Cyber Security Analyst jobs in Chicopee, MA

Cyber Security Analyst Washington, DC Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level! Chenega Agile Real-Time Solutions (CARS) was created with the purpose of providing integrated enterprise IT support to Federal customers both CONUS and OCONUS. CARS employs Subject Matter Experts (SMEs) with decades of experience working in the Federal marketplace. The Cyber Security Analyst will support the Department of Education to ensure that the organization's networks, as well as information, are secure while employing continuous monitoring of intrusion detection/prevention for all systems and applications. Responsibilities * Ensure that the organization's networks, as well as information, are secure. * Employ continuous monitoring of intrusion detection/prevention for all systems and applications. * Ensure appropriate data encryption (in transit and at rest) levels based on the protection needs of targeted data, administer host intrusion protection, data loss prevention, antivirus, vulnerability management, and security information event management. * Create and update Information Assurance artifacts, create and manage Plans of Action and Milestones, and perform all duties within the Cyber Security Asset Management portal. * Update all cybersecurity documentation and attend all related IT and Cybersecurity meetings. * Provide knowledge for maintaining awareness of system/network security posture, including vulnerability scanning to facilitate the application of quick and effective corrective measures, while ensuring configuration management requirements are met. * Provide technical knowledge and information assurance analysis support, including security assessment of applications and systems, operating systems, internet-facing interfaces, intranet, and other interconnections. * Provide analysis of existing system vulnerabilities, including possible intrusion/entry points, resource manipulation, denial of service, and/or destruction of resources. * Provide technical support and analysis to document the organizational information protection framework and support policy and procedures preparation and implementation. * Provide technical and thought-leadership responsibilities for multiple information security disciplines such as incident response, vulnerability management, intrusion detection and prevention, threat hunting, security operations, security policy, and awareness/education. * Support, maintain, monitor, troubleshoot, and enhance security infrastructure tools, methodologies, software, and hardware. Drafts and reviews information security policies, processes, and procedures. * Oversee information security incident response activities, risk assessment and risk management activities, and vulnerability assessment and vulnerability management activities. * Manage detailed network, operating system, database, and application vulnerability assessments and security configuration audits. Manages information security initiatives. * Prepare information security awareness and education materials and other documentation. * Determine and document information security requirements and controls necessary for the protection of information resources. * Provide guidance and assistance regarding information security matters, such as the interpretation of information security policies and requirements, or their applicability to situations. * Analyze data from Information Security functions and provide reports and recommended response actions to the Information Security Manager (ISM/ISSO). * Publish regular status reports and submit them to management * Mentor junior staff and peers, providing guidance on best practices and technical procedures; serve as the primary backup for critical cybersecurity functions as needed to ensure continuity of operations. * Other duties as assigned. Qualifications * Bachelor's degree in computer science, Information Systems, or related cybersecurity certifications (i.e., CISSP, SSCP, etc.) and 8+ years of experience as a Cyber Security Analyst OR * High school diploma or GED and 10+ years of Cyber Security Analyst experience may be used in lieu of a degree * Experience with IT Compliance and Risk Management Methodologies - Cyber Security Framework, NIST Standards (SP 800-53r5), HIPPA, and FISMA * Ability to obtain Public Trust Knowledge, Skills, and Abilities: * Strong knowledge of best practices associated with as well as the appropriate authoritative guidance for physical security, network security, security risk assessments, critical infrastructure protection, continuity, and contingency planning, emergency preparedness, security awareness, and training. * Strong knowledge of maintaining awareness of system/network posture. * Strong analysis and comprehension skills. * Ability to provide technical knowledge and information assurance analysis support. * Ability to work nights, weekends, and holidays as required. * Ability to maintain top-secret clearance. * Ability to work independently and yet be effective within a team setting * Must be capable of managing multiple efforts with time-related constraints in a fast-paced contracting environment * Demonstrated ability to effectively communicate and collaborate with diverse internal and external stakeholder groups and individuals * Friendly presence, helpful attitude, good interpersonal skills, and ability to work well with others. * Excellent skills in Microsoft Word, Excel, and other Office applications * Proficient with Microsoft Office Applications, and experience working in a home office setting, as well as the ability to train end users on frequently asked technical issues. * Ability to provide technical assistance and support over the phone; good phone skills, professional demeanor, and previous customer service experience strongly desired. * Good problem-solving skills: ability to visualize a problem/situation and think abstractly to solve it How you'll grow At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers. Benefits At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits. Learn more about what working at Chenega MIOS can mean for you. Chenega MIOS's culture Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives. Corporate citizenship Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Chenega's impact on the world. Chenega MIOS News- ***************************** Tips from your Talent Acquisition Team We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links: Chenega MIOS web site - ******************* Glassdoor - ******************************************************************************** LinkedIn - ***************************************** Facebook - ************************************* #Chenega Agile Real Time Solutions, LLC Estimated Salary/Wage USD $151,300.00/Yr. Up to USD $160,000.00/Yr.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. + **Continuous learning:** You'll develop the mindset and skills to navigate whatever comes next. + **Success as defined by you:** We'll provide the tools and flexibility, so you can make a meaningful impact, your way. + **Transformative leadership:** We'll give you the insights, coaching and confidence to be the leader the world needs. + **Diverse and inclusive culture:** You'll be embraced for who you are and empowered to use your voice to help others find theirs. EY accepts applications for this position on an on-going basis. **If you can demonstrate that you meet the criteria above, please contact us as soon as possible.** EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. For those living in California, please click here (********************************************************************************************************************************************************************** for additional information. EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at **************************

