Strategic Cyber Security Engineer and Subject Matter Expert
Cyber Security Analyst Job 36 miles from Fairfield
Applied Research Solutions is seeking an energetic and experienced full-time Strategic Cyber Security Engineer and Subject Matter Expert to support our customer at the Air Force Research Laboratory located at Wright-Patterson AFB. The Cyber Security Engineer will be supporting a cutting-edge program in the development of cyber security strategy and assist in the development of related program protection plans and support program related RMF processes.
Why Work with us?
Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.
Responsibilities include:
Aid in developing cyber strategy and designing anti-tamper solutions for weapon systems (hardware and software).
Draft and staff specific cybersecurity assessment and authorization artifacts for military programs:
S&T (or Program) Protection Plan
Anti-Tamper Plan
Cybersecurity Strategy,
DevSecOps CONOPS including SAST and DAST, and
RMF/ATO Artifacts.
Provide cyber security technical expertise related to preparation, processing and approval of IATT/ATO documents in support of the AFRL programs of interest.
Advise and contribute to the production of documentation and other artifacts related to DISA approvals and RMF approvals.
Lead discussions and execute processes for approvals of candidate solutions.
Engage with other contractors to share technical data necessary to guide the development of system architectures.
Participate in technical interchanges with relevant team members as necessary
Support and/or lead associated cyber security working groups and/or IPTs.
Other duties as assigned
Qualifications/ Technical Experience Requirements:
Must be a US citizen
Must have an active TS with SCI eligibility
BA/BS degree in relevant field and a minimum of 8-10 Years' relevant experience required, MS preferred.
Security+ required, CISM preferred, CISSP very desirable.
Demonstrated experience in developing strategy for designing anti-tamper solutions for weapon systems (hardware and software)
Demonstrated experience in developing cyber security assessments and authorization artifacts for military programs.
Demonstrated experience developing and staffing cyber security, and cyber-related, plans.
Experience with DevSecOps including use of Gitlab on Agile software development programs or software factories, where software was taken from development to production.
Demonstrated and recent experience with Risk Management Framework (RMF) and RMF tools
Demonstrated experience leading working groups, teams and IPTs.
Ability to work efficiently on teams and also individually with minimal supervision.
Strong analytical, communication, and attention to detail skills
Familiarity with key cyber security policies and national security counterterrorism objectives.
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.
IT Security and Risk Engineer
Cyber Security Analyst Job 21 miles from Fairfield
Encore Talent Solutions is looking for an IT Security, Risk and Compliance Engineer-
The ideal candidate will have experience in:
Creating and managing policies around HIPPA and PCI
Experience managing security awareness programs and managing security audits
Conduct reviews to measure compliance with NIST, PCI, and ISO standards, regulations and frameworks
Provides strategic risk guidance for IT projects, including evaluation and recommendation of technical controls
Cyber Analyst/ Cyber Security Analyst
Cyber Security Analyst Job 36 miles from Fairfield
Cyber Analyst/Cyber Security Analyst Cyber Defense Technologies (CDT), a leading small business cybersecurity and engineering firm, is seeking a skilled and detail-oriented Cyber Analyst/Cyber Security Analyst onsite in Dayton, OH with a TS/SCI clearance. In this role, you will monitor, analyze, for the purpose of mitigating threats.
Responsibilities:
Monitor network traffic, logs and alert to identify suspicious activity.
Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threat.
Perform in-depth analysis of potential threats, vulnerabilities, and incidents to determine severity and impacts.
Qualifications:
Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline and typically 5+ years of relevant experience
Relevant experience may be considered in lieu of required education.
Relevant certifications (e.g. CEH, Security +, CYSA+)
Why Join Cyber Defense Technologies?
At CDT, we offer a collaborative and inclusive work environment where your expertise in finance and HR can help shape the future of cybersecurity and engineering solutions. This position offers the opportunity to lead financial strategies while supporting HR initiatives in a fast-paced, government contracting environment.
Compensation and Benefits:
Competitive salary based on experience.
Comprehensive benefits package, including health, dental, and retirement plans.
Opportunities for professional development and career advancement.
CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Apply Now:
If you are a proactive Cyber Analyst/Cyber Security Analyst and thrive in dynamic environments, we encourage you to apply and join the CDT team!
Cyber Security Analyst - Entry Level
Cyber Security Analyst Job 16 miles from Fairfield
Entry Level Cyber Security Analyst
Cincinnati, OH
READ BEFORE YOU APPLY!
Opportunity: Per Scholas is helping to source entry-level candidates for Cyber Security Analyst positions with our employer partners in the Cincinnati region and will offer free training to candidates in need of additional upskilling in order to qualify.
Requirements:
To be successful, candidates need to possess basic literacy, math, critical thinking, and self-teaching skills, do well in fast-paced environments, and be able to learn new technologies quickly.
What we are looking for:
Must have at least a High School diploma or GED
Must be authorized to work in the US
Previous tech work experience or education preferred
Must be able to commit a Monday - Friday, 9:00am - 4:00pm
Must live in the Atlanta area
We are not currently offering visa sponsorship or transfers, but we will accept applications from individuals with work authorization.
