Information Security Consultant to leverage their understanding of IC/DOD Risk Management Frameworks (RMF), continuous monitoring, risk scoring, and risk management experience to lead our team of Assessors in conducting rigorous technical testing of security controls across various domains such as access control, cryptography, network security, and incident response for our Intelligence Community customer. Active Top Secret SCI with PolygraphWhat You Will Do:
Guidehouse has an opportunity for a cleared Sr.
p>","customFieldsAll":[{"abbrFname":"Trav","fvalue":"Domestic","custid":2105,"fname":"Travel Requirement"},{"abbrFname":"Comp","fvalue":"","custid":2116,"fname":"Compensation"},{"abbrFname":"CAP","fvalue":"Space","custid":2182,"fname":"Capabilities"}],"bugroupname":"","reqexp":"","travel":25,"jid":369019,"jobduration":"","zipcode":20171,"job_title":"Senior Security Consultant","customFields":[{"abbrFname":"Trav","fvalue":"Domestic","custid":2105,"fname":"Travel Requirement"},{"abbrFname":"Comp","fvalue":"","custid":2116,"fname":"Compensation"},{"abbrFname":"CAP","fvalue":"Space","custid":2182,"fname":"Capabilities"}],"BusinessUnitName":"KSTC","jobcurrency":"USD","jobtype":"Full-Time/Regular","city":"Herndon","joblevel":4,"companyname":"Kratos Defense","salarytype":0,"jobdescription":". Security Consultant of Commercial Cybersecurity Services for Kratos, you will be leading and supporting teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures, by providing security consulting services and performing security assessments.
Washington D.C., DC30+ days ago
Desired experience includes hands‑on delivery and/or solution design in Microsoft Azure and one or more of the following Microsoft security areas: Identity & Access Security: Microsoft Entra ID (Azure AD), Conditional Access, Privileged Identity Management (PIM), Identity Governance, hybrid identity (Entra Connect), certificate‑based authentication (CBA), and integration with enterprise PKI or federal ICAM patterns. The ideal candidate will possess solid hands‑on technical and consultative expertise with Microsoft Security solutions and demonstrated experience contributing to the design, implementation, and operationalization of cybersecurity solutions within classified or mission‑sensitive federal environments - particularly those aligned to Zero Trust principles.
p>Founded in 1986, OnTrac has evolved into the leading provider of same-day and next-day delivery services in the U.S. for premier e-commerce and product-supply businesses, including five of the largest retailers in the U.S. Location: Remote - This position may be performed remotely in states where the company is authorized to employ individuals.
- SOC + GRC enablement: Design and implement technical solutions that assist the SOC in alert orchestration (SOAR) and provide the GRC team with automated risk monitoring and evidence collection capabilities.
p>· <\/span><\/span><\/span><\/span>Define and communicate security architecture strategies compatible with multi-tenant and hybrid cloud environments.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Evaluate vendor security postures and integration security impacts for connected applications.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Support internal and external audits, coordinating responses and remediation activities across functional teams.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Advise project managers and technical leads on secure configuration baselines and policy compliance.<\/span><\/span> <\/p> <\/div><\/span> Requirements<\/h3>Minimum Qualifications/Experience:<\/span> <\/h3> <\/span><\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Minimum 5 years of experience in federal cybersecurity, including at least 3 years in FedRAMP, FISMA, or related authorization frameworks.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Deep familiarity with NIST SP 800-53, 800-171, and 800-37 RMF.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Solid understanding of security architecture for cloud SaaS solutions (preferably SAP Concur, Mulesoft, or similar platforms).<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Experience with vulnerability management, incident response, and security operations.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Strong written and verbal communication skills for interfacing with Federal stakeholders.<\/span><\/span> <\/p> <\/span><\/span> <\/p>Preferred Qualifications:<\/span><\/b><\/span> <\/p>· <\/span><\/span><\/span><\/span>CISSP, CISM, or FedRAMP 3PAO experience.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Experience supporting GSA, DHS, or other civilian agencies in large-scale digital modernization projects.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Prior involvement in cloud migration or ERP cloud security initiatives.<\/span><\/span> <\/p> <\/span><\/span> <\/p>What You'll Deliver:<\/span><\/b><\/span> <\/p>· <\/span><\/span><\/span><\/span>Secure, compliant SAP Concur implementation aligned with GSA's Go.gov transformation milestones.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Comprehensive ATO documentation and control validation evidence.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>A sustainable framework for ongoing monitoring and risk management across participating agencies.<\/span><\/span> <\/p> <\/span><\/span> <\/p>Minimum Education:<\/span> <\/h3> <\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Bachelor's Degree in Information Security, Computer Science, or related field. <\/p>· <\/span><\/span><\/span><\/span>Develop, review, and maintain system security documentation including SSPs, POA&Ms, and related artifacts per NIST SP 800-53 and 800-37 guidelines.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Interface with GSA IT Security, agency ISSOs, and SAP Cloud Compliance teams to align controls, evidence, and risk assessments.<\/span><\/span> <\/p>· <\/span><\/span><\/span><\/span>Conduct continuous monitoring and controls assessment to sustain authorization.<\/span><\/span>
Security Consultant of Commercial Cybersecurity Services for Kratos, you will be leading and supporting teams of professionals working to evaluate and secure innovative cloud computing solutions on the most advanced cloud and on-premises infrastructures, by providing security consulting services and performing security assessments. Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises.