VTG is searching for a Cyber Security Analyst professional who is interested in joining a fast-paced and dynamic work environment supporting Navy Shipbuilding. The candidate will provide direct support to the DDG 1000 Zumwalt Class Destroyer Program Office, working collaboratively with the Systems Engineering team and Cyber Security Analysts. The physical location of this position is flexible, (Hybrid) will be onsite at the Washington Navy Yard in Washington, DC or may be 30 miles from the nearest Naval base. What will you do? * Provide expertise in Cyber Security engineering, Navy Risk Management Framework (RMF) process and validation, Navy Cloud Broker processes, and systems engineering. * Support Zumwalt-class Total Ship Computing Environment (TSCE) with security engineering and testing. * Support PMS 500 with transitioning the business system on the ship to a cloud-based environment. * Support PEO IWS 9 and PMS 500 with security engineering and accreditation of TS/SCI domain on Zumwalt-class ships. * Process daily requirements in eMASS to include POA&Ms, IAVAs, Control Test Results (Control Correlation Identifiers [CCIs]), Categorization forms, PPSMs, SAPs, SLCMs and Inheritance updates. * Author I-Assure RMF templates to be routed through PMS 500 and IWS 9. * Create Conditional Access Requests (CARs) & High Risk Escalations (HREs) for ISOs to be routed through CSRD. * Complete DADMS and VRAM updates on a daily basis. * Test and correlate STIGs and SRGs, mapping results to RMF policy and Standard Operating Procedures (SOPs). * Create DoD approved diagrams from the DISM Connection Process Guide (CPG) to include Accreditation Boundary, Security Architecture, and Information Flow Management. Do you have what it takes? Required skills: * Bachelor's Degree in Computer Science, Electrical/Computer Engineering or the equivalent combination of education, technical certifications and/or training and work experience. * 6 years Cyber Security Engineering and Assessments, systems engineering, and project management * 3 years of directly related RMF experience or DoD Information Systems Security Engineering (ISSE) experience, NIST 800 series, eMass, NIPR & SIPR * CISSP, Navy Qualified Validator (NQV) Level II+. * Must have CompTIA Security+ * Must have an Active DOD Secret Clearance * Have an extensive background in ISSE and/or ISSO work. Candidate should be comfortable with technical writing. * Have an extensive working knowledge of NIST SP 800-53, 800-60, 800-37, 800-18, 800-160, 800-39, OMB Circular A-130, CNSS and FISMA. Preferred skills: * Experience with DoD processes and procedures, DDG 1000 or similar systems, SABI/TSABI (CDS accreditation) process, AWS/Azure Government cloud implementation, IATO/ATO testing, dcu,

In today's digital world, technology sits at the center of every decision, bringing both new risks and opportunities. As an Audit & Assurance Analyst, you could help our industry-leading clients navigate the risks and opportunities that come with innovation. From evaluating system controls to advising on compliance, you will be part of a team that drives resilience, trust, and future-ready solutions. Recruiting for this role ends on May 29, 2026. Work You'll Do As an Analyst, you will have the opportunity to work on projects to help our clients design, assess, and remediate technology controls. Specific areas of work could include: + Assist clients in advancing the quality of information disclosed to markets and investors to meet regulatory and attestation requirements + Evaluate accounting systems and controls to identify areas for improvement and utilize established methodologies to enhance clients' information technology controls and technology risk management programs + Perform internal audit assurance activities (internal audits over financial, operational, compliance, IT, SOX and QARs), consult with engagement leadership and clients on strategic plans and other business matters, and help to anticipate emerging risks for our clients + Create and manage SOC 1, SOC 2, and SOC 3 reports, ensuring all third-party services meet the required principles and standards + Oversee the implementation of new systems, ensuring they are executed efficiently and align with industry standards, client objectives and regulatory requirements + Perform internal control assessments, anticipate and identify emerging risks, and provide clients with proactive solutions and risk mitigation strategies + Develop recommendations to enhance business processes and systems based on audit findings Regardless of project type, your work will require: + Proficiency in verbal and written communication skills essential to interacting with clients and teams + Ability to work independently and manage multiple projects/assignments/ responsibilities in a fast-paced environment + Problem solving and critical thinking skills in support of both innovative and operational enhancement opportunities + Ability to collaborate and communicate across Deloitte team members and client stakeholders + Ability to identify, learn, understand, and implement new concepts, frameworks and emerging technologies + Ability to manage own personal and professional development; seek opportunities for professional growth and expansion of consulting skills and experience + A strong understanding of Windows Based systems and proficiency with Microsoft Excel, Word, and PowerPoint The Team Our team culture is collaborative and encourages team members to take initiative and seek on-the-job learning opportunities. Audit & Assurance services are focused on engagements related to independent External Audit services, Accounting, Controls & Reporting Advisory, and Specialized Assurance & Sustainability. We bring together the diverse skills and industry experience of our people, leading-edge technology, and a global network to deliver high-quality audits of financial statements and internal controls over financial reporting, along with assurance reports and valuable advice and insights across the corporate reporting landscape. Learn more about Deloitte Audit & Assurance. Qualifications Required: + Bachelor or Master's degrees in the following majors will be considered: + Accounting or related degree with a concentration in management information systems, business analytics or other business technology related areas + Technology related degree such as Management Information Systems, Business Analytics, Computer Science, Computer Information Systems, Data Analytics, Engineering, Information Science/Management and Math + Other technical majors will be considered with a concentration in accounting or a related area + Limited immigration sponsorship may be available + Strong academic record, cumulative GPA of 3.0 or above + You should reside within a commutable distance of your assigned office with the ability to commute daily, if required + You can expect to co-locate on average 3 times a week with variations based on types of work/projects and client locations + Ability to travel up to 50%, on average, based on the type of work you perform and the clients served Preferred: + Meets minimum educational requirements for CPA licensure (which may differ from the educational requirements to sit for the CPA exam) in the state of your assigned office location prior to beginning full-time employment + Cumulative GPA of 3.2 or above + Relevant work experience or work experience in a professional environment (e.g. internships, summer positions, school jobs) + Demonstrated recent leadership role(s), such as in a campus club, society, sports teams or other activity Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $58,730 to $117,880. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

The Opportunity Within our Enterprise Cybersecurity organization, you will work closely with the Security Intelligence team and be responsible for performing threat research, leverage real world adversarial techniques and create detections. The Team Within the Security Operations Center, partner with Incident Response Teams for Red/Purple Team assessments and work with Security Intelligence to identify and test real world adversarial tactics, techniques, and procedures. The Impact Utilize both manual and automated synthesize OSINT, simulate threat actor TTPs and create detections. Key Responsibilities: Threat research, detection, and response activities, including the development and maintenance of detection content and threat hunting missions. Analyze and synthesize intelligence from various sources to identify risks and provide actionable insights. Create and execute adversary simulation exercises (red/purple team) to evaluate and enhance security controls and incident response effectiveness. Research and develop offensive security techniques, tools, and automation frameworks to improve simulation and testing capabilities. Advise on threat mitigation strategies for emerging threats and vulnerabilities. Support incident response engagements and provide expert advisory on scoping, containment, and eradication strategies. The Minimum Qualifications Associates degree 2+ years of experience in cyber security The Ideal Qualifications: Degree in Cyber Security 4+ years of experience in information security, focusing on threat detection, incident response, and adversary simulation (red and purple teaming). Expertise in developing threat detection rules, both signature-based and behavior-based analytics. Hands-on experience with offensive security tools such as CobaltStrike, Mythic, Evilginx, Outflank C2, and OST. Proficient in multiple programming languages including Python, C#, C/C++ and GoLang and familiarity with Windows/MacOS internals. Proficient with SIEM and EDR platforms, including but not limited to Splunk, SumoLogic, and CrowdStrike Falcon EDR/LogScale. Strong understanding of identity management platforms like Okta, Microsoft EntraID, and Active Directory, including identity-based attacks. Security automation expertise using Python scripting, Palo Alto Cortex XSOAR, and GitOps practices. What to Expect as Part of MassMutual and the Team Regular collaboration with the Security Intelligence Team and other stakeholders. Focused one-on-one time with your manager. Access to mentorship opportunities. Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups. Access to learning content on Degreed and other informational platforms. #LI-RK1 MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status. If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.

Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The organization is responsible for preventing malicious actors from compromising our environment as well as detecting and responding to them before they can do damage. We ensure that we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.We are looking for an experienced Security Engineer to join our Identity, Authentication & Access Management (IAM) leadership team to drive cross-company initiatives to reduce access risk, while maintaining an acceptable balance of friction for our workforce. **Required Skills:** Security Engineer, Access Risk Responsibilities: 1. Proactively identify and prioritize areas of access risk across the company. 2. Lead major cross-company workstreams to deploy capabilities from multiple security teams to mitigate this risk. 3. Understand technical implementation of Meta's highest-risk assets (eg. our social graph cache) and design appropriate solutions to reduce internal access risk. 4. Understand how our workforce interacts with assets across the company, and pursue opportunities to reduce friction and help the company move fast. 5. Work with policy and legal teams to strengthen our standards and governance, and software engineering teams to influence design of our core access control systems. 6. Influence asset-owning teams and their leadership across Meta to adopt appropriate access control designs and operational processes. **Minimum Qualifications:** Minimum Qualifications: 7. Understanding of how to manage security risks in a fast-moving environment 8. Significant experience in driving large cross-company engineering initiatives 9. Experience communicating and influencing across functions to drive solutions 10. Experience delivering executive-level security strategies 11. Engineering experience and capacity to understand and reason about complex technical systems 12. B.S. Computer Science or equivalent work experience 13. 10+ years of work experience in software or security engineering **Preferred Qualifications:** Preferred Qualifications: 14. Practical experience with authorization or access management solutions **Public Compensation:** $213,000/year to $293,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Lead Information Security Engineer is a member of the Industrial Security team supporting Lumen Government Services and is responsible for performing cybersecurity compliance actives in support of government contracts as well as Lumen Product and Services targeting the Government market. The Lead Information Security Engineer must execute all six phases of the Risk Management Framework (RMF) process in accordance with FISMA, DoD, FIPS, and NIST requirements and policy. Responsibilities include developing RMF documentation (System Security Plan, Security Control Traceability Matrix, Plan of Action & Milestones, various Standard Operating Procedures, Continuous Monitoring Plan, etc), tracking/resolving vulnerabilities, performing continuous monitoring activities, developing security policies, and supporting cybersecurity guidance and compliance related activities. The Lead Information Security Engineer works closely with Lumen government customers (Federal and State), Lumen government program teams, Lumen operational teams, Lumen security teams, as well as Lumen Product and Services teams targeting our government customers. A successful candidate will have excellent communications skills and experience presenting cybersecurity issues to a wide variety of audiences. The candidate must be able to work independently and as a team leader to develop and execute strategies. The candidate must possess and maintain a broad technical knowledge of current and emerging technologies used within corporate infrastructure and government customer infrastructure. **The Main Responsibilities** + Perform as an Information Systems Security Officer (ISSO) for government system + Achieve and maintain ATO (Authority to Operate), as required. + Write System Security Plans (SSP), Plan of Actions & Milestones (POA&M), Continuous Monitoring Plan, Risk Assessments, Privacy Impact Analyses (PIA), and supporting documentation for systems subject to NIST SP 800-53 + Lead Security Assessment and Authorization processes and procedures + Manage cybersecurity audits by federal departments/agencies, including third party auditors + Develop and complete continuous monitoring reports and briefings + Interface with appropriate government agencies, company management and employees, customers, vendors, and suppliers to ensure understanding of and compliance with security requirements + Review vulnerability and compliance scan results (Nessus, Qualys, etc), and work with the various team members to remediate vulnerabilities, and track ongoing vulnerability status and remediation activities + Conduct periodic reviews to ensure compliance with established policies and procedures + Investigate and document cybersecurity incidents, as well as provide protective and corrective measures in response to such incidents + Report all cybersecurity incidents to the program Information Systems Security Managers (ISSM) through reports and briefings + Participate in the change management process to ensure changes to software, hardware, and firmware do not adversely impact the security of an environment + Develop, facilitate, and present information security awareness and security training on various customer and corporate security policies + Coordinate and participate in business development opportunities related to cybersecurity compliance to include evaluating Requests for Information (RFI) and + Requests for Proposal (RFP) from government customers and documenting cybersecurity responses + Recommend security best practices and system configuration standards **What We Look For in a Candidate** + 6+ years or experience performing cybersecurity, certification & accreditation (C&A), or assessment & authorization (A&A) related activities + Excellent oral and written communication skills, collaboration skills, and experience in presenting cybersecurity issues to all levels of management, as well as non-technical staff + Strong work ethic, demonstrated self-starter with the ability to work in a fast paced, team-oriented environment + Uses strong interpersonal skills to build partnerships with stakeholders and peers + Ability to successfully complete Government suitability and/or Government personnel security requirements is highly desired. + Education: Bachelors or equivalent years of experience. + Professional cybersecurity certification (CISSP, CISM, GSLC, CCISO) **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. \#GSS Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** \#LI-JS1 Requisition #: 338652 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 07/11/2025

Who Are We? Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it. Job CategoryTechnologyCompensation Overview The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards. Salary Range$123,000.00 - $203,000.00Target Openings1What Is the Opportunity?Travelers is seeking an Application/Data Security Engineer II to join our organization as we grow and transform our Technology landscape. Individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with software engineering teams and security champions on security and performs application security testing. Provides guidance on testing to Application/Data Security Engineer I. Performs application architecture security reviews.Partners across Cybersecurity and Architecture on testing and remediation of vulnerabilities and Cybersecurity patterns.What Will You Do? Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling, code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals. Perform analysis, assessment and resolution for security defects and incidents of advanced complexity and escalate appropriately. Work independently to tackle well-scoped and loosely scoped problems. Seek opportunities to expand technical knowledge and capabilities. Provide technical guidance and mentorship to less experienced employees. Perform other duties as assigned. Perform other duties as assigned. What Will Our Ideal Candidate Have? Four years of system security experience. Delivery - Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace to achieve commitments, contribute to the software design strategy and methodologies used to best meet the system requirements, consider and build for many different use cases, avoid over engineering, and ensure automation, deliver complete solutions but release them in small batches, and identify important tradeoffs and negotiate them. Domain Expertise - Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively and aware of industry trends, demonstrate willingness, cooperation, and concern for business issues and priorities, and possess in depth knowledge of immediate systems worked on and some knowledge of adjacent systems. Problem Solving - Strong problem solver who ensures solutions are built for the long term, is able to resolve new issues, recognizes mistakes using them as learning and teaching opportunities and consistently breaks down large problems into smaller, more manageable ones. Communication - Strong communicator who possesses the ability to articulate information clearly and concisely with the business, document work in a clear, easy to follow manner, collaborate well with team members as both a mentor and mentee, take in vague requirements and ask the right questions to ensure clarification, offer feedback appropriately and effectively, seek out and receives constructive criticism well, listen when others are speaking and make space for colleagues to share their thoughts. Leadership - Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers and a proven track record of self-motivation in identifying opportunities and tracking team efforts. What is a Must Have? Bachelor's degree in Computer Science or a related field, or its equivalent in work experience Three years of system security experience. What Is in It for You? Health Insurance: Employees and their eligible family members - including spouses, domestic partners, and children - are eligible for coverage from the first day of employment. Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers. Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays. Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs. Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice. Employment Practices Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences. In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions. If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you. Travelers reserves the right to fill this position at a level above or below the level included in this posting. To learn more about our comprehensive benefit programs please visit *********************************************************

Senior Security Engineer - IS07FE We're determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals - and to help others accomplish theirs, too. Join our team as we help shape the future. The Hartford's Information Protection (THIP) organization is looking a Directory Services engineer, this position will be part of the primary technical team tasked with engineering and maintaining directory services platforms, specializing in HashiCorp Vault. The individual will have the opportunity to help shape the future direction and use of HashiCorp Vault as currently deployed at the Hartford. Additionally, the position will have broad accountabilities around currency, patching and operational support metrics for Vault. This role will provide thought leadership, professional support and valued contributions to a range of production support, development and project activities. We are looking for an experienced professional, who has a breadth of knowledge and skills across various technical acumens, along with an understanding of industry best practices. The right person will develop a deep understanding of Vaults usage and consumption, continuously advocate for automation and process efficiency, and where necessary challenge and influence management to take actions to appropriately utilize the systems. The role is heavily focused on ensuring currency and stability in the environment. Technical Expert for engineering and support for HashiCorp Vault - Includes monitoring overall health and well-being of the Vault environments, playing a key role on the current team as an ambassador for currency and stability, and analyzing and implementing required changes, patches and upgrades for Vault. Technical support for DR and Cyber Resilience testing - includes planning, testing and support activities for DR testing and Cyber Resilience recovery testing for Vault. This includes review of current process and designing and implementing improvements and efficiencies. Spearhead growth of Vault into AWS - Accountable for developing the plan and path for integrating HashiCorp Vault into AWS. Includes the plan for new / added infrastructure, design patterns for implementations, partnering with AWS partners for determining best use cases and developing a roadmap for implementation and support. Process design / automation implementation - Includes reviewing the current implementations and processes associated with Vault and helping design more efficient and automated solutions where feasible. Qualifications + 2+ years supporting HashiCorp Vault + A broad and diverse technical background. + Fluent in multiple authentication types and patterns (approle w/ trusted entities, Kerberos, LDAP, Kubernetes, OIDC, etc) + 4+ years supporting directory services and/or identity management related technologies + Expert knowledge in the use and configuration of various secrets engines (LDAP, AWS, KV2, etc...) + Strong understanding of best practices with short lived credentials and token TTLs. + Understanding of the use of performance cluster and DR clusters + Powershell / C# .NET knowledge + Splunk & audit log analysis beneficial + Strong overall knowledge of Windows servers + A track record in production support / system support activities. + Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate actions. + Confidence to effectively influence others to modify their opinions, plans, or behaviors. + Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part. + Organizational skills that enables one to work on several tasks simultaneously, providing management with appropriate insight into the workload and priorities. + Original and innovative thinking that produces new ideas and creates innovative solutions. + Demonstrated ability to develop and implement process improvement initiatives. + BS or MA in Engineering, Computer Science, Information Security, or related field preferred Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position. Compensation The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartford's total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is: $127,200 - $190,800 Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age About Us (************************************* | Culture & Employee Insights (***************************************************** | Diversity, Equity and Inclusion (********************************************************* | Benefits (********************************************* Every day, a day to do right. Showing up for people isn't just what we do. It's who we are - and have been for more than 200 years. We're devoted to finding innovative ways to serve our customers, communities and employees-continually asking ourselves what more we can do. Is our policy language as simple and inclusive as it can be? Can we better help businesses navigate our ever-changing world? What else can we do to destigmatize mental health in the workplace? Can we make our communities more equitable? That we can rise to the challenge of these questions is due in no small part to our company values that our employees have shaped and defined. And while how we contribute looks different for each of us, it's these values that drive all of us to do more and to do better every day. About Us (************************************* Our Culture What It's Like to Work Here (************************************************** Perks & Benefits Legal Notice (***************************************** Accessibility StatementProducer Compensation (************************************************** EEO Privacy Policy (************************************************** California Privacy Policy Your California Privacy Choices (****************************************************** International Privacy Policy Canadian Privacy Policy (**************************************************** Unincorporated Areas of LA County, CA (Applicant Information) MA Applicant Notice (********************************************

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. The Global Technology Microsoft Center of Excellent (MCoE) drives strategic direction and enablement. We accelerate innovation and learning, advance sales and delivery excellence by amplifying Slalom's proven local model with high-caliber Microsoft technology expertise. Our focus is Microsoft's six go-to-market solution areas: Modern Work, Security, Azure Infrastructure, Digital & Application Innovation, Data & AI, and Business Applications. Slalom is targeting a Principal hire for this role. What You'll Do * Implement and manage security solutions for Microsoft environments. * Focus on enhancing the end user experience across secure solution architectures. * Deploy tailored M365 Compliance configurations with Purview Information Protection, Data Loss Prevention (DLP), data lifecycle management, and records management. * Implement and manage Azure data governance solutions. * Collaborate with IT and security teams to ensure compliance with security policies. * Conduct security audits and assessments. * Provide technical support and guidance on security matters. * Develop and maintain security policies, standards, and guidelines. * Stay current with emerging security threats and technologies. Who You Are * Experience as a Microsoft Security Engineer or similar role. * Proficiency in Microsoft security technologies and tools, including Purview Information Protection, DLP, data lifecycle management, records management, and Azure data governance. * Strong troubleshooting and problem-solving skills. * Excellent communication and teamwork skills. * Ability to work independently and as part of a team. * Strong understanding of security best practices and regulatory requirements. * Experience with security frameworks such as NIST, ISO 27001, and CIS Controls. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position at the Principal level the base salary pay range is $122,000 to $225,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applicants until 6/13/2025..

Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. **What We're Looking For** As a Cloud Security Engineer in the Secure Product & Infrastructure program, you will be part of a highly technical team, actively working to build security into Datavant's infrastructure. You'll play a key role helping to build secure patterns, and enabling engineering teams to move fast, while being secure. **What You Will Do** + Use your strong understanding of AWS security to help Datavant navigate all the traps of good AWS products vs. great AWS products and know when to be thoughtful on use. + Have strong experience and understanding of containerization, as well as operating and securing Kubernetes clusters. + Have a point of view on secure continuous development and represent it as Datavant continues to mature working collaboratively with other team members. + Have a point of view on secure network controls and the deep design paradigms of secure cloud networking, and overlay networks. + Have experience working with engineering teams, helping to tune WAF rules for applications. + Review components being built in our cloud infrastructure (via pull request reviews and contribution). During these reviews you'll be mentally present and use your ability to evaluate risk such that you have a great impact on the delivery of secure code. This role is not merely a +1. + You will have an understanding of risks, but may have some knowledge gaps in depth of risk management. It's OK, we'll teach you. The core skill set you bring to the table is a development mindset. + Work directly with DevOps peers to help build practical and usable security into the SDLC and AWS. + Own new projects for advancing security in our environment. Be a technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness. **What You Need to Succeed** + You are humble. + You have an "automation first" mindset. + You can build Infrastructure as Code in Terraform. It is expected that you have a "git native" skillset. + You can articulate start to finish what a secure release cycle should look like in detail. + You have opinions and options on most of the steps. + You are a consummate collaborator, it's inherent in your work behavior. + You value time deeply and optimize for greatest impact. + 3+ years of working in at least 1 major public Cloud provider and a desire to learn a second. + 2+ years of operating, and securing Kubernetes clusters. + Broad scoped projects don't scare you, they energize you. However, you like to get things done fast (and help others) with limited dependencies. **What Helps You Stand Out** + You are often viewed as the "expert in the room" on cloud security in your current role. + You have experience with SCA, SAST, and secrets detection. + You have experience with security in healthcare or other highly regulated space. Examples: FEDRAMP, HIPAA/HITRUST, SOC 2, PCI experience from an operational response standpoint. We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated total cash compensation range for this role is: $152,000-$190,000 USD To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Depending on the state in which you will be working, exemptions may be available on the basis of disability, medical contraindications to the vaccine or any of its components, pregnancy or pregnancy-related medical conditions, and/or religion. This job is not eligible for employment sponsorship. Datavant is committed to a work environment free from job discrimination. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. To learn more about our commitment, please review our EEO Commitment Statement here (************************************************** . Know Your Rights (*********************************************************************** , explore the resources available through the EEOC for more information regarding your legal rights and protections. In addition, Datavant does not and will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your answers will be anonymous and will help us identify areas for improvement in our recruitment process. (We can only see aggregate responses, not individual ones. In fact, we aren't even able to see whether you've responded.) Responding is entirely optional and will not affect your application or hiring process in any way. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please contact us at *********************** . We will review your request for reasonable accommodation on a case-by-case basis. For more information about how we collect and use your data, please review our Privacy Policy (**************************************** .

M.C. Dean is Building Intelligence. We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises. Our success relies on great people delivering innovative projects and solutions for Fortune 100 companies and the most recognized agencies in government, defense, and security. Join our more than 4,500 employees worldwide who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together we are creating the integrated systems and technologies that shape the built and cyber-physical world. We offer an excellent benefits package including: * A competitive salary * Medical, dental, vision, life, and disability insurance * Paid-time off * Tuition reimbursement * 401k Retirement Plan * Military Reserve pay offset * Paid maternity leave Salary Range: $104,080- $156,120 Position Overview: M.C. Dean is seeking to hire a Cyber Security Specialist 3 to support the CIM Business Unit. The candidate will be required to travel to CONUS and OCONUS Government and Commercial facilities to support the development and implementation of the DoD Risk Management Framework (RMF) process. Responsibilities Position Responsibilities: * Conduct ICS/SCADA system inventories following guidance including, but not limited to U.S. Army ICS Inventory Methodology and Unified Facilities Criteria (UFC) 4-010-06, Cybersecurity of Facility-Related Control Systems. * Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process. * Implement Implementation of DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems. * Conduct vulnerability scanning and document system vulnerabilities. * Work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts. Qualifications Required Education & Experience: * 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity * 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity * 8+ years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity * 11+ Years with a High School Diploma * Ability to process and operate application software, to include word-processing, spreadsheets and databases. * Position requires a TSC/SCI w poly clearance * Must meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 2, IAT (Information Assurance Technical) Level 2, OR IASAE (Information Assurance System Architect and Engineer) Level 2. * Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows. * Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.). Additional Preferred Qualifications: * 5+ years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems * Strongly preferred: Meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 3, IAT (Information Assurance Technical) Level 3, OR IASAE (Information Assurance System Architect and Engineer) Level 3 * Familiarity with various industry ICS products * Experience implementing a variety of security assessment tools * Implementation of DoD Security Technical Implementation Guides (STIGs) * Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark) * Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation * Strong written and verbal communication skills Ability to coordinate with and support multiple team members, vendors, and government customers * Ability to identify, maintain, and troubleshoot HMI components * Ability to identify, maintain, and troubleshoot control network components * Ability to interpret drawings both mechanical and electrical * Ability to identify, maintain, and utilize SCADA systems and KPI's * Ability to train others with lesser skills * Ability to access all levels and areas of the facility * Working knowledge of EMS/SCADA or other operational control systems. * Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols * Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility * Awareness of DoD Risk Management Framework (RMF) process. * Possession of excellent customer service and organization skills. * Possession of excellent oral and written communication skills. Preferred Certifications: * Certified Information Systems Security Professional (CISSP) * Certified Ethical Hacker (CEH) * Certified SCADA Security Architect (CSSA) Related Control Systems. Abilities: * Exposure to computer screens for an extended period of time. * Sitting for extended periods of time. * Reach by extending hands or arms in any direction. * Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard. * Listen to and understand information and ideas presented through spoken words and sentences. * Communicate information and ideas in speaking so others will understand. * Read and understand information and ideas presented in writing. * Apply general rules to specific problems to produce answers that make sense. * Identify and understand the speech of another person.

