Cyber security analyst jobs in Erie, PA

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

JOB FUNCTION The Cybersecurity Engineer will be responsible for implementing and maintaining the firm's cybersecurity technology solutions, monitoring for security incidents and vulnerabilities, coordinating end user activities, and participating in the investigation and response of any breaches or attacks. The ideal candidate will be a self-starter who can work both independently and collaboratively with diverse technical and business teams. He or she will report to the Chief Information Security Officer. Additional responsibilities include: Managing the vulnerability management program, including internal and external scanning, monitoring threat feeds, news sources, and vendor bulletins for risks and tracking remediation Maintaining and monitoring control baselines, hardening standards, asset/coverage metrics, and configuration compliance Monitoring and documenting key performance indicators (KPIs) and governance, risk, and compliance (GRC) evidence Suggesting and evaluating new technologies Educating employees on security best practices to reduce the risk of human error Collaborating with the Cloud, Systems, Network, Database, Desktop, and Development engineering teams on risk identification, analysis, and remediation Assisting with vendor due diligence Assisting with physical security infrastructure projects, maintenance, and updates QUALIFICATIONS The ideal candidate should have the following experience: 3+ years of experience in a Security Engineer role Proficiency with managing EDR solutions, SIEM, network security, cloud security, mobile security, vulnerability management, identity and access management, encryption, and a solid understanding of operating systems like Windows and Linux Strong ability to analyze security data, identify threats, and create effective solutions Ability to document and communicate technical information clearly to both technical and non-technical audiences Scripting/automation experience a plus The ideal candidate possesses the following traits: Creativity: the ability to deploy different approaches and be resourceful. Intellectual curiosity: passion for learning and investigating a broad range of subject matter; satisfaction derived from the consumption and understanding of information and increasing knowledge base. Accountability: ownership of individual responsibilities and work product. Strong people skills: ability to build relationships internally and externally and to be versatile in engaging with different constituents.

We are seeking a highly skilled and motivated CyberArk PAM Administrator to support the deployment, configuration, and ongoing management of privileged access management (PAM) and cybersecurity technologies. This role is ideal for a cybersecurity professional who enjoys working in collaborative environments, driving secure system design, and supporting enterprise-scale security initiatives. The successful candidate will play a key role in implementing new cybersecurity solutions, supporting infrastructure upgrades, and ensuring systems are secure, reliable, and well-documented. This position offers the opportunity to work with modern security platforms while contributing to the organization's overall cyber maturity and growth. Key Responsibilities Implement and support new deployments of cybersecurity technologies, including CyberArk PAM and related security products. Assist with infrastructure upgrades to support application growth and evolving cybersecurity requirements. Configure, deploy, and maintain systems in accordance with security best practices and architectural standards. Troubleshoot and support all aspects of CyberArk Privileged Access Management, including onboarding, vault management, and access controls. Develop and maintain technical documentation, procedures, and runbooks for daily operations and major initiatives. Propose and document system architectures for secure and scalable deployments. Collaborate with internal teams, vendors, and stakeholders to ensure successful technology implementations. Patch, maintain, and monitor security platforms to ensure system stability and compliance. Train team members and end users on new systems and security processes as needed. Follow up promptly with stakeholders to address issues, changes, and enhancements. Required Skills / Education Proven experience as a CyberArk Administrator or in a similar Privileged Access Management role. Hands-on experience troubleshooting and supporting CyberArk PAM components. Strong understanding of cybersecurity principles, access control, and secure system administration. Ability to create clear, detailed technical documentation and operational procedures. Excellent written and verbal communication skills, with the ability to work effectively across technical and non-technical teams. Preferred Qualifications Experience with scripting or programming languages. Hands-on experience with PowerShell. Familiarity with enterprise infrastructure environments and security integrations. Strong interpersonal skills and the ability to collaborate with stakeholders at all organizational levels. About Seneca Resources At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 companies to government organizations, we provide opportunities that help professionals grow their careers while making an impact. When you work with Seneca, you're choosing a company that invests in your success, celebrates your achievements, and connects you to meaningful work with leading organizations nationwide. We take the time to understand your goals and match you with roles that align with your skills and career path. Our consultants and contractors enjoy competitive pay, comprehensive health, dental, and vision coverage, 401(k) retirement plans, and the support of a dedicated team who will advocate for you every step of the way. Seneca Resources is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace where all qualified individuals are encouraged to apply.

