elastic, SourceFire, Malware Bytes, CarbonBlack/Bit9, Splunk, Prisma Cloud/Compute, Cisco IronPort, BlueCoat
• Experience and solid understanding of Malware analysis
• Demonstrated proficiencies with one or more toolsets such as Bit9/CarbonBlack, Endgame, FireEye HX / CM / ETP, Elastic Kibana
• Experience and ability to use, contribute, develop and follow Standard Operating Procedures (SOPs)
• In-depth experience with processing and triage of Security Alerts from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources
• Experience with scripting languages applied to SOC operations; for example, automating investigations with tools, automating IOC reviews, support SOAR development
• Experience with bash, python, and Windows Powershell scripting
• Demonstrated experience with triage and resolution of SOC tasks, including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools – alert analysis
• Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources
• Demonstrated experience with the underlying logs generated by operating systems (Linux/Windows), Network Security Devices, and other enterprise tools
• Demonstrated proficiencies with an enterprise SIEM or security analytics solution, including the Elastic Stack or Splunk.
• Solid understanding and experience analyzing security events generated from security tools and devices not limited to: Carbon Black, FireEye, Palo Alto, Cylance, and OSSEC
• Experience and solid understanding of Malware analysis
• Understanding of security incident response processes

Must have’s: 

• Ability to support working hours: 8:45 AM – 5:15 PM Eastern Time
• Ability to participate in a rotating SOC on-call; rotation is based on number of team members
• Minimum of Twelve (12) years technical experience
  • 7+ years of SOC
  • 3+ years of rule development and tuning experience
  • 1+ years Incident response
• Ability to obtain federal agency required clearance

Beneficial to have the following:

• • GIAC-GCIH – Global Certified Incident Handler
  • GIAC-GCFE – Global Information Assurance Certification Forensic Examiner
  • GIAC-GCFA – Global Information Assurance Certification Forensic Analyst
  • GIAC-GREM –  GIAC Reverse Engineering Malware
  • GIAC-GNFA – GIAC Network Forensic Analyst
  • GIAC-GCTI – GIAC Cyber Threat Intelligence
  • GIAC-GPEN – GIAC Certified Penetration Tester
  • GIAC-GWAPT – GIAC Certified Web Application Penetration Tester
  • CEPT – Certified Expert Penetration Tester (CEPT)
  • CASS – Certified Application Security Specialist (CASS)
  • CWAPT – Certified Penetration Tester (CWAPT)
  • CREA – Certified Reverse Engineering Analyst (CREA)

Where it’s done: 

• Herndon, VA or Remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking an Elasticsearch (Elastic/ELK/ECE) Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Elasticsearch (Elastic/ELK/ECE) Engineer will have the opportunity to be exposed to all aspects of Systems Engineering and will be encouraged to grow as the organization expands.

What you’ll be doing:

• Responsible for working with the Integration, and Architecture teams to design, document, build, secure, and maintain Elasticsearch, Logstash, Kibana (and X-Pack) Enterprise solutions deployed in the Cloud or on-premises environment
• Work closely with architects, engineers, and integrators to assess customer requirements and to design and support an Elasticsearch Stack solution to ensure compliance with data requirements
• Follow life cycle processes to move solutions from Dev to Test to Production.
• Participate in group sessions as well as attend and share in agile sprint daily meetings to track progress to ensure development of solutions is in support of the project and customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
• Configure and maintain Linux based Operating system files in support of the Elasticsearch products (yum updates and product version upgrades)
• Install and configure an Elastic Cloud Enterprise solution and ensuring communication and integration among the Elasticsearch products and data sources.
• Document the installation and configuration for deployment
• Secure the solution by being familiar with TLS, certificates, SSO/PIV authentication, and encryption technologies
• Work with the data lifecycle management team
• Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime
• Work with a team and provide analysis of alternatives and progress status in daily sprint meetings
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner
• Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface
• Recommend enhancements and modifications to optimize business intelligence processes

What you need to know:

