Security Engineer jobs at Concentrix

We are seeking a Security Engineer II to support threat and vulnerability management across on-premises and cloud environments. This role focuses on identifying security risks, assessing vulnerabilities, ensuring secure configurations, and driving remediation efforts to improve overall security posture. Key Responsibilities: Identify, assess, and remediate vulnerabilities across on-prem and cloud environments (AWS/Azure/GCP) Monitor and analyze threat intelligence using frameworks such as MITRE ATT&CK, OWASP, and CVSS Utilize vulnerability and cloud security tools (Tenable, Qualys, Rapid7, Prisma Cloud, Defender for Cloud, Wiz) Perform secure configuration audits using CIS Benchmarks, NIST, and STIGs Collaborate with IT, Cloud, and DevOps teams to implement remediation Automate security processes using scripting (Python, PowerShell, Bash) Track remediation progress and communicate risks to technical and non-technical stakeholders Required Skills & Experience: 4+ years of experience in Cybersecurity or IT with exposure to vulnerability or cloud security Hands-on experience with vulnerability management tools Strong understanding of security controls, risk management, and compliance Experience with scripting/automation and API integrations Familiarity with SIEM, logging, monitoring, and ticketing systems

Infrastructure Security Engineer Compensation: $40-50 /hour, depending on experience Inceed has partnered with a great company to help find a skilled Infrastructure Security Engineer to join their team! Join a dynamic team in a company that values culture and work-life balance. As an Infrastructure Engineer, you will play a crucial role in designing and maintaining a secure hybrid infrastructure. This is an exciting opportunity for someone who thrives in a technical environment and is passionate about security compliance. Enjoy working in a supportive and collaborative setting where your skills and expertise will make a significant impact. Key Responsibilities & Duties: Design and manage Azure environments and Azure Virtual Desktop. Ensure compliance with security frameworks like CMMC and NIST. Administer Windows Server and Active Directory. Implement and monitor network security. Translate compliance requirements into technical controls. Collaborate with high-level executives and cross-functional teams. Required Qualifications & Experience: Bachelor's degree in IT or 10 years of IT experience. Proven experience with cloud and on-premises environments. Strong understanding of CMMC or NIST frameworks. Excellent written and verbal communication skills. Strong analytical and troubleshooting skills. Nice to Have Skills & Experience: Experience with Hyper-V and VMware. Knowledge of PowerShell scripting and automation. Familiarity with vulnerability management and incident response. Perks & Benefits: 3 different medical health insurance plans, dental, and vision insurance Voluntary and Long-term disability insurance Paid time off, 401k, and holiday pay Weekly direct deposit or pay card deposit If you are interested in learning more about the Infrastructure Security Engineer opportunity, please submit your resume for consideration. Our client is unable to provide sponsorship at this time. We are Inceed, a staffing direct placement firm who believes in the possibility of something better. Our mission is simple: We're here to help every person, whether client, candidate, or employee, find and secure what's better for them. Inceed is an equal opportunity employer. Inceed prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity, or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. #IND