One of our clients is looking for a Data Security Analyst in New York, NY - 10172. This is a hybrid position and 6 month of contract with possible extension, offering $43/hour ona W2. About the Role Supports Data Loss Prevention and Data Security initiatives in the mission to protect sensitive data. Responsibilities Monitor alerts coming from data loss prevention technologies. Perform initial triage and escalation in accordance with internal processes. Draft playbooks/job aids for responsibilities. Partner with senior data loss prevention leaders to support incident validations. Provide feedback to technologists responsible for DLP policy tuning on the efficacy of rules. Prepare DLP program metrics for routine reporting. Support ad hoc data requests from DLP leadership. Qualifications Knowledge of Proofpoint, Microsoft Purview, and Island.io. Proficiency in Microsoft Excel, including pivot tables. Required Skills Strong attention to detail, inquisitive, analytical, and can pull together multiple data sources to formulate holistic pictures. Effective verbal and written communication skills and ability to work with cross-functional teams. Pay range and compensation package $43/hour on W2.

IT Security Analyst II - AI & Emerging Technology Security (Contract) We are seeking a Junior to Mid-Level IT Security Analyst with hands-on exposure to AI, Generative AI, and Agentic AI security. This role supports a Product Security organization focused on implementing security guardrails for AI-enabled applications. You will work closely with Data, AI, and Product teams to secure machine learning pipelines, large language models, and agent-based systems in a cloud-native enterprise environment. Key Responsibilities Embed security controls into AI/ML models, LLM-based applications, and agentic workflows across the SDLC Conduct security reviews of Generative AI, traditional ML models, and supporting data pipelines Identify and mitigate AI-specific threats such as prompt injection, data poisoning, model abuse, and insecure agents Support and apply AI security standards aligned with NIST, ISO, and emerging AI governance frameworks Partner with legal, compliance, and privacy teams on AI risk management and regulatory requirements Assist in evaluating and operating AI security and observability tools for model monitoring and data protection Contribute to internal guidance and training on secure AI development practices Required Qualifications Bachelor's degree in Computer Science, Information Security, or related discipline 2+ years of experience in cybersecurity, with exposure to AI/ML environments Experience with cloud-native security concepts and threat modeling Understanding of AI/ML concepts including model training, inference, data labeling, and adversarial attacks Familiarity with core security domains such as authentication, encryption, network security, and IAM Strong communication and collaboration skills within agile or SAFe-based teams Preferred / Nice-to-Have Skills Experience with AI security platforms such as Zenity or HiddenLayer Familiarity with Microsoft security and AI governance tooling, including: Microsoft Defender for Cloud Microsoft Defender for Cloud Apps Azure AI Content Safety Microsoft Purview (data governance / DLP) Exposure to Power Platform, Power BI, or low-code environments, especially implementing DLP or data governance controls Experience with AI model governance or AI security programs Security or cloud certifications (e.g., CCSK, CEH, or AI-focused credentials) Scripting or automation experience for security testing and validation

You will provide guidance and technical support to clients deploying security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Any of the following industry certifications or equivalent experience is a plus: CISSP, CCNA, PCNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure You're an excellent writer, with strong verbal communication skills, with demonstrable ability to communicate to senior leaders and technical peers

We are looking for a Senior Security Engineer to work for our client. The ideal candidate aligns with the responsibilities and qualifications outlined below. Responsibilities: Design, implement, and maintain security solutions to protect enterprise systems and data Conduct vulnerability assessments, penetration testing, and risk analysis Develop and enforce security policies, standards, and best practices Collaborate with IT and development teams to integrate security into system architecture Monitor and respond to security incidents, ensuring timely resolution Qualifications: 5+ years of experience in cybersecurity engineering or related roles Strong knowledge of network security, application security, and cloud security principles Experience with security tools such as SIEM, IDS/IPS, and endpoint protection Familiarity with compliance frameworks (ISO, NIST, SOC, HIPAA) Excellent problem-solving and communication skills What Our Client Offers: A critical role in safeguarding enterprise systems and sensitive data Opportunities to work with cutting-edge security technologies and methodologies A collaborative environment focused on innovation and resilience Competitive compensation and comprehensive benefits