McLean, Virginia16 days ago
p style="text-align:inherit"/>Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate’s offer letter.
You have experience in securing large-scale e-commerce platforms, with deep understanding of payments systems, customer data protection across high transaction environments ensuring protection of user data across internal and partner ecosystems.
By applying to this position you will have an opportunity to share your preferred working location from the following: Remote locations: Virginia, USA; Alabama, USA; Arkansas, USA; Connecticut, USA; Delaware, USA; Florida, USA; Georgia, USA; Iowa, USA; Illinois, USA; Indiana, USA; Kansas, USA; Kentucky, USA; Louisiana, USA; Massachusetts, USA; Maryland, USA; Maine, USA; Michigan, USA; Minnesota, USA; Missouri, USA; Mississippi, USA; North Carolina, USA; North Dakota, USA; Nebraska, USA; New Hampshire, USA; New Jersey, USA; New York, USA; Ohio, USA; Oklahoma, USA; Pennsylvania, USA; Rhode Island, USA; South Carolina, USA; South Dakota, USA; Tennessee, USA; Wisconsin, USA; West Virginia, USA. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry"s best security validation ensures that Mandiant knows more about today"s advanced threats than anyone.
In this role, you will support Oracle Cloud security engagements focused on application security, governance, risk, and compliance across Enterprise Resource Planning (ERP), Human Capital Management (HCM), and Supply Chain Management (SCM) environments. Required:
- Bachelor of Arts or Bachelor of Science degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, Management Information Systems, Finance, Accounting and Technology, or Business.
Security Consultant Identity & SecOps - Mid-Atlantic region Remote in NC, VA, MD, DC, DE, PA, or NJ Guidepoint Security LLC
Security Consultant Identity & SecOps - Mid-Atlantic region Remote in NC, VA, MD, DC, DE, PA, or NJBy taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nations top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk. Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family).
There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $123,500 - $206,400 per year. These requirements include, but are not limited to the following specialized security screenings:
Your work will involve having a deep technical knowledge of cloud security and you will work with one or more Cloud Service Providers (CSP) to implement security protocols, monitor for potential security breaches, conduct risk assessments and vulnerability testing of cloud-based systems, and stay up to date with the latest security threats and trends in cloud technology. Demonstrates extensive abilities and/or a proven record of success as a team leader in the following areas:
Define and drive enterprise cloud security strategies by aligning security architecture, governance, and risk management to business objectives and regulatory requirements, enabling secure and scalable adoption of multi-cloud platforms.
Washington, DC30+ days ago
p>Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services. As a Microsoft Security Engineer, you'll work with cutting-edge Microsoft tools, support high-impact compliance frameworks like FedRAMP and CMMC, and help shape the security posture of both public and private sector organizations.