ECCO Select is a talent acquisition and consulting company specializing in people, process and technology solutions. We provide the talent behind the technology enabling our clients to achieve their goals. For more information about ECCO Select, visit us at ******************* Position Title: Endpoint Security Engineer Location Information Kansas City Metro (Onsite) Position Responsibilities: The Endpoint Security Engineer will play a critical role within the IT security and operations team, responsible for the administration, implementation, and continual improvement of endpoint security solutions-primarily utilizing Microsoft Intune. The ideal candidate must possess advanced expertise in Intune for Mobile Device Management (MDM) and Mobile Application Management (MAM), and be prepared to respond to security incidents beyond regular business hours. Experience with Jamf in Apple environments is an advantage. Design, deploy, and manage the organization's Microsoft Intune environment for both corporate-owned and BYOD (Bring Your Own Device) devices, ensuring a secure yet seamless user experience. Develop and maintain solutions for device enrollment, authentication, and complete lifecycle management utilizing Intune, while leveraging Jamf for Apple device environments when required. Configure, optimize, and monitor Microsoft Intune settings for MDM and MAM across Windows, Android, and iOS devices to ensure security and compliance. Establish and enforce device compliance policies, security baselines, encryption protocols, and remote wipe capabilities for rapid incident response. Manage application deployment, app protection policies, and conditional access requirements via Intune and related tools. Continuously monitor the performance of security solutions via analytics, logs, and user feedback; proactively identify areas for improvement to enhance protection and efficiency. Lead or contribute to large-scale device migrations, OS upgrades, and mobility transformation projects, ensuring minimal business impact and service continuity. Regularly monitor, investigate, and respond to endpoint threats, vulnerabilities, and anomalies; promptly remediate endpoint security incidents and collaborate with SOC and IT support teams for escalated security issues and rapid resolution. Ensure that endpoint security implementations meet regulatory standards and internal governance requirements; stay up to date with relevant compliance frameworks (HIPAA, GDPR, SOC 2, etc.). Generate detailed reports on device compliance, application usage, and security incidents, supplying metrics and documentation for audits and stakeholders as required. Develop, refine, and deliver training sessions and materials for end-users and IT helpdesk staff on device enrollment, usage, and security best practices. Provide Tier 2/3 support for complex endpoint security, mobility, and compliance issues; serve as a subject matter expert for cross-functional teams implementing security initiatives. Promote a culture of continuous improvement by researching and recommending new endpoint security technologies, trends, and best practices; implement process and tool enhancements as appropriate. Essential Skills, Experience 3-5 years of hands-on experience in administering and supporting Microsoft Intune, Office 365, and enterprise device security solutions. Strong proficiency in configuring, managing, and troubleshooting Intune, Microsoft Endpoint Manager, and Azure Active Directory settings. Proven expertise in designing, deploying, and supporting MDM/MAM solutions for large enterprise environments. Comprehensive understanding of endpoint security principles, including antivirus, EDR, encryption, secure authentication, and access controls. Practical experience with endpoint compliance and governance requirements; strong working knowledge of frameworks such as HIPAA, GDPR, or SOC 2 and involvement in audit processes. Familiarity with automation and scripting tools (e.g., PowerShell, Bash) for task automation, device management, and mobile application deployment. Demonstrated ability to manage multiple complex projects simultaneously, with excellent organizational, analytical, and documentation skills. Knowledge of Active Directory, Group Policy Objects (GPO), and remote support tools for user and device management. Exceptional interpersonal and communication skills, with a proven track record of successful cross-functional collaboration and the ability to operate independently or as part of a team. Preferred: Hands-on experience with Jamf administration for mac OS and iOS device management, including policy configuration and endpoint protection. Preparedness to provide support and incident response outside normal business hours as needed. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (advanced degrees or relevant certifications are a plus). Preferred certifications: Microsoft Certified (Intune, Azure, or Endpoint Manager), Jamf Certification. ECCO Select is committed to hiring and retaining a diverse workforce. Our policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Veterans of our United States Uniformed Services are specifically encouraged to apply for ECCO Select opportunities. Equal Employment Opportunity is The Law This Organization Participates in E-Verify

Job Family: Technology Consulting Travel Required: Up to 25% Clearance Required: Active Top Secret SCI with Polygraph What You Will Do: Guidehouse has an opportunity for a cleared Sr. Information Security Consultant to leverage their understanding of IC/DOD Risk Management Frameworks (RMF), continuous monitoring, risk scoring, and risk management experience to lead our team of Assessors in conducting rigorous technical testing of security controls across various domains such as access control, cryptography, network security, and incident response for our Intelligence Community customer. This role is 100% on-site and you must be a self-starter able to work independently. Responsibilities include but are not limited to: Works with senior members of the client organization to ensure that overall program and project direction, strategy and expectations are met. Quickly Gain understanding of customer's mission and impact managerial practices. Act as a high-level assessor to help all the Security Control Assessors (SCA) on the RMF Team with their assessments and assessment report reviews prior to submission to the government Manage security controls assessments including kickoff, submission of deliverables, final report, and executive briefing Conduct audits to ensure that security controls are implemented correctly and operating effectively Monitor and evaluate a system's compliance with security, resilience, and dependability requirements Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations through the development of POA&Ms Lead continuous improvement initiatives aimed at enhancing the effectiveness and efficiency of security assessment processes. Identify opportunities for automation, optimization, and enhancement of assessment methodologies and tools. Mentor to junior Security Control Assessors What You Will Need: An ACTIVE and MAINTAINED TOP SECRET/SCI federal security clearance with a Counterintelligence (CI) polygraph Bachelor's Degree FIVE (5) or more years' experience in cybersecurity Ability to obtain a DoD 8570.01-M (IAT III) certification (i.e. CASP+CE, CISSP, CISA, GCED, GCIH, CCSP) within the first 90 days of starting at Guidehouse What Would Be Nice To Have: An active DoD 8570.01-M (IAT III) certification (i.e. CASP+CE, CISSP, CISA, GCED, GCIH, CCSP) Proficient computer skills and experience using Microsoft applications (Word, Excel, PowerPoint, Visio and Outlook) Exceptional oral and written communication skills What We Offer: Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits include: Medical, Rx, Dental & Vision Insurance Personal and Family Sick Time & Company Paid Holidays Position may be eligible for a discretionary variable incentive bonus Parental Leave and Adoption Assistance 401(k) Retirement Plan Basic Life & Supplemental Life Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts Short-Term & Long-Term Disability Student Loan PayDown Tuition Reimbursement, Personal Development & Learning Opportunities Skills Development & Certifications Employee Referral Program Corporate Sponsored Events & Community Outreach Emergency Back-Up Childcare Program Mobility Stipend About Guidehouse Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco. If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at ************** or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation. All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or ************************. Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process. If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact *************************. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