This young and agile company, providing identity risk solutions is currently seeking a Senior Cloud Security Engineer with a focus on Infrastructure and Security to join their growing team. You will assist with the continuous maturation of their Cloud Security services within the Security division. This is an excellent opportunity for an experienced Cloud Security Engineer with experience in both Infrastructure and Security to take the next step into a challenging position with a company offering significant growth potential. About the Company: Founded in the last 10 years, they are one the fastest growing companies in their space. They are a fast-growing company that have built a platform that allows finance organisations and fintechs to strengthen their security defences. Their mission is to allow companies to manage their identity and fraud risk. Everything they do is entrenched in achieving engineering excellence. Their culture is not corporate, and they like to trust their employees to take on a lot of responsibility and have input into the shape of growth of the organisation. About the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: What you will be doing: • Serve as a cloud security subject matter expert, advise on and implementing best practices • Respond to security incidents and provide timely and appropriate solutions • Conduct cloud security risk assessments and audits • Conduct investigations into security incidents and potential threats • Take part in on call rotations for incident response and remediation • Assist with policy management, security audits, and due diligence for cloud security concerns • Advise on, configuring, and managing a variety of security tools • Keep informed about and respond to emerging security threats and vulnerabilities • Assist with cloud security reviews of potential vendors Ideal Requirements for the Senior Cloud Security Engineer (Infrastructure and Security) Vacancy: • Several years of experience working in a similar role with a focus on Cloud Security in AWS • Experience provisioning infrastructure in AWS using Terraform, CloudFormation, CDK, or similar tools • Experience configuring VPCs, route tables, NACLs, Security Groups, iptables, Web Application Firewall, Config, GuardDuty, Inspector, KMS, IAM, etc. • In depth knowledge of AWS security best practices around systems hardening, monitoring, and incident response • Experience taking part in an on-call rotation • You are passionate about securing infrastructure, reducing risk, and protecting data! • You are a subject matter expert on cloud security in AWS • You have a solid understanding of network architecture and protocols • You can advise on cloud security policies and procedures Apply to the Role: Roles like these are snapped up very quickly, so act now if you do not want to miss out! Reply to this advert or email your CV to **********************

The Team: The Security Engineering Lead will be responsible for designing, building, and maintaining the organization's security infrastructure. This role requires a highly skilled professional who can lead a team of engineers, implement innovative security solutions, and ensure the resilience of the organization's systems and networks. The ideal candidate will have extensive experience in security engineering, a strong technical background, and the ability to manage and deliver complex security projects. **This Role does NOT provide sponsorship** Salary: $150k-$190k base w/ 20% bonus Responsibilities: Leadership and Management: Lead and mentor a team of security engineers, fostering a culture of continuous learning and innovation. Build and scale a global team to meet organizational needs. Architecting Security Solutions: Assist teams in designing and implementing advanced security solutions, including cloud security, privilege access management and application/system security. Collaboration: Partner with software development, infrastructure, and operations teams to embed security into the development lifecycle and operational processes. Performance Optimization: Regularly evaluate and optimize existing security tools and technologies to ensure maximum efficacy and efficiency. Training and Knowledge Sharing: Develop and deliver technical security training to engineers and other staff, ensuring a strong organizational security posture. Documentation and Reporting: Create detailed documentation for security systems and processes, and provide regular project reports senior management. Required Skills and Experience: Experience (3+ year) in people leadership roles, nurturing security engineers into high-performing teams. Experience (5+ years) in a security engineering role, focusing on designing and implementing security solutions and managing security infrastructure, both on-premise and cloud. Experience working with privilege and identity management solutions. Experience with operating system security and system hardening. Knowledge of network security principles, protocols, and technologies. Strong analytical and problem-solving skills, with the ability to assess risks and develop appropriate security controls. Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. Ability to work independently, prioritize tasks, and manage multiple projects simultaneously. Strong leadership skills, with the ability to mentor and guide junior team members. Skills and Experience That Would Help You Stand Out: A bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable. Linux security experience Familiarity with DevSecOps and integrating security into CI/CD pipelines. Scripting experience.