• Software Development using Java with an IDE (e.g. Eclipse, CodeReady)
• Parsing File formats (e.g., JSON, XML, and CSV)
• SQL SERVER database design, programming, tuning, writing SQL queries/procedures
• Developing/automating test procedures
• Web services client development using REST API
• Release Management and build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN)
• Secure coding practices including use of encryption (e.g., Certificates, TLS Connections)

Must have’s:  

• BS in Computer Science or related field Experience required
• 2+ years of experience
• Must be a US citizen (non-dual citizenship)
• Able to obtain and maintain agency required clearance

Beneficial to have the following:  

• Experience with SAML authentication, familiarity with domain structures, user authentication, and PKI
• Experience with Messaging Queues (e.g., RabbitMQ)
• Experience with Microsoft SQL
• Experience with programming and working with regular expressions (XML, Java, JSON, Python, PowerShell, painless, grok)
• Relevant security certifications a plus: CISSP, CISM, CISA, Security+, CEH
• Understanding of interrelationships between critical infrastructure protection and cybersecurity
• Knowledge and experience with Assessment & Authorization (A&A) processes in Federal environments, preferably with experience utilizing the NIST Risk Management Framework (RMF)

Where it’s done:

• Reston, VA (REMOTE)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Top Secret Cleared Information System Security Officer (ISSO) with experience providing support in a dynamic, fast-paced public sector environment. This is a unique opportunity to influence the growth, development, and culture of a rapidly expanding company in the cybersecurity market. The Top Secret Cleared ISSO will be exposed to all aspects of federal client support and will be encouraged to grow as the organization expands. 

What you’ll be doing:

• Build ATO packages for the Security Assessment and Authorization (SA&A) process.
• Maintain ATO packages for the Security Assessment and Authorization (SA&A) process.
• Assess the impacts on system modifications and technological advances.
• Review systems and logs to identify potential security weaknesses.
• Verify security methods, and recommend improvements to amend vulnerabilities.
• Implement and document findings and changes.
• Assist in managing, maintaining, closing vulnerabilities.
• Assist in managing and maintaining a Plan of Action and Milestones (POA&M).
• Assist with Federal Information Security Management Act (FISMA) and other applicable IT audits and inspections.
• Assist with assessing and responding to security-related requests within various ticketing systems.
• Assist with maintaining operational security posture for information systems.

What you need to know:

• 8+ years of experience maintaining appropriate operational security posture for an information system or program as an ISSO or ISSM.
• NIST RMF ATO Documentation such as System Categorization, System Security Plan (SSP), Security Control, Baselines, Tailoring and Overlays; Continuous Monitoring Strategy, or other documentation.
• Security Assessment Plan (SAP), Security Assessment Report (SAR), Security Requirements Compliance Matrix (SRCM), and the Plan of Actions and Milestones (POA&Ms).
• Reports such as Daily: Daily Morning Checks (Network Security), Weekly:  ACAS Report, Monthly:  STIG Compliance Report, SCA Testing Report, Detailed ACAS Report, NSP Report, Quarterly:  POAM and Risk Acceptance Report, System Security Plan (SSP), NIST Report, Annually:  Security Assessment and Authorization (SA&A) Report, SAAR Report, Ad-Hoc:  Contingency Response or exercise After Action Reports, Incident Reports, Test Results Report, and other reports as requested.

Must have’s:  

• Minimum of 8 years of relevant experience.
• Bachelors degree or 4 years of additional experience in lieu of degree.
• Active Top Secret Agency required security clearance.

Beneficial to have the following:  

• Cybersecurity industry recognized certifications preferred.

Where it’s done:

• Washington, D.C

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Cybersecurity Tools Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Cybersecurity Tools Engineer will have an opportunity to shape the growth of the company by to provide unparalleled support to our customer through the Continuous Diagnostic & Mitigation (CDM) Program. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture. 