Role: Information Security Engineer Contract: 24 months In this contingent resource assignment, you may: Consult on complex initiatives with broad impact and large-scale planning for Information Security Engineering. Review and analyze complex, multi-faceted, larger-scale, or longer-term Information Security Engineering challenges that require in-depth evaluation of multiple factors, including intangibles or unprecedented factors. Contribute to the resolution of complex and multi-faceted situations requiring a solid understanding of the function, policies, procedures, and compliance requirements that meet deliverables. Strategically collaborate and consult with client personnel. Required Qualifications: 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, or education. Required Qualifications: Experience with encryption technologies with emphasis on OpenText Core Data Privacy and Protection (Voltage) Unix/Linux Systems Administration experience with in-depth knowledge of troubleshooting, OS hardening, and OS tuning Change management experience 3+ years of compliance experience Experience with scripting tools such as bash, Python, PowerShell, etc. Desired Qualifications: Intermediate to advanced level experience with scripting/automation using tools such as Bash, PowerShell, Python, Ansible, VBScript, JavaScript, UI path, etc. 2+ years of application development experience Experience with DevOps and CI/CD automated build and deployment processes. Knowledge and understanding of implementing infrastructure upgrades, security patches, or version upgrades. Knowledge and understanding of Splunk EEO: “Mindlance is an Equal Opportunity Employer and does not discriminate in employment based on - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

We are looking for a Cyber Security Analyst to join our global security team. This role will suit a technically capable individual with experience in security operations who is looking to broaden their exposure across security monitoring, engineering, and incident response within a dynamic environment. The role provides hands-on involvement in triaging and investigating security alerts, acting as an escalation point for the outsourced Security Operations Centre (SOC), supporting major incident response activities. The successful candidate will work closely with infrastructure and network teams to manage and optimise endpoint, email, identity, and vulnerability management platforms, while contributing to continuous improvement of the organisation's security posture. This role offers the opportunity to evaluate and transition between security tools, maintain policy continuity and develop a broad, practical skillset across enterprise cyber security functions. Business Overview Established in 1783, ED&F Man is an employee-owned agricultural commodities merchant with 2,800 people in 43 countries and annual revenue in excess of $8bn. We trade sugar, coffee, molasses, animal feed and fish oils. Corporate responsibility is ingrained in our culture. We are passionate about sustainable production, take care to limit the environmental impact of our operations and actively support the communities in which we work. Key Accountabilities Act as the escalation point for the outsourced SOC, receiving and triaging alerts that require deeper investigation. Conduct thorough investigations to produce high-quality, actionable insights for incident resolution. Participate actively in major security incidents, contributing to containment, eradication and recovery efforts Document incident timelines and contribute to post-incident reviews and lessons learned. Respond to detections, triage alerts and update SOC tickets with investigation findings Maintain and update policies in line with vendor best practice and internal Change Advisory Board protocols. Monitor agent health, audit version compliance and remediate orphaned or non-compliant clients. Attend monthly vendor meetings to review support cases and incorporate best practice guidance. Design and refine SOC playbooks and response actions, evaluating new security technologies through structured proof-of-concept trials and creating scoring matrices to compare vendors. Manage block and safe listings to maintain email hygiene, troubleshooting false positives and tune detection rules. Perform email investigations as required in response to phishing or BEC attempts, producing monthly vulnerability reports and prioritising remediation efforts based on risk. Work with infrastructure and application teams to test patches and drive vulnerability counts down. Attend monthly TAM meetings to review support cases and best practices. Maintain agility to substitute security products as business requirements evolve, ensuring policy continuity throughout transitions. Skills and Experience: 5+ years' experience in a Cyber Security Analyst or similar role, with strong incident response and major incident handling expertise. Hands-on experience with EDR (alert triage, policy management, sensor deployment), preferably CrowdStrike Falcon. Experience developing SOC playbooks, response actions, and running proof-of-concept evaluations and vendor comparisons. Confident, proactive communicator able to engage senior stakeholders, clearly explain complex security issues, and recommend actions. Collaborative and approachable, building trust with technical peers and supporting service desk and front-line teams. Calm, effective, and resilient under pressure, particularly during security incidents in a front-facing role. Formal qualifications not essential; proven hands-on experience and delivery record valued. Technical Capabilities: Experience with SIEM platforms (e.g. Rapid7), Email Security and Data Security/DLP solutions (e.g. Varonis). Strong knowledge of Entra ID security features including Conditional Access and PIM, plus familiarity with PAM tools including BeyondTrust, Osirium and Okta. Solid networking fundamentals (TCP/IP, DNS, firewalls, proxies, SSL/TLS) and vulnerability management experience (Qualys/Rapid7 preferred). Cloud security experience across Azure and/or AWS. Scripting skills in Python and/or AutoIT for automation and tooling. Desirable certifications include CompTIA Security+, Network+, CySA+, PenTest+, CASP+, CEH, CISSP, and relevant vendor certifications (e.g., CrowdStrike, Qualys, Palo Alto). We recognise that talent comes in many forms, and we value potential just as much as experience. If this role excites you but you don't meet every requirement, we still encourage you to apply. Our Offer We provide a fast-paced, stimulating and truly global environment, which will stretch your abilities and channel your talents. We also offer competitive salary and benefits combined with outstanding career development opportunities in one of the global leaders in soft commodity trading. Our Values Respect, Integrity, Meritocracy, Client Focus, Entrepreneurship Our values define who we are. They are the fundamental beliefs that determine our actions and guide our behaviour. They influence the way we communicate and collaborate, and define the way we engage with our clients, partners, and communities. Our values are underpinned by a set of essential behaviours, which form part of our performance management approach. Delivering on our objectives is very much about ‘what' we do, but these essential behaviours also provide a guide and measure for ‘how' we do things. Our performance essentials are Take Initiative, Self‐Management, Deliver Results and Collaboration. Our Commitment We are committed to creating and sustaining an inclusive and diverse work environment where all employees are treated with dignity and respect. We are committed to promoting equal opportunities in employment and are focussed on actively building and developing diverse teams. All qualified applicants will receive equal treatment without regard to race, colour, sex, gender, age, religion or belief, ethnic or national origin, marital or civil partner status, physical or mental disability, military or veteran status, sexual orientation, gender reassignment (identity, gender expression), genetic information or any characteristic protected by local law. We are willing to make any reasonable adjustments throughout our recruitment process. To apply you must have the right to work for the provided location.