T&T- Cyber- DPT- CyberArk - DM
Cyber Security Analyst Job 17 miles from Fairfield
Your potential, unleashed. India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond.
At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters.
The team
Technology & Transformation is about much more than just the numbers. It's about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you're always ready to act ahead. Learn more about Technology & Transformation Practice
Your work profile
As a CyberArk Engineer in our Cyber: Identity Team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -
* Solution Design: Collaborate with stakeholders to gather requirements and design CyberArk solutions that meet business needs, security requirements, and compliance standards.
* Implementation: Lead the implementation and configuration of CyberArk components, including the Privileged Access Security (PAS) Suite, Enterprise Password Vault (EPV), Privileged Session Manager (PSM), and Central Policy Manager (CPM).
* Integration: Integrate CyberArk solutions with other security and IT systems, such as directory services, identity governance platforms, ticketing systems, and SIEM solutions.
* Policy Management: Define and enforce access control policies, password management policies, and session recording policies within CyberArk to ensure the secure management of privileged accounts and access sessions.
* Account Discovery: Perform account discovery and onboarding activities to identify and onboard privileged accounts and assets into CyberArk for centralized management and control.
* Incident Response: Respond to security incidents and access-related events by conducting forensic investigations, analyzing access logs, and implementing remediation measures to mitigate risks and prevent future occurrences.
* Security Hardening: Implement security hardening measures and best practices to secure CyberArk deployments against external threats, insider risks, and unauthorized access attempts.
* Documentation and Training: Create and maintain technical documentation, standard operating procedures (SOPs), and training materials for CyberArk administrators, operators, and end-users.
Desired qualifications
* Bachelor's degree in Computer Science, Information Technology, or related field.
* Proven experience working as a CyberArk Engineer, CyberArk Administrator, or similar role, with at least 2+ years of experience in designing, implementing, and supporting CyberArk solutions.
* Expertise in CyberArk PAS Suite components, including EPV, PSM, CPM, PVWA, and AIM, and proficiency in CyberArk REST API, PACLI, and scripting languages (PowerShell, Python, etc.).
* Strong understanding of privileged access management (PAM) concepts, principles, and best practices, including privileged account discovery, rotation, and monitoring.
* Experience with integrating CyberArk with identity governance, ticketing, SIEM, and other security and IT systems using APIs, connectors, and integration frameworks.
* Familiarity with regulatory compliance standards, such as NIST, PCI DSS, GDPR, HIPAA, and SOX, and experience with compliance assessments and audits.
* Excellent analytical, problem-solving, and communication skills.
Location and way of working
* Base location: Delhi
* This profile involves frequent / occasional travelling to client locations.
* Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs.
Your role as a CyberArk Engineer
We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society.
In addition to living our purpose, Senior Executive across our organization must strive to be:
* Inspiring - Leading with integrity to build inclusion and motivation
* Committed to creating purpose - Creating a sense of vision and purpose
* Agile - Achieving high-quality results through collaboration and Team unity
* Skilled at building diverse capability - Developing diverse capabilities for the future
* Persuasive / Influencing - Persuading and influencing stakeholders
* Collaborating - Partnering to build new solutions
* Delivering value - Showing commercial acumen
* Committed to expanding business - Leveraging new business opportunities
* Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization
* Effective communication - Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities
* Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s)
* Managing change - Responding to changing environment with resilience
* Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision
* Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems
* Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte
* Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.
How you'll grow
Connect for impact
Our exceptional team of professionals across the globe are solving some of the world's most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report.
Empower to lead
You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership.
Inclusion for all
At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters.
Drive your career
At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte.
Everyone's welcome… entrust your happiness to us
Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here's a glimpse of things that are in store for you.
Interview tips
We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you're applying to. Check out recruiting tips from Deloitte professionals.
Cyber Security Support Engineer - Secret Clearance
Cyber Security Analyst Job 36 miles from Fairfield
Piper Companies is looking for a Cyber Security Support Engineer to join a government contractor in Dayton, OH. This role requires the candidate to report onsite 2 days a week and have an active Secret Clearance Essential Duties of the Cyber Security Support Engineer:
* Develop interface specifications for use within the enclave environments
* Confirm that enclave systems and network designs support the incorporation of DoD directed vulnerability solutions
* Maintain a schedule for upcoming software and hardware upgrades and follow procedures for regularly scheduled maintenance
* Confirm secure backup of systems and data through formally documented backup plan
Qualifications of the Cyber Security Support Engineer:
* Bachelors degree in Computer Science or related field
* At least 5 years Linux and 3 years IPS, IDS experience required
* Sec + certification required
* Linux +, CASP and CEH certs highly preferred
* Red/Blue Pen testing experience required
* Active Secret clearance required
Compensation for the Cyber Security Support Engineer:
* $170,000 - $180,000 (based on experience)
* Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays
* Flexible hybrid schedule (2x a week onsite)
This job opens for applications on 12/13/24. Applications for this job will be accepted for at least 30 days from the posting date
#LI-HYBRID
#LI-BM2
linux, network, sys admin, systems administrator, lan, local area network, wan, wide area network, sec+, security +, sec +, user support, ccna, network engineer, cisco, security, penetration testing, red team, blue team, vulnerability, certified ethical hacker
Cyber Security Incident Responder
Cyber Security Analyst Job 10 miles from Fairfield
We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element's digital infrastructure by effectively handling cyber incidents. This is an opportunity to join an emerging team and become a key contributor on day one. You will work closely with peers to develop what you see as a great 24/7 operational cyber defense capability. We encourage applications from those with direct experience in Digital Forensics and Incident Response (DFIR).