Must have: Application security, Relevant security certifications , Devops, OWASP Duties: The Opportunity We are seeking an experienced Application Security Engineer to join our Software Security team and take charge of ensuring the security and integrity of our software applications. The ideal candidate will have advanced knowledge of secure software development, extensive experience with identifying vulnerabilities, and the ability to implement robust security solutions. This role will require collaboration with development teams, security architects, and other stakeholders to integrate security best practices into all stages of the software development lifecycle. Description: Your key responsibilities will consist of the following to ensure applications are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Conduct in-depth security assessments, including vulnerability scanning, and code reviews. Leverage automated tools and manual testing techniques to identify, risk assess and prioritize and propose mitigation strategies for identified threats and application-level vulnerabilities (e.g., OWASP Top 10, etc.) ensuring our applications meet security standards and reducing exposure to data breaches. Collaborate with security architects to design secure application architectures that align with industry best practices. Ensure secure coding practices are followed, and security controls are incorporated into software designs. Conduct detailed threat modeling to identify attack vectors and potential weaknesses. Collaborate with our SDLC Council to develop and maintain secure coding standards, empowering developers to integrate security into the development process. Partner with DevOps teams to implement security within CI/CD (continuous integration & delivery) pipelines for automated and seamless deployment of secure code. Assist in incident response activities related to application security breaches, providing rapid identification and mitigation guidance. Ensure compliance with security regulations, frameworks, and industry standards such as OWASP. Leverage reporting tools to demonstrate the overall risk through metrics (KPIs, KRIs, OKRs) of vulnerabilities and code defects to MassMutual's cyber assets for various team leaders and executive leadership for risk prioritization and enablement of risk-based decision-making. Stay up to date with the latest security threats, vulnerabilities, and industry trends to inform and improve security strategies. Strong problem-solving abilities and analytical thinking. Excellent communication skills to explain security issues to both technical and non-technical stakeholders. A team player with the ability to work in a collaborative, fast-paced environment. Office location worker is associated with: Springfield, MA, Boston, MA, or NY, NY. Skills: Bachelor's or master's degree in computer science, Information Security, or a related field. Minimum of 5+ years of experience in application security, penetration testing, or secure software development. The Ideal Qualifications Relevant security certifications such as CEH, OSCP, or GWAPT) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis. Experience in integrating security into DevOps (DevSecOps) and CI/CD environments. Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), container security, and API security. Familiarity with SAST, DAST, and IAST tools. Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations. Advanced understanding and experience with writing source code (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.). Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes. Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers). Knowledge of compliance and regulatory frameworks (SOC 2, etc.).

We are seeking an experienced Application Security Engineer to join our Software Security team and take charge of ensuring the security and integrity of our software applications. The ideal candidate will have advanced knowledge of secure software development, extensive experience with identifying vulnerabilities, and the ability to implement robust security solutions. This role will require collaboration with development teams, security architects, and other stakeholders to integrate security best practices into all stages of the software development lifecycle. The Impact Your key responsibilities will consist of the following to ensure applications are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Conduct in-depth security assessments, including vulnerability scanning, and code reviews. Leverage automated tools and manual testing techniques to identify, risk assess and prioritize and propose mitigation strategies for identified threats and application-level vulnerabilities (e.g., OWASP Top 10, etc.) ensuring our applications meet security standards and reducing exposure to data breaches. Collaborate with security architects to design secure application architectures that align with industry best practices. Ensure secure coding practices are followed, and security controls are incorporated into software designs. Conduct detailed threat modeling to identify attack vectors and potential weaknesses. Collaborate with our SDLC Council to develop and maintain secure coding standards, empowering developers to integrate security into the development process. Partner with DevOps teams to implement security within CI/CD (continuous integration & delivery) pipelines for automated and seamless deployment of secure code. Assist in incident response activities related to application security breaches, providing rapid identification and mitigation guidance. Ensure compliance with security regulations, frameworks, and industry standards such as OWASP. Leverage reporting tools to demonstrate the overall risk through metrics (KPIs, KRIs, OKRs) of vulnerabilities and code defects to cyber assets for various team leaders and executive leadership for risk prioritization and enablement of risk-based decision-making. Stay up to date with the latest security threats, vulnerabilities, and industry trends to inform and improve security strategies. Strong problem-solving abilities and analytical thinking. Excellent communication skills to explain security issues to both technical and non-technical stakeholders. A team player with the ability to work in a collaborative, fast-paced environment. The Minimum Qualifications Bachelor's or master's degree in computer science, Information Security, or a related field. Minimum of 5+ years of experience in application security, penetration testing, or secure software development. The Ideal Qualifications Relevant security certifications such as CEH, OSCP, or GWAPT) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis. Experience in integrating security into DevOps (DevSecOps) and CI/CD environments. Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), container security, and API security. Familiarity with SAST, DAST, and IAST tools. Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations. Advanced understanding and experience with writing source code (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.). Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes. Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers). Knowledge of compliance and regulatory frameworks (SOC 2, etc.). Education: Bachelor's or master's degree in computer science. Skills and Experience: Required Skills: MITIGATION CLOUD SECURITY METRICS SCANNING GCP Additional Skills: SOC INFORMATION SECURITY API DYNAMIC ANALYSIS C JAVA MAVEN AMAZON WEB SERVICES PROBLEM-SOLVING GITHUB DEPLOYMENT REPORTING TOOLS INCIDENT RESPONSE C/C++ CONTINUOUS INTEGRATION/DELIVERY TERRAFORM CODING DEV OPS EXCELLENT COMMUNICATION SKILLS JAVASCRIPT SOFTWARE SECURITY COMPTIA PYTHON STRUCTURED SOFTWARE GIAC SDLC JENKINS CODING STANDARDS TEAM PLAYER GRADLE KUBERNETES