SAP Security Administrator Compensation: $130,000 - $160,000 annually, depending on experience Inceed has partnered with a great company to help find a skilled SAP Security Administrator to join their team! Join an innovative environment where you will play a critical role in managing and supporting SAP Roles and Security within a dynamic SAP landscape. This is an exciting opportunity to contribute to the design, development, and implementation of SAP Role Administration functions. If you are passionate about SAP security and thrive in a collaborative setting, this role is for you! Key Responsibilities & Duties: Design and maintain security solutions for identity and access management Analyze processes to deliver quality solutions meeting business requirements Drive security strategy for S4Hana ecosystem Identify and mitigate security risks and violations Ensure SAP security aligns with standards and methodologies Provide technical support and resolve security issues Collaborate with IT management for user/system access controls Generate SOX and adhoc reports regularly Maintain Segregation of Duties for SAP environment Conduct vulnerability assessments and penetration tests Required Qualifications & Experience: Bachelor's Degree in Business Management, Information Systems, or related field 4+ years experience in SAP GRC, Role Administration & Security Experience with SAP S/4 HANA security and authorizations In-depth understanding of SAP Security Role design & GRC Architecture Expertise in SAP Security automation and scripts creation Nice to Have Skills & Experience: Experience with cloud applications and Azure SAP GRC Certification Oil and Gas industry experience Experience with SAP GRC Access Control configuration Strong knowledge in provisioning to SAP LDAP and SAP Enterprise Portal Perks & Benefits: Comprehensive and competitive benefits package-details shared during later stages If you are interested in learning more about the SAP Security Administrator opportunity, please submit your resume for consideration. Our client is unable to provide sponsorship at this time. We are Inceed, a staffing direct placement firm who believes in the possibility of something better. Our mission is simple: We're here to help every person, whether client, candidate, or employee, find and secure what's better for them. Inceed is an equal opportunity employer. Inceed prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity, or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.