This position requires paid on call and overtime if there are serious cyber-attacks. This position is hybrid.
Responsibilities
Help build Element's IR capability. Implement best practice in line with NIST, SANS and other industry frameworks
Govern and coordinate cyber incidents. Act as the lead incident manager and technical authority for Cyber Defense. Conduct thorough investigations to reduce risk. Determine the root cause, impact, and identify remediation actions
Collaborate with cross-functional teams including IT, Privacy and Legal and senior stakeholders. Prepare and present written and verbal incident status reports to ensure the business is kept up to date
Conduct post-incident reviews and analysis to identify areas for improvement and help drive continuous improvement
Perform digital forensics on computer/network artefacts to assess the risk and impact of an incident. Perform malware analysis
Work closely with the Senior Manager Incident Response to Input into the development of cyber defense metrics
Stay abreast of the latest cyber threats, attack vectors, and security technologies to continuously improve the organization's incident response capabilities
Skills / Qualifications
A minimum of two years' experience working in cyber security. Technical experience as a Cyber Incident Responder e.g., Digital Forensics Incident Response (DFIR). Experience in managing complex cyber incidents would be great
Experience of in working within a complex highly federated organization. A comprehensive understanding of cyber defense operations in both the public and private sectors
A bachelor's degree in Computer Science, Information Technology, or a related field is desirable but not essential, as are other relevant certifications (e.g., CISSP, CISM, GIAC)
Attention to detail, strong analytical skills and efficient problem solving. The ability to think critically and make sound decisions in high-pressure situations
Cultural sensitivity and social flexibility in a global corporate environment
Experience in proactive communication to, and direct interaction with senior staff. The ability to convey complex information to a non-technical audience
A highly self-motivated individual with positive mindset and can-do attitude. A strong believer of security as an enabler to support business growth
This position requires on call and overtime if there are very serious cyber attacks
Knowledge of SIEM tooling, including experience in writing and developing advanced hunting and correlation search queries for alerts
Must be a US Citizen or Green Card holder
#LI-SL1
#LI-SL1
Company Overview
Element is one of the fastest growing testing, inspection and certification businesses in the world. Globally we have more than 9,000 brilliant minds operating from 270 sites across 30 countries. Together we share an ambitious purpose to ‘Make tomorrow safer than today'.
When failure in use is not an option, we help customers make certain that their products, materials, processes and services are safe, compliant and fit for purpose. From early R&D, through complex regulatory approvals and into production, our global laboratory network of scientists, engineers, and technologists support customers to achieve assurance over product quality, sustainable outcomes, and market access.
While we are proud of our global reach, working at Element feels like being part of a smaller company. We empower you to take charge of your career, and reward excellence and integrity with growth and development.
Industries across the world depend on our care, attention to detail and the absolute accuracy of our work. The role we have to play in creating a safer world is much bigger than our organization.
Diversity Statement
At Element, we always take pride in putting our people first. We are an equal opportunity employer that recognizes diversity and inclusion as fundamental to our Vision of becoming “the world's most trusted testing partner”.
All suitably qualified candidates will receive consideration for employment on the basis of objective work related criteria and without regard for the following: age, disability, ethnic origin, gender, marital status, race, religion, responsibility of dependents, sexual orientation, or gender identity or other characteristics in accordance with the applicable governing laws or other characteristics in accordance with the applicable governing laws.
Cyber Security Senior DLP Engineer
Cyber Security Analyst Job 16 miles from Fairfield
Make your mark at one of the biggest names in payments. With proven technology, we process the largest volume of payments in the world, driving the global economy every day. When you join Worldpay, you join a global community of experts and changemakers, working to reinvent an industry by constantly evolving how we work and making the way millions of people pay easier, every day.
**About the role:**
We are seeking a talented Senior Security Engineer to join a new dynamic team. As a Senior Security DLP Engineer, you will play a crucial role in safeguarding our organization's technology from cyber threats and ensuring the overall security posture of our systems. You will be responsible for designing, implementing, and maintaining security solutions, as well as reviewing and recommending new technologies, identifying areas for improvement, and contributing to the overall security program.
**What you will be doing:**
* Design, implement/deploy, and manage various DLP solutions, strategies, and tools across enterprise-wide environment.