This role is for a mid-to-senior Security Engineer who thrives in a lean, high-performance environment and takes a hands-on, engineering-first approach to security. You will operate as a generalist within a small security team, owning the design, build, and evolution of security systems that protect a highly technical organization with many proprietary platforms. This is not an analyst role; the focus is on building, integrating, and improving security capabilities end to end, with a strong emphasis on problem solving, automation, and how systems work together. You will design and implement enterprise-grade security monitoring, detection, and response solutions, integrating commercial tools and developing custom capabilities tailored to the environment. While the role includes reviewing and triaging alerts from detection and response platforms, the core responsibility is continuously improving detection quality, response workflows, and overall security posture. You will engineer and tune detections using structured data and JSON-based queries, develop automated response and orchestration workflows, and drive improvements across the full incident lifecycle. The position requires close collaboration with teams across the organization, translating security risks and technical concepts into clear, practical language for non-security stakeholders. You will partner with engineering, infrastructure, and product teams to embed security into systems and workflows, applying strong security principles that are portable across technologies rather than tied to a single toolset. The environment is fast-moving and production-heavy, with ongoing adoption of AI-driven technologies and modern development practices. The ideal candidate has several years of experience in security engineering, preferably in a fintech, startup, or similarly high-tech environment, and is accustomed to operating outside of large, siloed security teams. You bring strong hands-on experience with cloud and endpoint security platforms such as Azure, Microsoft Defender, and Elastic, with exposure to tools like Zscaler and Purview considered a plus. You are comfortable coding and scripting, particularly in Python, working with Git-based workflows, and applying infrastructure-as-code concepts. Experience building and operating detection and response systems, security orchestration and automation platforms, and threat-informed defenses is essential. They'll need someone who's fully authorized to work in the US without any sponsorship / visa (cannot support H1B).

Seeking an experienced and dedicated Senior Cloud Security Engineer to join our team. This role is crucial for ensuring the security and compliance of our cloud infrastructure in a highly regulated financial environment. The ideal candidate will have a strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions. Primary Success Factors Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Collaborate with IT and development teams to ensure cloud solutions are securely integrated with existing software and infrastructure, following best practices and security standards. Keep abreast of the latest security issues, regulatory changes, and industry trends to proactively address emerging threats. Assist with the design of security training and awareness programs to educate staff about cloud security risks and responsibilities, fostering a culture of security within the organization. Regularly report on the status of cloud security, including any breaches or vulnerabilities, to senior management and stakeholders. Work with third-party vendors to ensure that security requirements are met and maintain strong relationships with external security partners. Maintain compliance with all relevant security and privacy laws and regulations, including PCI-DSS, GDPR, SOX, and other industry-specific standards Required Experience Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Specific experience will be considered in lieu of a degree. Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Excellent problem-solving skills and the ability to work under pressure, with a proactive and detail-oriented approach to security. Strong communication and collaboration skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring and incident response tools, such as SIEM, IDS/IPS, and EDR solutions. Ability to deliver with minimal management oversight

Must have an OT background with life sciences experience Deliver OT security firewall policy design and document Investigate and deliver appropriate OT architectures for RD systems Troubleshoot connectivity issues experienced during migration activities Must be proficient in Palo Alto Must have an OT background with life sciences experience Knowledge of supporting technologies, Zscaler, Cisco network infrastructure, Azure, and Google cloud Good to have Experience using ServiceNow Preferred RD lab experience, knowledge of lab systems, such as LIMS. HPLC etc Experience with project software (ADO) Generic US or UK based (US preferred) Good communicator, role requires frequent conversations with the business Note : If you are interested please share me your resumes to ********************* or else reach me at **********.