Information Security Consultant to leverage their understanding of IC/DOD Risk Management Frameworks (RMF), continuous monitoring, risk scoring, and risk management experience to lead our team of Assessors in conducting rigorous technical testing of security controls across various domains such as access control, cryptography, network security, and incident response for our Intelligence Community customer. Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations through the development of POA&Ms.
p>As a Principal Security Consultant, you will function as a Security Advisory Services lead Security Consultant for ePlus service solutions, reporting to the Managing Security Consultant, to drive Advisory Services delivery/revenue growth and capture security program services within the customer account portfolio. • Conduct security and data governance program assessments and measure the effectiveness of client environments as it relates to: • Existing technical and administrative controls • Data classification and handling practices • Data lifecycle management • Privacy and regulatory compliance requirements • Alignment to industry security and governance frameworks.
Dc, District of Columbia23 days ago
Active Top Secret SCI (TS/SCI)As a Senior Consultant in Guidehouse’s cyber practice, you will lead the design, implementation, and continuous improvement of SIEM capabilities for a federal law enforcement agency’s classified environment. You’ll combine hands on SIEM engineering with client facing consulting: translating mission risk into actionable detections, mentoring junior engineers/analysts, and advising stakeholders on monitoring strategy, metrics, and governance.
Tysons Corner, Virginia17 days ago
This may include: building financial metrics and supporting dashboards utilizing data visualization software (i.e., Tableau, Power BI, etc.); building low-code applications and user interfaces (using PowerApps, Power Platforms, Appian, ServiceNow, etc); building AI models to process and analyze high volumes of structured and unstructured financial data (using Databricks, Snowflake, Palantir, Python, etc). Our 2026 Campus Defense & Security Financial Management (FM) Transformation consultants help our clients within Defense & National Security optimize all elements of their financial management structure by transforming business processes, enhancing the efficiency of operations, improving transparency and performance management, promoting change management, and complying with Federal laws and regulations.
Tysons Corner, Virginia17 days ago
p>Our 2026 Campus Defense & Security Financial Management (FM) IT Risk and Controls consultants help our clients within Defense & National Security optimize all elements of their financial management structure by transforming business processes, enhancing the efficiency of operations, improving transparency and performance management, promoting change management, and complying with Federal laws and regulations. Some of these activities include but are not limited to: Assisting in business development activities, such as identifying potential client needs and ways Guidehouse can assist, developing proposals and white papers, participating in client and internal account meetings, and more.
Tysons Corner, Virginia17 days ago
The client is responsible for coordinating and monitoring internal controls for the organization, including performing assessments in accordance with OMB Circular A-123, the FISCAM, and assisting other program offices with remediation and other related internal controls tasks. Project team members are provided the opportunity to interact with our clients’ senior management, as well as the opportunity to enhance their skills in the area of technical competency, business development, client service, leadership, project management, and people development.
Tysons Corner, Virginia17 days ago
ul>Demonstrates proven knowledge and success in advising federal clients in financial reporting and meeting the requirements of related federal guidance, including: OMB Circular A-136, the GAO Green Book, the Chief Financial Officers Act of 1990, Federal Managers’ Financial Integrity Act of 1982 (FMFIA), Treasury Financial Manual (TFM), and GAO/PCIE Financial Audit Manual. Some of these activities include but are not limited to:
Assisting in business development activities, such as identifying potential client needs and ways Guidehouse can assist, developing proposals and white papers, participating in client and internal account meetings, etc.
GHD will reimburse 50% of the cost of the following to maximum of $250.00 reimbursement annually for such items as: Health club membership fees, Home exercise equipment purchases, Bicycles, Race, run & marathon entrance fees, Smoking cessation programs, Weight loss programs (i.e.-Weight Watchers, Jenny Craig), Fitbits and Fitness Tracking devices. Our Property & Buildings business is looking for a Senior Security Consultant to lead and design cutting-edge Electronic Security Systems (ESS) including Access Control (ACS), Video Surveillance (VASS/CCTV), Intrusion Detection (IDS), vehicle barrier controls, and 2-way intercoms.
By applying for this job, you agree to receive AI-generated calls, text messages, and/or emails from Mitchell Martin Inc and its affiliates and contracted partners at various frequency through traditional and automated methods. You can access our privacy policy here https://www.mitchellmartin.com/privacy-policy. .