* Develop, test and implement DLP security policies and procedures to ensure compliance with company policy, industry standards and regulatory requirements.
* Provide analysis and review of current security solutions, make recommendations for any changes to environment. Demonstrate a strong working knowledge of product offerings and make recommendations based on past experiences.
* Tune, configure and optimize security tools to defend against new tactics, techniques, and procedures as well as lead initiatives to develop processes for any existing process deficiencies.
* Work closely and frictionlessly with insider risk team, threat management team, security operations team, and more.
* Expand scope of work into additional engineering disciplines as organizational needs and requirements change.
* Collaborate with cross-functional teams to integrate security solutions into existing infrastructure and workflows.
* Stay up-to-date with the latest cybersecurity threats, trends, and technologies, and recommend appropriate security controls and countermeasures.
* Provide expertise and guidance on security best practices to internal stakeholders and support teams. Create and deliver technical presentations to peers, other teams and leadership.
* Act as subject matter expert within team and provide mentoring and guidance to team members and peers within other organizations. Advocate for security best practices within other teams and organizations.
* Work with minimal supervision and drive projects through to completion. Provide visibility and reporting to project activities, present to senior staff and escalate needs as a means to ensure completion against deadlines.
**What you need:**
* Bachelor's degree in computer science, Information Security, or a related field, or the combination of demonstrable relevant experience and skills.
* In-depth knowledge of various security technologies, including antivirus, EDR/XDR, DLP, application whitelisting, privilege management, endpoint encryption, WAF, firewalls, web content filtering, CI/CD pipeline inspection tools, CASB, CSPM, SIEM, forensic network collection, DDoS mitigation tools, and vulnerability management.
* Advanced level knowledge and experience with market leading security management platforms and deployment tools such as Tanium, InTune, SCCM, etc.
* Proven experience in designing, implementing, and managing security solutions in enterprise environments as a project lead or subject matter expert.
* Strong understanding of data as it flows from detection and prevention tools to SIEM and how incident handling teams will leverage this data for casework.
* Understanding of cybersecurity principles, best practices, and industry requirements and frameworks (e.g. NIST CSF, ISO 27001, PCI DSS Mitre Attack and Defend).
* Strong familiarity with network security concepts and technologies (firewalls, intrusion detection/prevention systems, web application firewalls etc.).
* Deep understanding of operating system technology, including Microsoft Windows, MacOS and various Linux distributions.
* Knowledge of virtualization platforms both centrally managed as well as locally managed as well as the means to provide visibility and control to guest systems.
* Working knowledge of cloud-based security solutions and experience with public cloud platforms such as AWS, Azure, or Google Cloud Platform. Ability to deploy tools in these environments as well as provide critical feedback for requirements in a security capacity.
* Knowledge of scripting languages (Python, PowerShell, etc.) for automation and customization of various security solutions.
* Excellent analytical and problem-solving skills, with the ability to troubleshoot complex security issues. Experience with writing detailed root-cause analysis for senior leadership after major incidents.
* Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
* Experience with using data analysis tools such as Excel, PowerBI, Splunk, etc. and the ability to drive change based on evidence as well as design new means of collecting, storing and building views.
* Experience using Agile practices for project and program management
**What makes a Worldpayer**
At Worldpay, we take our Values seriously, and we live them every day. Think like a customer, Act like an owner, and Win as a team.
* **Curious. Humble. Creative**. We ask the right questions, listening and learning to get better every day. We simplify the complex and we're always looking to create a bigger impact for our colleagues and customers.
* **Empowered. Accountable. Dynamic**. We stay agile, using our initiative, taking calculated risks to progress. Never standing still, never settling, we work at pace to achieve our goals. We champion our ideas and stay flexible to make them happen. We know that every action adds up.
* **Determined. Inclusive. Open.** Unlocking potential means working as one global community. Our work spans borders, and we stay united by our purpose. We collaborate, always encouraging others to perform at their best, welcoming new perspectives.
Apply now to write the next chapter in your career. We can't wait to hear from you.
To find out more about working with us, find us on .
#LI-JK1
Worldpay is committed to providing its employees with an exciting career opportunity and competitive compensation. The pay range for this full-time position is $89,180.00 - $149,820.00 and reflects the minimum and maximum target for new hire salaries for this position based on the posted role, level, and location. Within the range, actual individual starting pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Any changes in work location will also impact actual individual starting pay. Please consult with your recruiter about the specific salary range for your preferred location during the hiring process. The job duties outlined above may be directly, and negatively impacted by a criminal history, which could lead to the withdrawal of a conditional offer. However, all qualified candidates with arrests or convictions will still be considered.**Privacy Statement**
Worldpay is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how Worldpay protects personal information online, please see the .
**EEOC Statement**
Worldpay is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, natio
Cyber Security Engineer I
Cyber Security Analyst Job 43 miles from Fairfield
Job Details Dayton, OH - Fairborn, OH Full Time 4 Year Degree Negligible Information TechnologyDescription
Cyber Security Engineer I
Level: Experienced Department: Intelligence Services Job Type: Full-time
Job Summary
The Cyber Engineer I supports the research, development, and sustainment of old and new hardware systems and software capabilities for intelligence production.