Delta Information Systems, Inc. is seeking a highly skilled Information Security Specialist to protect and secure critical systems, data, and intellectual property in a fast-paced Aerospace & Defense environment. This role is responsible for implementing and managing security controls, ensuring compliance with strict regulatory requirements, and defending against advanced cyber threats. The ideal candidate will bring deep technical knowledge, strong problem-solving skills, and the ability to work across teams to maintain the confidentiality, integrity, and availability of sensitive information that supports our national security mission. This is a fully onsite position located in Horsham, PA. Key Responsibilities Implement, monitor, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM platforms. Perform continuous monitoring, vulnerability assessments, penetration testing, and risk analysis of systems and networks. Ensure compliance with DoD, NIST 800-171, CMMC, ITAR, DFARS, and other regulatory frameworks. Champion the company's certification to CMMC Level 2. Develop, document, and enforce cybersecurity policies, procedures, and incident response plans. Support Government and customer security audits, preparing evidence and remediation plans as required. Investigate and respond to cybersecurity incidents, performing root-cause analysis and recommending corrective actions. Collaborate with IT, Engineering, Program Management, and Security teams to embed cybersecurity best practices into operations and product development. Provide cybersecurity awareness training to employees with a focus on handling sensitive defense-related data. Stay current on emerging cyber threats, nation-state tactics, and evolving compliance regulations impacting aerospace and defense. Qualifications Required: Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in information security, IT security operations, or cybersecurity. Strong knowledge of NIST 800-171, CMMC, and DFARS cybersecurity requirements. Experience developing, implementing and achieving CMMC compliance. Experience supporting DoD or government contracts with cybersecurity compliance needs. Hands-on experience with security infrastructure: SIEM, IDS/IPS, endpoint security, and network monitoring tools. Strong understanding of Windows, Linux, and cloud environments (Microsoft Office 365, Deltek Costpoint). Excellent analytical, documentation, and communication skills. U.S. Citizenship (required due to defense industry regulations). Preferred: Active security clearance (Secret or higher), or ability to obtain one. Relevant certifications: CISSP, CISM, Security+, CEH, or GIAC. Experience with RMF (Risk Management Framework) and STIG compliance. Familiarity with secure software development, DevSecOps practices, or classified system security. Compensation Competitive salary Outstanding benefits package 100% Paid Coverage for Medical, Dental, and Vision 401(k) Employer Match Employee Stock Ownership Program (company funded) Life Insurance (company funded) Short-Term Disability (company funded) Long-Term Disability (company funded) Vacation & Sick Holidays: 11 days HealthCare FSA Dependent Care FSA What We Offer Opportunities for training, certifications, and career growth. A mission-driven culture where your work contributes to national security. Exposure to advanced technologies and programs critical to the aerospace and defense sector. About Delta Information Systems, Inc. Delta Information Systems (DIS) is an industry-leading supplier of high-quality aerospace telemetry products for Flight Test, Missile Test, Range Safety, Launch Support and Satellite Command and Control applications. Their products address the complete telemetry chain from Data Acquisition, Storage, Transport and Distribution to Telemetry Processing and Display. DIS customers include all DoD entities, all Major Primes, Integrators, Gov Labs, Aircraft & Missile Manufacturers, & Launch Facilities. In addition, Delta Information Systems (DIS) designs and develops sophisticated electronic equipment that is specifically designed to reliably operate in harsh environments. They deliver critical video communications capability for manned and unmanned Intelligence, Surveillance and Reconnaissance (ISR) programs.

Job Posting Title: Cloud Security Engineer - SRE We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