What you’ll be doing:

• Highly skilled tools engineer to perform in a fast-paced customer needs driven environment. Ability to change directions based on cyber threat and mitigation strategies.
• Ability to communicate as a solid team player in support of the tools team and to ensure customer success
• Manage tools in accordance with the TAD (Technical Architecture Document) documentation. Ability to create a TAD where one does not exist to document current state design and implementation.
• Work closely with the Splunk team for log ingestion into a wider log aggregation capability for security monitoring, alerting and after the fact investigations.
• Work closely with architects, engineers, and integrators to assess customer requirements and to design and support differing tool set solutions to ensure alignment with customer needs.
• Support the users of the tool and data to maintain a healthy working environment.
• Ability to deliver ad-hoc briefs of status of responsible tool sets to a wider audience to help them understand capability, next actions, and communicate deliverable timeframes.
• Follow life cycle processes to move solutions from Dev to Test to Production.
• Participate in group sessions as well as attend and share in agile sprint daily meetings to track progress to ensure development of solutions is in support of the CDM project and customer requirements.
• Serve as a trusted advisor, providing subject matter expertise, guidance, and best practice recommendations.
• Document the installation and configuration for deployment into production.
• Secure the solution by being familiarity with TLS, certificates, SSO/PIV authentication, and encryption technologies
• Work with the data lifecycle management team.
• Test data flows, troubleshooting issues, and monitoring the health of the solution and servers to maximize performance and minimize downtime.
• Work with a team and provide analysis of alternatives and progress status in daily sprint meetings.
• Meet professional obligations through efficient work habits such as, meeting deadlines, honoring schedules, coordinating resources and meetings in an effective and timely manner.
• Develop and manage effective working relationships with other departments, groups, and personnel with whom work must be coordinated or interface.
• Recommend enhancements and modifications to optimize business intelligence processes.
• Ability to support 24x7x365 outage scenarios for quick resolution and remediation.

What you need to know:

General Skills

• Maintain and/or update system architecture to fit changes in environment. Automate task depending upon OS. Routinely research assigned tools for vulnerabilities and system patches.
• Follow strict change management guidelines in Service Now to implement changes in support of SLAs and SLOs.
• Support outside agencies with USAID mail integration.
• Consult with Direct Hires on applications to determine tool capabilities and how they fit in to the ecosystem.
• Complete Analysis of alternative reports and SOPs for review and implementation.
• Windows and Linux Server commands, networking knowledge, and PKI knowledge assist in troubleshooting testing scenarios, implementations, and system patches/updates.

Interpersonal Skills

• Ability to operate day to day tasks with little to no supervision.
• Communicate status of projects with the ability to explain in non-technical terms.
• Ability to anticipate questions and challenges based on customer feedback and environmental changes.
• Self-starter, Team Player.
• Ability to articulate to the end customer as a security professional, offering solutions and able to build timelines and projects based on desired outcomes.

Must have’s:  

• BS in Computer Science or related field experience required.
• 2+ years of experience.
• Experience with Vulnerability Management tools such as: Qualys, Tenable SC, Burp Suite, Trustwave.
• Must be a US citizen (non-dual citizenship) with an Active Secret Clearance.

Beneficial to have the following:  

• Cybersecurity industry recognized certifications preferred.

Where it’s done:

• Washington, D.C

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Vulnerability Assessment Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Vulnerability Assessment Engineer will perform comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment, to include vulnerability assessment and vulnerability management. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

What you’ll be doing:

• Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required.
• Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations.
• Provide support to Vulnerability Management programs.
• Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items.
• Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested.
• Assist with establishing footholds on endpoints within monitored organizations networks to provide day-to-day visibility into the security posture.
• Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard.
• Utilize industry standard tools for automating the review of system configuration and security control compliance.
• Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring.
• Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents.
• Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches.
• Conduct vulnerability scanning using industry standard tools (e.g., Tenable Nessus) on a weekly to bi-weekly basis.
• Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches.
• Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g., 30-60-90-day patch deadlines based on each finding’s severity level).
• Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation.
• Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations’ self-assessments.
• Conduct long term trend analysis, identifying improvements or degradations in system security posture across the enterprise.
• Provide dashboard views of data roll-ups from all facets of assessed systems (e.g., risk, vulnerability data, POA&M status) to present high-level executive summary reports to government leadership.