Duties and Responsibilities
Plan, conduct, and accomplish assessments of systems and networks within the networking environment.
Identify systems/networks deviations from acceptable configurations, enclave policy, or local policy.
Conduct passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems.
Provide process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
Assist in the implementation of the required Government policy (i.e., NISPOM, DCID 6/3), and make recommendations on process tailoring.
Support the formal Security Test and Evaluation required by each Government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
Periodically conduct of a review of each system's audits and monitors corrective actions until all actions are closed.
Qualifications
Required Qualifications
Bachelors Degree cyber security, computer science, engineering, or information technology.
At least three years of experience working a cyber security role in the DoD space.
Must have an active TS/SCI clearance.
Proven experience in cyber security planning, assessment, and analysis
Proven experience performing and reviewing technical security assessments
Proficiency with Microsoft Office Suite, especially Excel and PowerPoint.
Experience implementing risk management processes, specifically related to cyber security
Working knowledge of the DoD Information Assurance Vulnerability Management Process.
Meets Department of Defense Cyber Security Workforce (CSWF) requirements for Information Assurance Management (IAM) Level I
Experience in planning, organizing, completing and presenting assessments of National Security/IA-related concepts, analyses, studies and procedures.
Thorough understanding of DoD Computer Network Defense policy and requirements, and have cursory familiarity with CND tools and processes (e.g. network scanners; vulnerability mitigation; remediation; risk management).
Working understanding of secure software development and assessment.
Must be U.S. Citizen.
AA/EOE M/F/Disabled/Vet
This company is an affirmative action/equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, national origin, age, disability or protected veteran status. All qualified applicants will receive consideration for employment.
Information Security Analyst 3, Digital Technology Solutions
Cyber Security Analyst Job 16 miles from Fairfield
Information Security Analyst 3, Digital Technology Solutions University of Cincinnati Posted: December 10, 2024 Location: Cincinnati, Ohio * Assist with developing strategies to achieve organizational goals; understand organization's strengths and weaknesses; analyze potential risks and opportunities; adapt recommendations to changing conditions and aligns with best practices.
* Help facilitate large collaborative teams to achieve organizational goals.
* Support community communication efforts, presenting security insights to leadership.
* Develop technical documentation (designs, specifications, processes, workflows) and communications.
* Develop and validate baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
* Participate in multiple, moderate- to high-risk projects.
* Work with a team to advance project goals and provide technical help and subject matter expertise. Actively engage in project support and solutioning.
* Share technical knowledge with teammates and help solve more complex problems.
* Document individual progress on assigned deliverables.
* Gather, maintain, and validate metrics for area of responsibility.
* Mentor student workers and junior employees.
* Carry out procedures to ensure that all systems, products, and services meet organization security standards. Recommend procedural improvements.
* Research information security trends to maintain technical understanding of the latest vulnerabilities and threats.
* Assist with providing artifacts to Governance, Risk & Compliance in relation to internal & external audits.
* Independently work with business units to achieve security objectives and identifies, reports, and resolves security risks and violations.
* Perform cyber investigations through forensic fact gathering with a focus on e-discovery.
* Analyze high volumes of logs, network data, and other attack artifacts in support of incident investigations.
* Provide guidance and technical expertise as needed for information security training and awareness programs.
* Participate in troubleshooting processes during and outside of normal business hours and participate in change management and root cause analysis.
* Mentor others regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Office of Information Security (OIS).
* Serve as an expert resource to others.
* Perform related duties based on departmental need. This job description can be changed at any time.
****Required Education****
Bachelor's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
Eight (8) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
****Required Experience****
* Two (2) years of related experience
* Advanced knowledge of security tool administration.
* Moderate project management skills.
* Experience with system administration.
* Experience with network architecture or some level of related technical training.
* Advanced understanding of risk and vulnerability management.
* Experience with incident response.
* Advanced knowledge of industry standard security and compliance frameworks.
****Additional Qualifications Considered****
This position will primarily work in the area of information security risk management. The ideal candidate will have experience in the field of information security risk. Responsibilities may include, but are not limited to: assessing information security reviews to identify business risk, make recommendations for implementation of security controls, performing gap analysis of contracts and ensuring appropriate data security verbiage is included in contracts, documenting excessive risk via institutional risk acceptance processes, participating on projects with data security concerns to represent the office of information security and ensure appropriate documentation is in place, as well as departmental customer service via enterprise incident ticketing system and departmental mailboxes, and supervision/mentorship of co-op and student workers.2. CISSP, CISM, GISP or similar information security certification(s) are preferred.