What we're all about. We find, when we come together in the pursuit of excellence, great things happen. And that's how we do things at Quantexa - together. Our business is data, but our culture is collective. We're about growth - but not just the bottom line. We create a culture where people feel empowered to do their best work. We might work across continents and time zones, but that doesn't stop us from collaborating. We're connected. We celebrate our successes together, and we unite to tackle the challenges. 41% of our colleagues come from an ethnic or religious minority background. We speak over 20 languages across our 47 nationalities, creating a sense of belonging for all. At Q, we're looking for people who share that vision. People like you. You will be expected to. As a Senior Security Engineer at Quantexa, you will play a pivotal role in shaping and securing our cloud-native environments across Azure and GCP. Leveraging your deep expertise in cybersecurity best practices, threat actor tactics, and modern detection techniques, you will help design, implement, and maintain secure systems that support our internal and client-facing environments. You will join the Security Operations team, reporting to the Cyber Security Manager, and be expected to contribute immediately by working with the team and advising the Cyber Security Manager to securely onboard, develop, deploy and manage new technologies within Quantexa from a security aspect. You will also be responsible for reviewing existing deployments, identifying areas for enhancement, and contributing to our continuous improvement workflows to ensure our security posture evolves with emerging threats. Your role will include interpreting open-source threat intelligence reports and translating them into actionable detection rules aligned with the MITRE ATT&CK framework. You'll also conduct proactive threat hunting to identify and test indicators of compromise before they escalate. Collaboration is key. You will work closely with the Information Security team on initiatives such as penetration testing, red teaming, SOC operations, and compliance-based audits (ISO, SOC2 and Cyber Essentials). You'll also partner with IT, DevOps and other stakeholders to embed security into every layer of our infrastructure. Strong communication skills are essential. You will be expected to clearly articulate complex technical concepts to non-technical audiences, influence stakeholders across the business, and advocate for adopting security best practices in conjunction with the Cyber Security Manager. Your ability to build trust and drive alignment will be critical in embedding security into our operations and culture.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for an Incident Response Engineer with experience coordinating, investigating and responding to internal and external threats. You will help the team establish, lead and execute multi-year roadmaps to mature investigative and response services, drawing upon automation and cross functional partnerships to create scalable and maintain high standards of operational competence. **Required Skills:** Security Engineer, Incident Response Responsibilities: 1. Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution 2. Develop Incident Response initiatives that improve our functionalities to effectively respond and remediate security incidents 3. Refine operational metrics, key performance indicators, and service level objectives to measure Security Operations and Incident Response services 4. Influence and align the team's mission and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 5. Build, cultivate, and maintain successful relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work 6. Partner with cross-functional teams to solve challenges related to a broad spectrum of detection and response initiatives 7. Collaborate with software and production engineering teams to develop scalable and adaptable Incident Response and Investigative solutions 8. Focus on identifying areas of greatest impact for prioritizing, automating and scaling every aspect of our detection and response functionalities 9. Coach, mentor, support and care for the team in a way that enables long-term career development, happiness and success at scale **Minimum Qualifications:** Minimum Qualifications: 10. Bachelor of Science or Master of Science in Computer Science or related field, or equivalent experience 11. 8+ years of work experience in Security Incident Response and Detection and Response Engineering in a large, regulated organization 12. In-depth subject-matter knowledge in technical and process regarding Security Operations and Incident Response services 13. Experience developing and delivering information on incident and program status for leadership 14. Experience leading and managing complex cross-functional programs 15. Experience responding to both external and insider threats 16. Experience analyzing network and host-based security events 17. Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols 18. Knowledge of operating systems, file systems, and memory structures on Windows, mac OS and Linux 19. Coding/scripting experience in one or more general purpose languages 20. Experience with attacker tactics, techniques, and procedures **Preferred Qualifications:** Preferred Qualifications: 21. Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence 22. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigate suspicious behavior across networks and systems 23. Broad knowledge across the Security domain, as well as demonstrated experience in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development 24. Experience recruiting, building, and leading technical teams, including performance management **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Federal SOC Information Security Engineers will provide monitoring, triage, and escalation support for internal Federal SOC and External Customer operations. The SOC Information Security Engineers will work shifts to provide 24x7x365 coverage. SOC Information Security Engineers will work in tandem with other Information Security Engineers in the Global SOC and Federal NOC Organizations. **The Main Responsibilities** -Review SOC Shift end Summary and SOC activity logs, emails, tickets, cases and other monitoring tools for complete understanding of previous shift activities and incidents with the goal of maintaining the highest level of customer service by keeping track of the critical customer impacting issue. -Provide monitoring and responding to alerts and events within SLAs. Services and systems include but not limited to Splunk (internal/external SIEM), Firewalls alerts (MTIPS and MSS), TrendMicro Anti Virus, Tripwire File Integrity Checks, IDS/IPS for customers. -Monitor multiple ticketing systems and queues. Ensure tickets are created and notated within SLAs -Login to phone call queues to answer both internal and external calls -Work closely with FedNOC, the Federal SOC Tier II and Ops Eng teams -Escalate issues to Vendors, SOC Tier II and Ops Engineers as soon as there is a need -Adhere to all defined processes and procedures. -Provide process and operational improvement suggestions. -Performs a long-term project leadership role working towards the development of new solutions, processes, tools, systems that have company-wide and possibly industry-wide impacts. -Frequent contact with senior leadership of customers and contractors for the purpose of creating and presenting innovative long-term solutions and managing key relationships. Acts as a resource within the engineering and scientific