By applying for this job, you agree to receive AI-generated calls, text messages, and/or emails from Mitchell Martin Inc and its affiliates and contracted partners at various frequency through traditional and automated methods. You can access our privacy policy here https://www.mitchellmartin.com/privacy-policy. .
Arlington, VA30+ days ago
The ideal candidate is a highly skilled technical security professional with the ability to coach and guide executive security and cloud leaders in their journey, addressing topics such as security strategy and optimizing cloud security operations while being able to dive deep into AWS security technology. As a Senior Security Consultant, you'll work closely with customers to design, implement, and automate solutions in AWS to protect customer assets, enable customer security teams to operate more effectively, and ensure customers don't accept unnecessary risk.
As a Cloud Security Consultant - Azure Infrastructure & AI on the Cloud Cyber Risk team, you will be responsible for: Supporting delivery of Azure cloud cyber risk engagements across governance, identity, application security, platform as a service security, infrastructure security, AI security, security monitoring, resilience, and data protection. Cybersecurity certification such as Certified Cloud Security Professional (CCSP), Certificate of Cloud Security Knowledge (CCSK), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional (CCNP), or Cisco Certified Network Associate (CCNA).
Annapolis Junction, MD30+ days ago
Desired experience includes hands‑on delivery or architectural leadership in one or more of the following Microsoft security solution domains: Identity & Access Security: Microsoft Entra ID (Azure AD), Conditional Access, Privileged Identity Management (PIM), Identity Governance, External Identities, cross‑tenant access, hybrid identity (Entra Connect), certificate‑based authentication (CBA), and integration with enterprise PKI and DoD ICAM patterns. Endpoint & Device Security: Microsoft Intune, Defender for Endpoint (MDE), endpoint detection and response (EDR), attack surface reduction (ASR), mobile device/application management (MDM/MAM), and secure device posture enforcement aligned to Zero Trust device trust principles.
strong>Work Requirements: US Citizen, GC Holders or Authorized to Work in the U.S. Oracle HCM Functional/Technical Consultant – Risk, Security & Audit Automation. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities.
Chantilly, Virginia25 days ago
li>Experience implementing or auditing configuration management principles, including configuration baseline concepts, baseline deviations, baseline maintenance, change control, and monitoring, and industry-accepted configuration settings such as DISA STIGs. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or .
Vienna, Virginia4 days ago
p style="margin:0px">Click here to see BRMi’s Glassdoor reviews. BRMi is seeking a highly experienced Oracle HCM Functional/Technical Consultant specializing in Risk Management, Security, and Segregation of Duties (SoD) to join our HR Technology team.
Tysons Corner, Virginia17 days ago
Project team members are provided the opportunity to interact with our clients’ senior management, as well as the opportunity to enhance their skills in the area of technical competency, business development, client service, leadership, project management, and people development. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or .
Tysons Corner, Virginia17 days ago
p>Demonstrates proven thorough abilities in the following areas: Internal control assessments;
Entity level controls, risk management, and fraud risk assessments;
Supporting management control programs;
Understanding deficiencies communicated by the auditor, tracking audit PBC requests, responding to audit requests, developing corrective action plans, and executing remediation with a focus on internal controls over financial reporting and management financial statement assertions; and,
Implementing the revised OMB Circular A-123, Appendix A.
Demonstrates the ability to understand client needs, participate within a team environment, and communicate throughout internal and external network in a manner that allows for successful execution of tasks.
Evaluating internal controls over financial reporting (ICOFR) and internal controls over operations in line with OMB Circular A-123 for a range of financial and business process areas, to including performing end-to-end walkthroughs of business processes, documenting business processes and controls, testing the design and operating effectiveness of internal controls, and reporting on deficiencies.
ul>Provide advice to executing agencies on best practices for designing and implementing different types of penitentiary and security infrastructure projects, including police stations, courthouses, forensic laboratories, detention centers, and prisons. As an expert in penitentiary and security infrastructure design, you will support the GIS team in reviewing terms of reference and infrastructure designs in this sector, and in advising GIS teams and executing agencies (EAs) on best practices for their implementation.
In this role, you will focus on generating impactful security metrics within identity platforms such as Okta or Ping, supporting enterprise identity management, and extracting valuable data from Databricks to inform security strategies. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact.