Build Your Career in Cybersecurity -
YOUR WAY

Summary Information:

​

• Location: Washington, DC
• Position Type: Full-Time, W2
• Clearance Requirement: Public Trust (Must pass background and credit check)
• U.S. Citizenship Required

​

Overview:

​

We are seeking a highly skilled Cybersecurity Analyst to support federal government cybersecurity initiatives. The ideal candidate will have hands-on experience with CSAM (Cybersecurity Assessment and Management) or JCAM (Joint Cybersecurity Assessment Model), Zero-Trust (ZT) architecture, Authority to Operate (ATO) processes, and the Risk Management Framework (RMF). This role requires strong analytical and technical skills to ensure the security and compliance of federal information systems. The candidate must be a U.S. citizen, eligible to obtain public trust clearance, and willing to accept W2 employment.

​

Company Overview:

​

Yudrio, Inc. is a high-end Information Technology (IT) solutions provider. We provide deep expertise and capabilities of a large company while maintaining the intimacy of a small business. Yudrio has supported mission critical applications by providing innovative, customized, end-to-end services that demonstrate measurable benefits, increased efficiency, and reduced costs. Our results-oriented success curtails from our pioneering approach to solving complex problems. Yudrio offers services in the areas of strategy, application development, enterprise and technical infrastructure solutions. Our services span across various technology platforms, operating systems and infrastructures.

​

Yudrio has an impressive fifteen-year track record of delivering superior, dynamic technical systems to the federal government. We are currently working on projects for the Federal Deposit Insurance Company (FDIC), Environmental Protection Agency (EPA), United States Army Corps of Engineers (USACE), Department of Homeland Security (DHS), Internal Revenue Service (IRS), United States Air Force (USAF), and Federal Trade Commission (FTC).

• Conduct cybersecurity assessments and manage compliance of federal information systems using CSAM or JCAM.
• Assist in the implementation and maintenance of Zero-Trust (ZT) security frameworks to improve overall system security posture.
• Support the ATO (Authority to Operate) process by preparing and reviewing documentation for system authorization and ensuring all security controls are in place.
• Apply the Risk Management Framework (RMF) to assess and manage cybersecurity risks across federal IT systems, ensuring adherence to federal standards and policies.
• Work closely with stakeholders to ensure compliance with federal cybersecurity standards and provide support for risk assessments, security controls, and audits.
• Conduct vulnerability assessments and assist in implementing mitigation strategies to reduce risk exposure.
• Collaborate with cross-functional teams to identify and address cybersecurity threats, vulnerabilities, and compliance issues.
• Provide expertise and support for continuous monitoring of security controls, incident response, and reporting.
• Assist with the development and maintenance of security documentation, including system security plans, security assessment reports, and other RMF-related artifacts.
• Participate in cybersecurity training and awareness programs for federal staff.

Required Qualifications:

​

• Education: Bachelor’s degree
• Experience: Proven experience with CSAM or JCAM tools for cybersecurity assessments and management.
• Knowledge: Deep understanding of Zero-Trust (ZT) architecture and its application in a federal government context.
• Security Compliance: Strong knowledge of RMF (Risk Management Framework) processes, ATO (Authority to Operate) procedures, and federal cybersecurity regulations.
• Security Clearance: Must be eligible to pass background and credit checks for Public Trust clearance.
• Citizenship: U.S. Citizen.
• W2 Employment: Must be willing to accept a W2 employment arrangement.

​

Preferred Qualifications:

​

• Experience working within the federal government’s cybersecurity frameworks and compliance requirements.
• Knowledge of current cybersecurity threats, vulnerabilities, and mitigation strategies.
• Familiarity with NIST (National Institute of Standards and Technology) cybersecurity standards and guidelines, especially NIST SP 800-53, SP 800-37, and NIST SP 800-171.
• Strong analytical and problem-solving skills.
• Excellent communication skills, with the ability to collaborate effectively across teams and departments.
• Experience with cybersecurity tools and technologies, including vulnerability scanning, penetration testing, and security monitoring.

• This position offers the opportunity to work on mission-critical cybersecurity initiatives within the federal government.
• Competitive compensation package based on experience.
• Remote work options may be available depending on project requirements

A Day in the Life:

​

The IAM Senior Engineer will be responsible for the service design, build, deploy and support key elements of Hertz Privileged Access Management (PAM) platform built leveraging CyberArk Cloud PAM solution supporting infrastructure, servers, services and privilege accounts that are part of the overall Hertz IT ecosystem.

​

It is incumbent upon the IAM Senior Engineer to ensure uniformity of services, adherence to standards, and consistency of infrastructure delivery. The Senior Engineer works with external partners to deliver quality services to Internal and External Customers.

​

The CyberArk Sr. Engineer will collaborate with various teams to ensure the seamless integration and effective use of CyberArk for managing privileged access, monitoring, and securing sensitive accounts.

​

The starting salary is $135K; commensurate with experience.