communities to develop solutions or handle the most complex tasks for which existing methods and procedures may not apply. -Provides consultation and advice to Federal customers, engineers and management regarding work functions, processes, methods, procedures, and tools. Develops and delivers technical and process training, including, documentation in areas of expertise and innovative areas of technology. **What We Look For in a Candidate** -Tripwire, TrendMicro, Web Inspect, Tennable Nessus and Qualys vulnerability scanners, Splunk, Secure Log Management, Firewalls, Intrusion Detection. -Ability to diagnose Trip Wire Events, Trend Micro Events, System Events, Network Events from 4 Supported Environments with dissimilar architecture. -MFA provisioning, repair, revocation, re-provisioning, reporting, and troubleshooting experience. -Diagnose and identify reports and alerts within Splunk. -Isolate BGP alerts and notify customer and other operational teams of an event. -Perform Analytics on events from customer networks per CDM Framework. -Experience working out of a ticket queue and receiving inbound customer calls. -Experience managing Fortigates and Palo Alto Firewalls. -Equivalent educational experience. Above all, a motivated and trainable individual. Clearance: Government Suitability Clearance required. Certifications (preferred but not required): CEH, GIAC Certified Incident Handler (GCIH), CCNA, NSE4. Education: BS Computer Science or related areas with experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $66,375 - $88,500 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $69,694 - $92,925 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $73,013 - $97,350 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** Requisition #: 337163 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 07/25/2025

M.C. Dean is Building Intelligence. We design, build, operate, and maintain cyber-physical solutions for the nation's most recognizable mission-critical facilities, secure environments, complex infrastructure, and global enterprises. Our success relies on great people delivering innovative projects and solutions for Fortune 100 companies and the most recognized agencies in government, defense, and security. Join our more than 4,500 employees worldwide who engineer and deploy automated, secure, and resilient power and technology systems; and deliver the management platforms essential for long-term system sustainability. Together we are creating the integrated systems and technologies that shape the built and cyber-physical world. We offer an excellent benefits package including: * A competitive salary * Medical, dental, vision, life, and disability insurance * Paid-time off * Tuition reimbursement * 401k Retirement Plan * Military Reserve pay offset * Paid maternity leave Salary Range: $94,425 - $151,080 Position Overview: M.C. Dean is seeking to hire a Cyber Security Specialist 3 to support the CIM Business Unit. The candidate will be required to travel to CONUS and OCONUS Government and Commercial facilities to support the development and implementation of the DoD Risk Management Framework (RMF) process. Location: Onsite at JBAB Responsibilities Position Responsibilities: * Conduct ICS/SCADA system inventories following guidance including, but not limited to U.S. Army ICS Inventory Methodology and Unified Facilities Criteria (UFC) 4-010-06, Cybersecurity of Facility-Related Control Systems. * Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process. * Implement Implementation of DoD Security Technical Implementation Guides (STIGs) on traditional Information Technology (IT) and Operational Technology (OT) systems. * Conduct vulnerability scanning and document system vulnerabilities. * Work in a team environment alongside other cybersecurity engineers and Risk Management Framework (RMF) analysts. Required Education & Experience: * Active TS/SCI w/ polygraph clearance is required. * 3+ Years of Experience with a Master's Degree in Information Technology, Risk Management, Cybersecurity * 5+ Years of Experience with a Bachelor's Degree in Information Technology, Risk Management, Cybersecurity * 8+ Years of Experience with an Associate's Degree in Information Technology, Risk Management, Cybersecurity * 11+ Years with a High School Diploma * Ability to process and operate application software, to include word-processing, spreadsheets and databases. * Must meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 2, IAT (Information Assurance Technical) Level 2, OR IASAE (Information Assurance System Architect and Engineer) Level 2. * Documented training in the following areas: network infrastructure (Cisco), Microsoft Windows. * Experience working on government and/commercial projects implementing cybersecurity requirements in a variety of industrial control systems (e.g., building management, electronic security, fire alarm/mass notification, electrical distribution, power management, etc.). Qualifications Additional Preferred Qualifications: * 5+ years of experience working with industry and government agencies on the design of ICS platforms and integrated ICS systems * Strongly preferred: Meet the Department of Defense Directive (DoDD) 8570.01 "Information Assurance Training, Certification, and Workforce Management" and DoD 8570-M "Information Assurance Workforce Improvement Program" requirements for IAM (Information Assurance Manager) Level 3, IAT (Information Assurance Technical) Level 3, OR IASAE (Information Assurance System Architect and Engineer) Level 3 * Familiarity with various industry ICS products * Experience implementing a variety of security assessment tools * Implementation of DoD Security Technical Implementation Guides (STIGs) * Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks, ACAS, Wireshark) * Excellent understanding of the DoD RMF lifecycle and NIST 800-53 controls implementation * Strong written and verbal communication skills Ability to coordinate with and support multiple team members, vendors, and government customers * Ability to identify, maintain, and troubleshoot HMI components * Ability to identify, maintain, and troubleshoot control network components * Ability to interpret drawings both mechanical and electrical * Ability to identify, maintain, and utilize SCADA systems and KPI's * Ability to train others with lesser skills * Ability to access all levels and areas of the facility * Working knowledge of EMS/SCADA or other operational control systems. * Knowledge of SCADA protocols like Modbus, IEC 60870-5-101 or 104, IEC 61850 and DNP3 and other major SCADA protocols * Awareness of NIST Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security and UFC 4-010-06 Unified Facilities Criteria (UFC) Cybersecurity of Facility * Awareness of DoD Risk Management Framework (RMF) process. * Possession of excellent customer service and organization skills. * Possession of excellent oral and written communication skills. Preferred Certifications: * Certified Information Systems Security Professional (CISSP) * Certified Ethical Hacker (CEH) * Certified SCADA Security Architect (CSSA) Related Control Systems. Abilities: * Exposure to computer screens for an extended period of time. * Sitting for extended periods of time. * Reach by extending hands or arms in any direction. * Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard. * Listen to and understand information and ideas presented through spoken words and sentences. * Communicate information and ideas in speaking so others will understand. * Read and understand information and ideas presented in writing. * Apply general rules to specific problems to produce answers that make sense. * Identify and understand the speech of another person.