We are looking for a Contract Product Security Engineer to support vulnerability management initiatives within a product security organization. This role is ideal for a security professional who enjoys hands-on analysis, structured problem-solving, and improving security processes through automation and collaboration. You will work closely with engineering and security teams to help identify, assess, and prioritize security risks across software components. The focus of this project is vulnerability management through Software Bill of Materials (SBOM) analysis. The engineer will review and triage vulnerabilities identified by SBOM scanning tools, assess risk and severity, and support remediation efforts in partnership with cross-functional teams. The role also includes enhancing vulnerability management workflows through scripting and automation, as well as maintaining clear documentation to ensure traceability and compliance within a structured development environment. What we offer you in USA We honor the contract terms you prefer. 20 paid vacation days per year 40 working hours per week Retirement Plan 401(K) Medical, Dental, Vision Insurance Plan for you and your Family 100% On-Site position in Newton Responsibilities Review, analyze, and triage vulnerabilities from SBOM scanning tools Assess severity and support risk-based prioritization of remediation Collaborate with engineering, security, and product teams to drive resolution Track vulnerability status for timely closure Develop or use scripts/automation to improve vulnerability management Maintain clear documentation of findings and actions Requirements Experience in product security Proficiency in Python or other scripting languages Strong analytical skills and attention to detail Effective collaboration with cross-functional teams Nice to Have Experience with vulnerability management programs Exposure to regulated industries Familiarity with SBOM management tools (e.g., Dependency Track)

Minimum Experience: 10+ Years Key Responsibilities Security & Compliance Serve as divisional lead for NIST 800-171 control alignment, tracking, and remediation. Partner with Internal Audit and Enterprise Security to review non-compliance findings and drive resolution. Maintain and improve Defender for Cloud posture management across Azure infrastructure. Identify, prioritize, and remediate vulnerabilities across infrastructure, networks, and systems. Develop and implement Linux patch management strategy and compliance reporting. Contribute to policy documentation and control evidence collection for SOX and NIST readiness. Infrastructure & Cloud Security Operations Work closely with Infrastructure, Cloud Ops, and Application teams to assess risk and prevent operational disruption. Integrate security best practices into Azure, network, and datacenter operations. Utilize Defender, Azure Security Center, and related tools to monitor and report on environment health. Coordinate with Cloud and Systems Engineers to validate patch success, compliance metrics, and configuration baselines. Automate recurring security validation and compliance tasks using scripting (PowerShell, Python, Bash). Governance, Reporting, and Training Maintain centralized tracking for security initiatives, audit remediations, and policy adherence. Partner with PMs to ensure remediation workstreams are integrated into project schedules. Support KnowBe4 phishing campaign analysis and contribute to security awareness reinforcement. Report key risk indicators (KRIs) and compliance metrics to leadership. Required Qualifications 8 years of experience in Information Security, Infrastructure Engineering, or Cloud Operations. Proven experience with Defender for Cloud, Azure Security Center, or equivalent platforms (e.g., Tanium, Nessus, Qualys). Working knowledge of NIST 800-171, NIST CSF, or ISO 27001 frameworks. Experience managing patching and vulnerability remediation across Windows and Linux environments. Proficiency with scripting or automation tools (PowerShell, Python, Bash). Familiarity with Active Directory, Azure AD, and network security principles. Preferred Qualifications Experience with Fortify or similar static code analysis tools. Familiarity with KnowBe4, VRX, or patch compliance tracking systems. Exposure to Azure DevOps, IaC, and configuration-as-code methodologies. Security or cloud certifications (e.g., AZ-500, Security+, CISSP, or equivalent). Success Measures Reduction in open audit findings and non-compliant controls. Establishment of measurable Linux and infrastructure patch compliance reporting. Defender for Cloud secure score improvement over baseline. Defined and repeatable NIST alignment process for divisional systems. Improved coordination between Infrastructure, Cloud, and Security teams during vulnerability remediation. If I missed your call ! Please drop me a mail. Thank you, Harish Accounts Manager/Talent Acquisition Astir IT Solutions, Inc - An E-Verified Company Email:******************* Direct : ***********788 50 Cragwood Rd. Suite # 219, South Plainfield, NJ 07080 ***************

Sales Representative -- Anindya Mazumdar Role: Not looking for an Architect - require individual heavy on engineering side / looking for a builder. Strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Required: Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring & incident response tools, such as SIEM, IDS/IPS, and EDR solutions.