****Physical Requirements/Work Environment****
* Sitting - Continuously
* Repetitive hand motion (such as typing) - Continuously
* Hearing, listening - Continuously
* Talking - Continuously
* Standing - Seldom
* Walking - Seldom
* Bending - Seldom
* Stooping - Seldom
* Climbing stairs/ladders - Seldom
* Kneeling, squatting - Seldom
* Crouching - Seldom
* Crawling - Seldom
* Reaching overhead - Seldom
* Pulling, pushing - Seldom
* Lifting - up to 20 pounds - Seldom
* Lifting - up to 50 pounds - Seldom
* Lifting - over 50 pounds - Seldom
Competitive salary range dependent on the candidate's experience. HISTORY IN BRIEF - The University of Cincinnati is a public urban serving research institution that was founded in 1819 and today is one of the country's largest universities offering more than 350 academic programs to more than 44,000 students. UC has many top ranked programs in areas such as Music and Arts, Medical and Human-Services, Criminal Justice and more. Located in an urban setting, UC is close to the heart of Cincinnati and allows easy access for students to enjoy all that the city offers. UC is also the alma mater of many notables such as President William Howard Taft; Albert Sabin, developer of the oral polio vaccine; Astronaut Neil Armstrong and Mary Weinberg, 2008 Olympic gold medalist. UC is classified as a Research University (Very High Research Activity) by the Carnegie Commission and is ranked as one of America's top 35 public research universities by the National Science Foundation. UC jumped 17 spots in the U.S. News & World Report rankings in the past two years alone. In addition to being named a “green university” by Princeton Review, UC has been named one of the world's most beautiful campuses by Forbes and Delta Sky magazines. Learn more at ******************** N STATEMENT - The University of Cincinnati serves the people of Ohio, the nation, and the world as a premier, public, urban research university dedicated to undergraduate, graduate, and professional education, experience-based learning, and research. We are committed to excellence and diversity in our students, faculty, staff, and all of our activities. We provide an inclusive environment where innovation and freedom of intellectual inquiry flourish. Through scholarship, service, partnerships, and leadership, we create opportunity, develop educated and engaged citizens, enhance the economy and enrich our University, city, state and global community. Show more Show less ISACA Career Center is Just One of the Benefits. Discover what else ISACA has to offer!
Information Security Analyst
Cyber Security Analyst Job 16 miles from Fairfield
JOB\_DESCRIPTION.SHARE.HTML CAROUSEL\_PARAGRAPH JOB\_DESCRIPTION.SHARE.HTML * Cincinnati, Ohio * IT Infrastructure & Support * 9379 We are hiring a full-time Information Security Analyst who is technical, dedicated to learning new things, security-minded, has strong initiative, and is able to manage projects autonomously. The Information Security team defends the company's digital infrastructure by designing, implementing, and improving the company's cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. If you're excited to be part of a fast-growing, then Medpace is a great place to grow your career.
**Responsibilities**
* Engineer security solutions without oversight while collaborating with multiple internal departments and vendors;
* Analyze security systems and seek continuous improvements;
* Research vulnerabilities, perform vulnerability scanning and alleviate threats;
* Mature security best practices and policies internal to the organization;
* Develop new processes while cross-training coworkers and assisting employees on security-related matters;
* Provide security awareness training and testing for employees to verify proper security protocols are being adhered to;
* Performing cyber security incident triage, reviewing logs, and performing remediation activities; and
* Review and reduce inappropriate/overprovisioned access to drive least privileged access.
**Qualifications**
* Minimum of bachelor's degree, preferably in Cybersecurity or Information Technology'
* 1+ years of experience within Information Security;
* Understanding of security best practices and how to implement them at a business-wide level;
* Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following:
+ SIEM
+ Privileged Access Management/Identity Access
+ Endpoint Detection & Response
+ Cloud based architecture such as Azure/AWS
+ Active Directory
* Exceptional communication skills; and
* Fundamental scripting skills, such as PowerShell/Python.
**Nice to have:**
* Experience with vulnerability assessment tools such as Nessus and Tenable;
* Experience with enterprise web proxy solutions, web filters, and VPN such as Zscaler;
* Experience with governing Windows environment including GPO;
* Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2; and
* Auditing and policy-writing experience.
**Medpace Overview**
Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries.
People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today.
The work we've done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future.
**Cincinnati Perks**
* Flexible work environment
* Competitive PTO packages, starting at 20+ days
* Competitive compensation and benefits package
* Company-sponsored employee appreciation events
* Employee health and wellness initiatives
* Community involvement with local nonprofit organizations
* Discounts on local sports games, fitness gyms and attractions
* Modern, ecofriendly campus with an on-site fitness center
* Structured career paths with opportunities for professional growth
* Discounted tuition for UC online programs
**Awards**
* Named a Top Workplace in 2024 by The Cincinnati Enquirer
* Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024
* Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility
**What to Expect Next**
A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.