Candidates Only no 3rd Party Candidates! Company is seeking a Senior Security Engineer or Security Solutions Architect with deep experience in Zscaler Internet Access (ZIA) and Secure Web Gateway (SWG) solutions. The resource will review and assess the current Zscaler deployment, identify best practices, implement configuration and policy improvements, and optimize workflows to improve security posture and user experience. Key Responsibilities Assess Company's current Zscaler ZIA (SWG) deployment and provide best practice recommendations. Perform configuration updates, policy tuning, and remediations based on assessment findings. Review and optimize the website approval workflow, reducing turnaround time for URL requests (currently 2-3 days). Implement granular Zscaler policies allowing differentiated access based on user identity (e.g., allow downloads but restrict uploads). Assist with Zscaler DLP policy design and management. Develop and document end-user and administrator processes, ensuring consistency and clarity. Identify opportunities to automate policy or workflow management via scripting or ServiceNow integrations. Collaborate with internal teams (SOC, Engineering, GRC) to align configurations with security requirements. Required Qualifications 7+ years of experience in IT security engineering or architecture. Proven expertise with Zscaler Internet Access (ZIA) and Secure Web Gateway (SWG) design, deployment, and optimization. Working knowledge of Zscaler Private Access (ZPA) and Zscaler DLP. Strong understanding of enterprise networking, including firewalls, proxies, and DNS. Experience designing and implementing identity-based policies within Zscaler. Familiarity with Zero Trust architecture, encryption, and access control principles. Proficiency in Python scripting or API integration for automation and workflow improvements. Experience integrating with ServiceNow or similar platforms. Excellent communication skills and ability to operate independently in a fast-paced environment. Strong process orientation with proven experience analyzing, optimizing, and documenting workflows.

The Information Security Compliance Analyst plays a pivotal role in safeguarding the organization's information assets by leading compliance initiatives, managing vendor and client security assessments, and supporting incident response efforts. This position ensures alignment with industry standards such as ISO27001, SOC 2, PCI DSS, and GDPR, while maintaining robust governance frameworks and security policies. The analyst collaborates cross-functionally to enhance security operations, drive continuous improvement, and uphold regulatory compliance across ITA Group's systems and third-party relationships. ACCOUNTABILITIES & PERFORMANCE EXPECTATIONS Security Operations & Compliance Lead client and vendor security assessments, including third-party reviews, risk assessments, and questionnaire responses. Build and manage workflows for vendor assessments and due diligence. Oversee compliance audits (SOC2, PCI, ISO27001, TruSight), including evidence collection and process optimization. Support the Information Systems Incident Response Team (ISIRT) during security events. Assist in developing requirements for security tools and operational procedures. Evaluate and recommend emerging security technologies and products. Provide off-hours support on a rotating and as-needed basis. Coordinate with external suppliers to resolve security incidents. Systems & Tools Management Administer and monitor various security tools to ensure optimal performance and coverage. Audit & Incident Management Conduct quarterly audits of systems in scope for compliance. Maintain incident logs and ensure readiness for ISO27001 certification. Investigate and remediate Microsoft Security alerts. Compliance Certifications Collaborate with Legal to support privacy regulations and ensure compliance with GDPR and other frameworks. Governance Management Develop and implement Data Loss Prevention (DLP) rules for sensitive document handling. Enhance Insider Threat Protection capabilities. Maintain and update InfoSec policies and procedures. Provide organization-wide coaching and mentorship on security policies. Ensure regulatory and compliance requirements are consistently met. Establish and maintain a security framework and auditing process. Manage security questionnaires and third-party data security risk assessments. Analyze and investigate security anomalies using platform reports, logs, and alerts. POSITION REQUIREMENTS Bachelor's degree in computer science, information technology, or equivalent experience. Five-to-eight years experience in information technology support with at least five years of experience in system administration and system design. Security certification such as CISSP, CISA, or CISM are required. Technical certifications in Cisco and Microsoft products is preferred. Excellent communication and documentation skills. Strong experience with ISO27001, SOC 2, PCI DSS 4.x, GDPR, and other regulatory frameworks and privacy regulations. Ability to demonstrate ownership of systems and drive the technology forward to the goals of the company. Direct involvement in the annual planning and budgeting process for Information Technology. Strong communication skills and the ability to interact with other systems personnel in a team environment. Ability to maintain confidentiality pertaining to nonpublic business, financial, personnel, salary, and technological information, plans or data. Ability to think analytically to solve technical problems individually and in a team environment. Ability to effectively plan, schedule and coordinate projects and meet deadlines, managing multiple project concurrently. Ability to analyze and communicate technology performance results. Specific experience working with our current primary technology and software preferred. Ability to listen, understand and respond to external and internal customers' needs in a timely manner; customer service experience in a service-related industry preferred. Ability to work the time necessary to complete projects and/or meet deadlines. ABOUT ITA GROUP ITA Group is an employee-owned engagement and loyalty company that provides data-driven solutions designed to uniquely motivate and inspire our clients' employees, channel partners and customers. Creating engaging employee experiences is at the heart of what we do and who we are, and we continuously evaluate our team member benefits to ensure our team members are cared for. We offer an array of competitive benefits, including healthy retirement contributions, health, dental and vision insurance, paid parental leave, flexible work arrangements, Volunteer Time Off, paid sabbaticals, anniversary awards and more! Come join our team, recently recognized by several top organizations as a Great Place to Work.