What you need to know:

• Ability to conduct Vulnerability Assessments using industry tools – NESSUS, Tenable, etc. Experience with Tenable (Tenable.io or Tenable.sc) in an enterprise environment highly preferred.
• Experience in vulnerability management strategies, standards, procedures and technologies across infrastructure and application-level vulnerabilities.
• Experience scanning Windows, RHEL and Centos Operating Systems and troubleshooting scans, to include the ability to communicate with customers daily describing the results of scans.
• Experience scanning Virtual environments to include VMware vSphere infrastructures.
• Network devices, Databases (Oracle, MSSQL, MySql, Postgres), and websites web with Tenable.sc.
• Intermediate to advanced knowledge of the following platforms in an enterprise environment: Windows and RHEL, routing, switching, IDS, IPS, Firewalls.
• An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, application flow charting, and session analysis.
•  

Must have’s:  

• Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering, or IT
• Shall possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANs GIAC certification (e.g., GPEN or GW APT), and EC-Council Certified Ethical Hacker (CEH)
• Ability to obtain and maintain a customer required Top Secret clearance with SCI eligibility and pass a Counterintelligence (CI) polygraph.

Beneficial to have the following:  

• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Comprehensive knowledge in the one or more of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security.
• Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 rev 5 and the ATO process.
• Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.

Where it’s done:

• Washington, D.C

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Lead Cybersecurity Engineer/Architect to join our cybersecurity team. The ideal candidate will have a strong background in cybersecurity engineering and architecture, with expertise in designing, implementing, and managing secure systems. The Lead Cybersecurity Engineer/Architect will play a critical role in ensuring the security and resilience of IT operations by developing and overseeing cybersecurity architectures and frameworks. This is an excellent opportunity to contribute to a dynamic organization by shaping our cybersecurity infrastructure and driving innovation.

What you’ll be doing:

• Design and implement secure systems and networks, ensuring alignment with industry best practices and federal security requirements.
• Develop and maintain cybersecurity architectures and frameworks to protect information systems and data.
• Conduct security assessments and audits to identify vulnerabilities and recommend mitigation strategies.
• Lead the development and implementation of security policies, standards, and procedures.
• Collaborate with stakeholders to integrate security requirements into the system development lifecycle (SDLC).
• Provide technical guidance and support to cross-functional teams on cybersecurity issues.
• Develop and optimize security monitoring and incident response processes.
• Ensure compliance with federal cybersecurity regulations and standards, including FISMA, NIST, and others.
• Lead efforts to implement zero trust architecture principles and modernize the cybersecurity infrastructure.
• Prepare detailed technical reports and presentations for executive leadership and stakeholders.

What you need to know:

• Strong knowledge and experience in cybersecurity engineering and architecture.
• Familiarity with federal government IT security requirements and compliance standards, including FISMA and NIST.
• Excellent analytical and problem-solving skills, with the ability to conduct security assessments and recommend mitigation strategies.
• Experience in developing and implementing security policies, standards, and procedures.
• Strong understanding of secure system design, including network architecture, encryption, and access control.
• Effective communication skills, both written and verbal, with the ability to present complex technical information to diverse audiences.
• Strong leadership and teamwork skills, with the ability to manage and lead cross-functional teams.

Must have’s:  

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field.
• 8 – 10 years of experience of relevant work.
• Ability to read and understand physical or logical networks.
• Ability to identify critical infrastructure systems.
• Ability to obtain and maintain agency-required Q clearance.

Beneficial to have the following:  

• Experience with secure DevSecOps practices and Agile methodologies.