EO/AA Employer M/F/Disability/Vets
Cyber Engineer
Cyber Security Analyst Job 6 miles from Fairfield
At Cryptic Vector, we are dedicated to mission success. We take the time to understand our customers' needs, delivering products that perform when our nation needs them most. We understand that properly supporting the most unique missions of the United States government requires the nation's best. Our focus is on creating a culture where the best and brightest want to grow, learn, and stay. If coming up with out-of-the-box solutions is your specialty, then you'll feel right at home at Cryptic Vector. We are solving the country's most unique problems in an environment where problem solvers and hard workers thrive. We've replaced corporate red tape with transparency and servant leadership. Honestly, it's hard not to love this culture!
We value the individual experiences that our team members add to our culture and capabilities. Please don't hesitate to apply even if you don't meet the exact qualifications! We are interested in varying levels of experience.
Cryptic Vector is looking for Cyber Engineers with experience or interest in offensive cyber engineering. Cyber Engineering at Cryptic Vector is a research and development position spanning a variety of disciplines.
The responsibilities of the Cyber Engineer position may include the following:
Reverse Engineering (RE) of software/firmware, Vulnerability Research (VR), exploit development/productization
Design/develop post-exploitation effects in software/firmware, which can withstand scrutiny and attack
Design/develop secure, reliable, software-based communication solutions
Design/develop stealth solutions
Collaborate with engineering teams and product end users to translate customer/business/technical requirements into architectural designs and software solutions
Write unit tests, functional tests, and end-to-end tests
Provide constructive code reviews for colleagues
Programming languages:
Direct and recent experience coding in C and/or C++
Interest in new systems programming languages
Proficiency in modern scripting languages (like Python) is important but not central
An ideal candidate for these positions will have:
Experience developing user-mode applications for traditional platforms (Windows, Linux, mac OS, Android, iOS) or user/kernel-mode capabilities for non-traditional platforms (embedded/proprietary/custom firmware or operating systems)
A hacker mindset. Interest analyzing software/firmware for weaknesses.
Participation or interest in Capture the Flag (CTF)/hacking competitions
Interest in the architecture/internals of proprietary operating systems
Comfort working with assembly, machine code, hexadecimal, and binary. Familiarity with reverse engineering tools, such as IDA Pro and/or Ghidra.
Experience using, analyzing, and manipulating old/new network protocols. Interest in network/socket programming using TCP/UDP.
Working knowledge of basic cryptography functions and programming
Humble confidence, with a desire to work in a team setting (perhaps using an agile methodology)
Familiarity with software engineering methods/process. Familiarity with CI/CD pipelines and best practices.
Requirements
Preference for B.S. degree in Computer Science, Cyber Operations, Computer Engineering, Electrical Engineering, or related field
Ability to obtain/maintain a US security clearance
Willing to work in the greater Cincinnati area
Information Security Analyst
Cyber Security Analyst Job 36 miles from Fairfield
** Information Security Analyst-Hybrid** **Job Details** Dayton Office - Dayton, OH **Description** **McGohan Brabender** ** Information Security Analyst McGohan Brabender is renowned for recruiting top-tier talent within the employee benefits industry. As one of the nation's largest employee-owned (ESOP) benefit firms, we are true entrepreneurial disruptors in the field. Our team embodies agility, serving as advisors, financial strategists, and innovative problem solvers.
Our culture is infectious, grounded in our unwavering commitment to fostering a diverse and inclusive workplace where every individual is accorded the utmost dignity and respect. At the core of all our values, whether in life or business, lies our dedication to people. We wholeheartedly encourage everyone to bring their authentic selves to work every single day.
**About the Role:**
As an Information Security Analyst at McGohan Brabender, you will play an integral role in safeguarding our organization's data, systems, and networks from cyber threats. The ideal candidate will be a proactive and detail-oriented individual, focused on collaboration with other IT and non-IT resources to create the best solutions for the organization.
**Key Responsibilities:**
• Monitor network traffic, system logs, and security alerts for suspicious activity.
• Analyze security incidents to assess impact and identify root causes.
• Respond to security breaches, implement corrective actions, and mitigate threats.
• Coordinate with IT to resolve vulnerabilities and recover affected systems.
• Perform vulnerability assessments and risk analyses to identify security risks.
• Recommend measures to mitigate identified risks.
• Ensure security protocols align with industry regulations and best practices.
• Conduct regular security audits for compliance with regulatory requirements.
• Assist in designing, implementing, and managing security measures.
• Collaborate with IT teams to deploy updates, patches, and configurations.
• Provide security awareness training and develop best practice guidelines.
• Collaborate with various departments to align security strategies with organizational goals.
• Communicate security findings and recommendations to senior management.
• Stay current with cyber threats and participate in continuous learning.
**Qualifications:**
* Knowledge of common information security management frameworks.
* Experience implementing SOC2.
* Understanding & experience implementing security protocols in a Microsoft client and server systems.
* Security & configuration knowledge of O365, Azure, Exchange, Active Directory and related tools.
* Experience with computer network penetration testing and techniques required.
* Experience with proactive network, systems monitoring and threat management.
* Three or more years of related experience.
**Preferred Qualifications:**
* Previously worked in a HIPAA environment.
* Scripting language knowledge.