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING! This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below. “Beware of scams. S3 never asks for money during its onboarding process.” Job Title: Information Security Engineer- Automation (Cisco ISE) Location: Charlotte, NC 28262/ Raleigh, NC 27607 Onsite Work Contract Length: 24+ Months Pay: 75-80 an hr on W2 About the Role We are seeking a highly motivated Information Security Engineer to design and implement automation solutions that streamline and enhance management of the Cisco Identity Services Engine (ISE) platform. This role is ideal for a proactive, self-directed engineer who thrives in complex environments and enjoys building scalable, secure automation that reduces manual effort and improves operational efficiency. You will play a key role in developing automation workflows, integrating systems via APIs, and collaborating with cross-functional teams to translate business and security requirements into reliable, maintainable solutions. Key Responsibilities Design, develop, and implement automation workflows to support Cisco ISE configuration, policy updates, and operational tasks Build and maintain Python-based automation scripts and Ansible playbooks aligned with business and security requirements Develop application and system integrations using RESTful and/or SOAP APIs, including authentication mechanisms (OAuth, JWT), data transformation, and error handling Create secure, scalable API integrations with internal systems and third-party services Utilize API testing tools such as Postman and Swagger to validate functionality, performance, and security compliance Integrate automation solutions with external platforms (e.g., HashiCorp Vault) for secure credential and secrets management Develop custom tooling to simplify administrative processes and reduce manual day-to-day operational tasks Collaborate with internal stakeholders to gather requirements and deliver scalable automation solutions Document automation architecture, workflows, and usage guidelines to support maintainability and knowledge transfer Troubleshoot, optimize, and enhance automation scripts for reliability, scalability, and performance Required Qualifications Strong experience managing network infrastructure as code Advanced Python development skills Proven experience building Ansible playbooks based on business and operational requirements Hands-on experience creating and maintaining technical documentation (automation architecture, READMEs, runbooks) Ability to work independently, adapt to evolving requirements, and navigate complex or ambiguous processes with minimal supervision Nice-to-Have Qualifications Experience with Cisco Identity Services Engine (ISE) Background in network engineering or network security Work Location & Schedule This is a hybrid role requiring 3 full days per week onsite (8 hours per day) at one of the following locations:

Role Responsibilities Daily access reconciliation control monitoring, application administrator support, and follow up the remediation effort. Must Have Skills / Prior Experiences The Cybersecurity Analyst should have a high level of knowledge and understanding least one IGA platform solution (OIG, SailPoint, Saviynt, ForgeRock). Strong analytical skills for understanding complex datasets. Ability to write SQL queries/Python/Shell scripts and pull relevant data from the database and file systems. Experience is creating strategic performance dashboards and metrics Skills in planning, organizing, and adapting within a multi-tasking environment. Strong interpersonal skills, flexibility, and customer service orientation. Ability to evaluate emerging technologies and identify their potential impact within the existing environment. Plus / Nice to Have Skills / Prior Experiences An understanding of regulatory requirements and experience supporting internal and external audits but gathering evidence is a significant advantage. EEO: “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

• DevSecOps' expertise in building and supporting security solutions for Windows, Linux, above mentioned platforms, including services such as Enterprise Vulnerability Management, data protection, privacy and compliance, network protection. • Building and deploying security solutions using technologies such as Docker, Kubernetes, and GIT Hub. • Experience in low code environments such as Appian and Microsoft Power Platforms is mandatory. • Experience with Alteryx ETL and Workflow Designer platform is plus. • Experience with Identity and Access, Endpoint, Vulnerability management and other cybersecurity automation workflows. • Experience writing Automation scripts in Python and deploying them leveraging APIs. • Experience with AI enabled automation workflows. • Experience with Agile methodology and Atlassian tools including JIRA and Confluence. • Communicating with various audiences, including business leaders, engineers, clients, and team members, with excellent ability to convey information that is relevant to the audience. • Written communication for excellent documentation and reporting. • Outstanding teamwork across multidiscipline plan-build-run teams. • Applying your understanding and expertise with systems automation platforms and technologies. • Automating security controls, data, and processes to provide metrics and operational support. • Employing cloud-based APIs when suitable to integrate and orchestrate across various systems in the automation workflow. • Developing and delivering solutions using Agile methodology. “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

Local candidates only. Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS-IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports.

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING! This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below. “Beware of scams. S3 never asks for money during its onboarding process.” Job Title: Information Security Analyst Location: Chandler, AZ 85286 Onsite Work Contract Length: 6+ Months Pay: 45-48 an hr on W2 Overview We are seeking an Information Security Analysts to support a Central Access Provisioning team during a transition from a manual to an automated Identity and Access Management (IAM) environment. These roles will also provide flexible support across IAM Operations teams to address capacity needs resulting from workforce attrition and evolving operational demands. The ideal candidates will have hands-on experience with IAM tools, strong foundational knowledge of authentication standards, and the ability to operate effectively in a regulated, security-focused environment. Key Responsibilities Support Identity and Access Management (IAM) operations, including access provisioning and related security processes. Participate in low- to moderately complex information security initiatives and identify opportunities for process improvement. Review, analyze, and resolve basic to intermediate information security assignments requiring research, evaluation, and selection of appropriate solutions. Assist with low- to medium-risk deliverables in alignment with established policies, procedures, and compliance requirements. Develop and present recommendations to address security-related issues, exercising independent judgment within defined guidelines. Provide timely and accurate information to internal stakeholders and client personnel related to information security analysis. Collaborate with cross-functional teams and interact effectively with multiple levels of leadership. Manage priorities, meet deadlines, and deliver high-quality results in a fast-paced environment. Required Qualifications Minimum of 2 years of experience in Information Security Analysis or a related field, or equivalent experience demonstrated through a combination of work experience, consulting, training, military service, or education. Hands-on experience with IAM tools, such as: SailPoint Okta CyberArk Ping Microsoft Entra ID (Azure AD) Working knowledge of authentication and identity standards, including: LDAP SAML OAuth OpenID SCIM Familiarity with security and compliance frameworks, such as ISO, NIST, SOX, and PCI. Strong organizational skills with the ability to multitask and prioritize competing requests. Customer-service mindset with a demonstrated ability to respond to requests in a timely and professional manner. Proficiency in Microsoft Office applications, including Word, Excel, Outlook, PowerPoint, Access, and Project.

Our client is seeking an Information Security Architect to join their team! This position is located in Hopkins, Minnesota. Validate the design and operational effectiveness of IT General Controls and Cloud controls Perform control procedure and documentation reviews including conducting interviews to clarify processes, data flows and architectures Prepare test scripts Perform root cause and impact analysis and provide management with recommendations to resolve issued findings Advise business partners on IT findings, risks and control weaknesses Validate findings post remediation Use knowledge of the current IT environment and industry IT trends to help identify and anticipate potential issues that may impact the banks risk landscape Design and assist in building continuous monitoring/reporting to improve efficiency an awareness of control testing activities Provide technical assistance on audit techniques Maintain an understanding of the cybersecurity footprint, platform architecture, cloud infrastructure, data governance and privacy compliance, general computing control structure of the Company (systems and architecture) and be able to apply that knowledge to how it supports the processes and procedures being reviewed Develop and maintain strong and effective working relationships with key business partners Engage and follow up to ensure deliverables are met, and identified gaps have been communicated Desired Skills/Experience: Ability to operate independently and perform quality work within the scheduled timeframe Excellent listening and communication skills in both written and verbal forms Previous experience in writing internal audit reports, preferred Experience executing technology audit and ITGC Testing Experience in auditing IT cloud operations, network, infrastructure, and security related to Amazon Web Services and Azure Experience in IT security and IT governance risk and compliance Must be proficient using Microsoft Office software Must possess an understanding of Information Security policies and standards, and have a working knowledge of Business Continuity Programs, electronic banking software and applications, Cloud computing, Cybersecurity Regulatory Framework, and Vendor Management practices Strong analytical, interpersonal and communication skills Strong understanding of cybersecurity processes and concepts as well as application controls Working knowledge and experience in python, JSON and SQL Working knowledge and experience with professional standards including CCM, NIST CSF, COSO and COBIT Benefits: Medical, Dental, & Vision Insurance Plans Employee-Owned Profit Sharing (ESOP) 401K offered The approximate pay range for this position is between $46.00 and $65.71. Please note that the pay range provided is a good faith estimate. Final compensation may vary based on factors including but not limited to background, knowledge, skills, and location. We comply with local wage minimums.