• Knowledge of cloud security principles and experience with cloud platforms (AWS, Azure, Google Cloud).
• Experience with security automation tools and technologies.
• One or more of the following certifications: Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP)

Where it’s done:

• Remote (Herndon, VA)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a highly skilled and experienced Lead Cyber Risk Management Framework (RMF) to join our cybersecurity team. The ideal candidate will possess a strong background in program management, cybersecurity, and RMF processes, along with relevant certifications and experience. The Lead Cyber RMF will manage and support the RMF program to ensure the security and resilience of IT and cybersecurity operations. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our company’s culture.

What you’ll be doing:

• Oversee the RMF program management, ensuring alignment with the Enterprise Cybersecurity program goals.
• Develop, implement, and assist in planning, directing, executing, and overseeing RMF activities.
• Provide overall program management, including tracking, mitigating, and reporting on risks.
• Facilitate or lead program management meetings and coordinate communication between stakeholders.
• Manage cross-functional teams and ensure adherence to federal government IT security requirements.
• Oversee the development, maintenance, and optimization of RMF processes, templates, and procedures.
• Support the transition of Cybersecurity Assurance from current to future state.
• Develop a communication strategy to facilitate a general understanding of the RMF program.
• Ensure all RMF work products and deliverables meet the highest quality standards and align with the Enterprise Cybersecurity Program requirements.

What you need to know:

• Strong knowledge and experience in risk management and cybersecurity frameworks.
• Familiarity with federal government IT security requirements and compliance standards.
• Excellent program management skills, including experience with Scrum, Kanban, and PMBOK methodologies.
• Ability to manage and lead cross-functional teams and work collaboratively with representatives and stakeholders.
• Experience in developing and implementing cybersecurity policies and procedures.
• Strong analytical and problem-solving skills, with the ability to track, mitigate, and report on risks.

Must have’s:  

• 7 – 10 years of experience serving as a Program Manager on enterprise cybersecurity support government contracts.
• Shall possess one or more of the following certifications: PMI Agile Certified Practitioner (PMI-ACP), Certified ScrumMaster (CSM), Professional Scrum Master (PSM), Kanban Management Professional (KMP), and Project Management Professional (PMP).
• Ability to obtain and maintain agency-required Q clearance.

Beneficial to have the following:  

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field.

Where it’s done:

• Remote (Herndon, VA)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Cyber Architecture and Engineering Lead who has experience providing leadership and expertise in a dynamic, fast-paced environment within the public sector. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market. The Cyber Architecture and Engineering Lead will have the opportunity to be exposed to all aspects of support to a federal client and will be encouraged to grow as the organization expands.

What you’ll be doing:

• Lead and guide engineering teams across a portfolio of cybersecurity tools.
• Adopt and implement new and emerging technologies and processes while leveraging Agile/DevOps methodologies.
• Develop and implement cloud security principles, security engineering, and security tools.
• Provide technical direction and oversight in the design, implementation, and maintenance of security solutions.
• Oversee the implementation and maintenance of security tools and infrastructure.
• Ensure compliance with federal cybersecurity policies and frameworks.
• Coordinate with other teams and stakeholders to ensure seamless integration of security solutions.
• Conduct risk assessments and implementing mitigation strategies.
• Prepare and present technical reports and documentation.
• Provide technical leadership and mentorship to engineering team members.
• Develop and maintain security policies, technical reports, procedures, and documentation.
• Prepare and present detailed technical reports and documentation.
• Manage project timelines, resources, and budgets effectively.
• Stay current with the latest security threats, trends, and technologies.

What you need to know:

• Strong knowledge of cloud security principles and security vulnerabilities.
• Experience with security engineering and understanding cloud technologies.
• Ability to lead teams in adopting and implementing Agile/DevOps methodologies.
• Familiarity with federal cybersecurity standards and frameworks such as NIST, FISMA, and FedRAMP.
• Proficiency in security tools and technologies relevant to cloud and on-premises environments.
• In-depth knowledge of security vulnerabilities, weaknesses, and mitigation techniques.

Must have’s:  

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field, or additional 3-5 years of relevant experience.
• Minimum of 10 years of relevant experience.