• Follow the deployment processes, which includes Build and Transition of all new initiatives, and includes phase gates reviews for key stakeholders
• Maintains an understanding of all current and emerging PAM technologies, open system standards, management technologies as they relate to the support of Hertz infrastructure
• Identifies and assumes an ownership role of PAM Infrastructure, project delivery and security management
• Manage and secure privileged accounts, monitoring access and usage in compliance with security policies.
• Conduct testing and resolve issues with CyberArk in a dev environment.
• Provide leadership and act as a senior level mentor and provide support to technical personnel for any/all issues regarding service design, implementation, education and support of Identity and Access Management infrastructure and availability
• Gathers project/application requirements from customers and stakeholders
• Help define support requirements and management infrastructure
• Ensures that third party solutions follow all Hertz standards
• Provides senior management and general staff with accurate and complete status information
• Sponsors, orchestrates, and implements technology pilots to evaluate emerging technologies and their applicability in support of Hertz business requirements and strategic goals.
• Adheres to all current Change and Problem management policies and procedures
• Additional responsibilities include participation in global 7x24 support model, planning and organization of projects, tasks, and support initiatives as assigned
• Manage privileged accounts for applications as well – i.e., database administrators, web/application server administrators, and application administrators.
• Develop onboarding automation for end points that has privileged accounts.

Required Qualifications:

​

• Minimum 6 to 8 years of relevant practical experience in Privileged Access Management design, implement and support of large-scale, global environments supporting large and globally diversified infrastructure privileged access requirements.
• Deep hands-on experience with CyberArk Cloud PAM and any other PAM solutions such as Beyond Trust.
• Experience in Identity Security and working knowledge of tools currently available to support Identity security
• Experience implementing audit, logging, and monitoring policies
• Experience in MFA, RBA, SSO, Certificate management for CyberArk environment
• Deep understanding and implementation knowledge in fraud prevention and identity verification algorithms
• Experience with implementing and supporting Public Key Infrastructures including Certificate Lifecycle Management and external PKI providers
• Experience with implementing role-based access in the PAM environment
• Strong scripting skills in Java and Powershell is essential for this role
• Strong experience working in CI/CD automation leveraging Ansible or CHEF tools.
• Strong working experience in Agile methodology.

​

Preferred Qualifications:

​

NA

What You’ll Get:

​

• Up to 40% off any standard Hertz Rental
• Paid Time Off
• Medical, Dental & Vision plan options
• Retirement programs, including 401(k) employer matching
• Paid Parental Leave & Adoption Assistance
• Employee Assistance Program for employees & family
• Educational Reimbursement & Discounts
• Voluntary Insurance Programs - Pet, Legal/Identity Theft, Critical Illness
• Perks & Discounts –Theme Park Tickets, Gym Discounts & more

Information Security Analyst II

The Information Security Analyst II is responsible for the security and availability of information assets at Omnicell. The analyst will maintain focus on monitoring, incident response, security awareness training, vulnerability management and other security and/or compliance related tasks. The position plays an important role in implementing effective information security & risk management solutions while providing key support necessary to protect the information assets of the company.

• Work with the managed SOC provider, NOC, IT and business units to triage, investigate and remediate detected security alerts and incidents
• Conduct in-depth investigation of alerts. Perform analysis and correlation of network traffic for OS and application level-alerts
• Tune signals and alerts in collaboration with SOC service provider
• Create new and maintain existing SOC standards, procedures and playbooks
• Responsible for threat monitoring and assists with incident investigation and response.
• Assists with monitoring, threat hunting, tracking, and analyzing networks/systems for potential security violations/anomalies and responding to incidents.
• Analyzes and correlates security logs and event data.
• Collaborates with adjacent IT teams in securing and monitoring network & server infrastructures, applications, filtering appliances, firewalls, and cloud-based services.
• Contributes to the development of security standards, access controls, and compliance requirements of applications, network infrastructure, servers, and workstations.
• Maintains awareness of current and emerging threat landscape.
• Compiles security & compliance metrics.
• Documents and escalates security incidents within specified/assigned systems to ensure timely follow-up and tracking.
• Documents procedures and policies, and trains staff in procedures.

Required Skills and Knowledge:

• Strong understanding of IT Infrastructure components and concepts like networking, server administration, firewalls, access controls, and identity and access management.
• Ability to quickly triage multiple security alerts and assign the right priority based upon risk and confidence levels
• Strong understanding of encryption technologies.
• Knowledge of Identity & Access Management practices, systems, and controls.
• Experience performing security monitoring, alert triage and incident response duties in a SOC environment
• Excellent analytical and problem-solving skills.
• Security automation experience is desired
• Acts with integrity.
• Demonstrate the ability to adjust to changes in customer demands or operational goals.
• Results oriented and can demonstrate a 'can-do' attitude, adaptability, flexibility, and resourcefulness.
• Strong teamwork with peers with a consultative solution approach.
• Strong time management skills and the ability to multi-task.
• Excellent written, oral, and presentation skills.
• Excellent customer services orientation and experience in business-related interactions.
• Ability to work as a self-starter with minimal supervision.
• Ability to provide user support both remotely and in person.
• Desire to learn new skills and technology.
• Flexibility to work some off-hours and on weekends.

​

Basic Qualifications:

• 5+ years work experience in IT related fields.
• 3+ years of cyber security, forensics, incident response, or threat hunting experience
• Experience using risk-based/cybersecurity frameworks, such as NIST, and knowledge of cyber incident management processes.
• Familiarity with Network-, Mobile Devices- and Windows Operating System Risks and Vulnerabilities.
• Cloud security operations, Cisco, and other network and firewall certifications and training a plus.

​

Preferred Qualifications:

• Desired Certifications: CISSP, CCSP, GCIA, GCIH, GPEN or CEH.

Work Conditions:

Office Environment

Some travel (Once per quarter or less).

​

Disclaimer: Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.