Are you considering a new role in Cyber Security and want to work in a company that is helping to change the world? Consider joining an organization serving the global scientific research community, supporting the brightest minds on the planet. Are you a collaborative Incident Response Engineer looking to work for a mission driven global organization? About the role, Elsevier is expanding its Global InfoSec Security Incident Response team. As a Security Incident Response Engineer, you will play a crucial role in our internal security support team, assisting with incident response investigations. This team is entrusted with analyzing, triaging, scoping, containing, and providing guidance for remediation, as well as determining the root cause of security incidents. This team also is empowered by collecting and analyzing security incident-related data to identify indicators of attack and compromise. Responsibilities: Assisting in scoping security incidents and identifying indicators of attack and compromise. Analyzing incident data from threat analytics tools. Communicating recommendations and guidance based on security incident analysis. Coordinating responses to security incidents with other security and consulting teams. Developing, documenting, and implementing runbooks, capabilities, and techniques for Incident Response. Performing security triage and analysis on endpoint, server, and network infrastructure. Conducting activities necessary for immediate containment and short-term resolution of incidents. Maintaining current knowledge of the threat landscape, emerging security threats, and vulnerabilities. Investigating the root cause of complex security incidents. Maintaining a high level of confidentiality. Requirements Possess experience in cybersecurity incident response or related fields. Proven ability to analyze, triage, scope, contain, and remediate security incidents. Have current and extensive knowledge of security technologies, tools, and processes. Experience with major cloud providers, including cloud security, networking, and multi-cloud or hybrid deployments. Have current skills in automation using PowerShell, Python, Java, or similar languages. Experience in Linux and/or Mac administration. Experience in Network Security Administration or Systems Administration. Experience supporting large, complex, and geographically distributed enterprise environments. Preferred certifications: CISSP, CISM, SANS, GIAC, ethical hacking/penetration tester, or security risk assessment. Elsevier employs 10,000 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

Salary: 105K-125K w/ 5-10% bonus Must Haves : - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (Master's degree preferred). - Minimum of 5-7 years of experience in cybersecurity or information security roles, preferably in a manufacturing or construction environment. - Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. - Strong knowledge of network protocols, firewalls, intrusion detection/prevention systems, and encryption technologies. - Experience with security tools such as Splunk, CrowdStrike, Cisco Umbrella, Artic Wolf, or similar platforms. - Proficiency in cloud security (e.g., AWS, Azure) and securing industrial control systems (ICS) is a plus. - Familiarity with scripting languages (e.g., Power BI, Python, PowerShell) for automation and analysis. Job Summary The Senior Cybersecurity/Information Security Analyst will be responsible for overseeing all aspects of information security within the organization. This role involves designing, implementing, and monitoring security measures to protect systems, networks, and data from cyber threats. The ideal candidate will have extensive experience in cybersecurity, working with security SaaS providers, a proactive approach to identifying vulnerabilities, and the ability to collaborate across departments to ensure a secure enterprise environment. Key Responsibilities - Develop, implement, and maintain comprehensive information security policies, standards, and procedures. - Ensure alignment with industry standards such as NIST, CIS, and other relevant frameworks. - Work with SaaS providers in conducting regular risk assessments and audits to identify vulnerabilities and ensure compliance with regulatory requirements. - Oversee SaaS provider monitor of networks and systems for security breaches, intrusions, and unusual activity using advanced security tools (e.g., SIEM, IDS/IPS). - Lead incident response efforts, including investigation, containment, remediation, and documentation of security incidents. - Perform root cause analysis and implement corrective actions to prevent recurrence. - Review and contribute to the configuration and maintenance of firewalls, VPNs, endpoint protection, and other security technologies. - participate in regular vulnerability scans and penetration testing to identify and mitigate risks. - Ensure secure configuration of cloud, on-premises, and hybrid environments. - review and recommend cybersecurity training programs to educate employees on best practices and emerging threats. - Promote a culture of security awareness across the organization. - Ensure compliance with applicable laws, regulations, and industry standards (e.g., CMMC, NIST, CIS, PCI-DSS). - Prepare and present reports on security posture, incidents, and compliance to the Manager of Cyber/Information Security and senior leadership. - Collaborate with IT, operations, and other departments to integrate security into business processes and systems. - Provide guidance and mentorship to junior members of the cybersecurity team. - Stay current on emerging threats, technologies, and best practices to recommend improvements to the security program.