Where it’s done:

• Remote (must be within 50 miles of Washington, D.C)

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Cyber Threat Operations (CTO) SOAR Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The successful candidate will possess advanced expertise in threat detection and response, security orchestration, automation, and response (SOAR), and will be instrumental in maintaining and enhancing the agency’s cybersecurity posture. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Performing as a member of a multi-disciplinary Cyber Fusion Center team, automating threat-detection scenarios and improving Cyber Incident Response workflows.
• Building Security Automation, Orchestration, Playbooks, Python, REST API, and SOAP API based automations, Incident Response lifecycle automation, Security Automation, threat intelligence, threat hunting, security analysis related requirements and queries.
• Identifying relevant data sources to determine threat-detection scenarios and use cases.
• Developing and updating content for cyber defense tools.
• Coordinating with Cyber Defense Analysts to manage rules and signatures for cyber defense applications.
• Engineering detections and alerting to counter adversary tactics, techniques, and procedures (TTPs).
• Designing and integrating hardware and software solutions, and developing use cases with tools like Java, Python, and C++.

What you need to know:

• Familiarity with cyber threats, vulnerabilities, and their operational impacts.
• Knowledge of computer networking concepts, protocols, and network security methodologies.
• Knowledge of MITRE ATT&CK post infection framework to map behaviors of threat groups and malware to drive detection-based alerting.
• Ability to execute technology integration processes.
• Expertise in security system design tools, systems engineering processes, and network security architecture.
• Solid experience and demonstrated expertise with Security Architecture Tool Integrations, REST APIs, and Security Orchestration and Automation platforms.

Must have’s:  

• Minimum of 5 years of relevant experience.
• Experience with Python and Java for automation and integration tasks.
• Hands-on experience with SOAR platforms.
• Knowledge of the systems engineering process.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Strong problem-solving and analytical skills.
• Ability to obtain and maintain agency required security clearance.

Beneficial to have the following:

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field (Associate degree substitutes for 2 years, and a Bachelor’s substitutes for 3 years of experience).
• Experience with MS Sentinel

Where it’s done:

• Washington, D.C. (Hybrid option until Cyber Center physical build-out is completed).

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a SOC Analyst (Night Shift) – Top Secret Clearance to support the monitoring, detecting, and responding to cybersecurity threats within a dynamic and high-security environment. This role includes real-time alert monitoring, incident analysis, forensic artifact and malware analysis, and incident response in a hybrid environment, including on-premises equipment and cloud services. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Monitor and triage real-time security alerts.
• Coordinate and manage incident reports.
• Perform incident analysis, including forensic artifact and malware analysis.
• Execute incident containment, eradication, and recovery.
• Provide incident response support and assist with Continuity of Operations (COOP).
• Maintain and update the Incident Response Plan (IR Plan).
• Identify and assign incident response roles and responsibilities.
• Develop and implement incident report templates and procedures.
• Conduct annual incident response testing and training.
• Generate SOC best practices reports and ensure cybersecurity controls.
• Develop and manage SOC transition plans to ensure seamless service continuity.

What you need to know:

• Real-time alert monitoring, incident report coordination, incident analysis, and forensic artifact and malware analysis.
• Incident containment, eradication, and recovery, including fly-away incident response.
• Familiarity with COOP planning and execution.
• Understanding of FISMA, NIST SP 800 series, and other federal cybersecurity mandates and policies.

Must have’s:  

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field, plus 8 years of relevant experience.
• Experience in cybersecurity incident management and SOC operations.
• Proficiency in forensic artifact and malware analysis.
• Strong understanding of cybersecurity frameworks and standards.
• Experience with cloud environments such as Microsoft Azure and AWS.
• Active Top-Secret agency required security clearance.

Where it’s done:

• Washington, D.C. 

Shift Schedule 4-3-3-4 shifts:

• 4 days on, 12-hour shifts, 3 days off
• 3 days on, 12-hour shifts, 4 days off
• Mandatory 6pm – 6am weekdays
• Flexible to work 12-hour shifts either days or nights over the weekend (could change at customers discretion)