Jr. Security Analyst Our client is currently looking for a Jr. Security Analyst to join their team in a long term contract capacity focusing on an increase in compliance and audit work heading into the new year. This person will be brought on to support an established information security and compliance team. This role is ideal for someone looking to grow in TPA (Third Party Assessment), audit support, compliance operations, NIST frameworks, and GRC practices. Below is a breakdown of what our enterprise client is looking for in their potential candidate! Key Responsibilities Support Third Party Assessments (TPAs) by gathering evidence, tracking documentation, and helping review vendor security controls. Participate in internal and external audit readiness tasks including evidence collection, control testing preparation, remediation tracking, and audit log review coordination. Assist with vulnerability scan reporting, ticket creation, and follow-up with technical teams on remediation tasks. Support intake, documentation, and status tracking of new compliance and security projects. Help maintain dashboards, risk registers, and compliance reporting metrics within the GRC tool. Participate in annual assessment activities including contingency plan exercises, incident response tests, access reviews, and other required security program tasks. Assist with audit log reviews and routine monitoring processes as assigned. Maintain structured, accurate documentation to support continuous compliance efforts. Minimum Qualifications 1-3 years of experience in security, IT, audit, or compliance support roles (internships or rotational experience accepted). Foundational knowledge of NIST frameworks, FISMA requirements, or other security compliance standards (HIPAA, SOC 2, ISO 27001 a plus). Experience with GRC platforms (ServiceNow, Archer, OneTrust, ZenGRC, etc.) OR strong interest in learning. Strong attention to detail with the ability to create, edit, and maintain structured documentation. Proficiency with Microsoft Office and basic workflow tracking tools (Excel, SharePoint, Confluence, Smartsheet, etc.). Familiarity with basic cybersecurity terminology and frameworks (e.g., CIS Controls). Experience supporting compliance evidence collection or policy documentation. Interest in security governance, risk, and compliance as a long-term career path.

The Senior InfoSec GRC Analyst is responsible for driving the development, implementation, communication, and maintenance of technology policies, standards, and procedures that are aligned to industry standards and regulatory requirements. This role ensures that technology processes adhere to regulatory requirements, manage risks effectively, and establish strong governance practices. The position also develops and implements controls, monitors compliance, and supports risk management activities. Responsibilities: Lead the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines. Continuously evaluate and update cybersecurity and IT policies to ensure they remain current and effective. Ensure policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Collaborate with cross-functional teams, including IT, legal, compliance, and business stakeholders, to ensure cybersecurity policies align with organizational objectives. Translate complex information and documentation into clear and simple concepts for end-users. Provide specialized expertise to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommend actionable solutions to mitigate risks and strengthen overall security posture. Stay informed about the latest cybersecurity threats, trends, and best practices. Maintain accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses. Benchmark policies against industry standards and best practices. Develop and implement governance frameworks for cybersecurity policy management. Monitor key performance indicators, conduct gap analyses and risk assessments, and implement frameworks as needed. Test and monitor the effectiveness of controls. Establish feedback loops and analyze metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats. Lead and support internal and external audits and assessments of cybersecurity policies and practices. Ensure identified audit and assessment findings and actions are tracked to closure. Maintain comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicate policy requirements and updates to relevant stakeholders. Identify opportunities for innovation and improvement in cybersecurity policies and practices. Propose mitigation strategies and verify the effectiveness of remediation plans. Requirements: Bachelor's Degree in Information Security, Computer Science, Information Technology, or a related field (preferred). Minimum of six (6)+ years' experience working in Cybersecurity GRC, policy development, risk management, or a similar field. Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust). Proficiency with data analysis and reporting tools (e.g., Excel, Power BI). Relevant certifications such as CISM and/or CISA (highly desirable). Strong knowledge of regulatory frameworks (NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Understanding of risk management concepts, control frameworks, and compliance auditing. Ability to provide consultation and recommendations to management. Strong communication skills with the ability to present effectively to both technical and non-technical audiences.

Hybrid - remote allowed, but should live in driving proximity to Springfield, VA Travel: up to 25 percent mostly to Chicago and Atlanta** Direct Hire with Benefits In this role you will guide the security direction for a hybrid environment that spans on premises systems and cloud platforms including Microsoft Dynamics Microsoft 365 Azure directory and the Microsoft security ecosystem. You will also work hands on with firewalls support multi-site network uptime document standards train users and collaborate closely with software and security vendors. This position requires someone who enjoys being the subject matter expert who can see the big picture while also building and improving day to day systems. What you will do Lead security operations including assessment mitigation and incident response Support and maintain the network across multiple facilities with a focus on reliability and resilience Plan and implement architecture improvements for both on premises and cloud based environments Work with business and software vendors to evaluate tools resolve issues and drive enhancements Develop and maintain documentation playbooks and standards for network and security operations Provide user training on security best practices and new technologies Drive continuous improvement by exploring and recommending modern solutions What we are looking for Five or more years of hands on experience in security engineering or network security Experience supporting hybrid environments on premises and cloud Strong familiarity with Microsoft based ecosystems including Dynamics M365 Azure directory Sentinel Defender P2 and E5 Background working with firewalls pfsense or similar Ability to design troubleshoot and document network architectures Experience responding to security events and closing security gaps Comfort interacting with external vendors and internal teams Clear communication skills solid documentation habits and a growth mindset Candidates must be based in Virginia and open to regional travel up to 25 percent If you enjoy being the trusted expert for both networking and security and want the freedom to influence modern solutions this role offers the autonomy and impact you are looking for.