* Process Automation experience (automating security related functions, scans, reports, etc.)
* Linux knowledge.
* Security certifications: CISSP, CISA, Security+ or similar.
Information Security Analyst 3, Digital Technology Solutions
Cyber Security Analyst Job 16 miles from Fairfield
* Assist with developing strategies to achieve organizational goals; understand organization's strengths and weaknesses; analyze potential risks and opportunities; adapt recommendations to changing conditions and aligns with best practices. * Help facilitate large collaborative teams to achieve organizational goals.
* Support community communication efforts, presenting security insights to leadership.
* Develop technical documentation (designs, specifications, processes, workflows) and communications.
* Develop and validate baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
* Participate in multiple, moderate- to high-risk projects.
* Work with a team to advance project goals and provide technical help and subject matter expertise. Actively engage in project support and solutioning.
* Share technical knowledge with teammates and help solve more complex problems.
* Document individual progress on assigned deliverables.
* Gather, maintain, and validate metrics for area of responsibility.
* Mentor student workers and junior employees.
* Carry out procedures to ensure that all systems, products, and services meet organization security standards. Recommend procedural improvements.
* Research information security trends to maintain technical understanding of the latest vulnerabilities and threats.
* Assist with providing artifacts to Governance, Risk & Compliance in relation to internal & external audits.
* Independently work with business units to achieve security objectives and identifies, reports, and resolves security risks and violations.
* Perform cyber investigations through forensic fact gathering with a focus on e-discovery.
* Analyze high volumes of logs, network data, and other attack artifacts in support of incident investigations.
* Provide guidance and technical expertise as needed for information security training and awareness programs.
* Participate in troubleshooting processes during and outside of normal business hours and participate in change management and root cause analysis.
* Mentor others regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Office of Information Security (OIS).
* Serve as an expert resource to others.
* Perform related duties based on departmental need. This job description can be changed at any time.
****Required Education****
Bachelor's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
Eight (8) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
****Required Experience****
* Two (2) years of related experience
* Advanced knowledge of security tool administration.
* Moderate project management skills.
* Experience with system administration.
* Experience with network architecture or some level of related technical training.
* Advanced understanding of risk and vulnerability management.
* Experience with incident response.
* Advanced knowledge of industry standard security and compliance frameworks.
****Additional Qualifications Considered****
This position will primarily work in the area of information security risk management. The ideal candidate will have experience in the field of information security risk. Responsibilities may include, but are not limited to: assessing information security reviews to identify business risk, make recommendations for implementation of security controls, performing gap analysis of contracts and ensuring appropriate data security verbiage is included in contracts, documenting excessive risk via institutional risk acceptance processes, participating on projects with data security concerns to represent the office of information security and ensure appropriate documentation is in place, as well as departmental customer service via enterprise incident ticketing system and departmental mailboxes, and supervision/mentorship of co-op and student workers.2. CISSP, CISM, GISP or similar information security certification(s) are preferred.
****Physical Requirements/Work Environment****
* Sitting - Continuously
* Repetitive hand motion (such as typing) - Continuously
* Hearing, listening - Continuously
* Talking - Continuously
* Standing - Seldom
* Walking - Seldom
* Bending - Seldom
* Stooping - Seldom
* Climbing stairs/ladders - Seldom
* Kneeling, squatting - Seldom
* Crouching - Seldom
* Crawling - Seldom
* Reaching overhead - Seldom
* Pulling, pushing - Seldom
* Lifting - up to 20 pounds - Seldom
* Lifting - up to 50 pounds - Seldom
* Lifting - over 50 pounds - Seldom
Competitive salary range dependent on the candidate's experience. ** Information Security Analyst 3, Digital Technology Solutions**
Date: Dec 9, 2024 Location: Cincinnati, OH, US
Facility: Main Campus
**Job Segment:** Information Security, Developer, Computer Science, Risk Management, Technology, Finance, Security
Cyber Analyst/ Cyber Security Analyst
Cyber Security Analyst Job 36 miles from Fairfield
Cyber Analyst/Cyber Security Analyst** Cyber Defense Technologies (CDT), a leading small business cybersecurity and engineering firm, is seeking a skilled and detail-oriented Cyber Analyst/Cyber Security Analyst onsite in Dayton, OH with a TS/SCI clearance. In this role, you will monitor, analyze, for the purpose of mitigating threats.
**Responsibilities:**
* Monitor network traffic, logs and alert to identify suspicious activity.
* Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threat.
* Perform in-depth analysis of potential threats, vulnerabilities, and incidents to determine severity and impacts.
**Qualifications:**
* Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline and typically 5+ years of relevant experience
* Relevant experience may be considered in lieu of required education.
* Relevant certifications (e.g. CEH, Security +, CYSA+)
At CDT, we offer a collaborative and inclusive work environment where your expertise in finance and HR can help shape the future of cybersecurity and engineering solutions. This position offers the opportunity to lead financial strategies while supporting HR initiatives in a fast-paced, government contracting environment.
**Compensation and Benefits:**
* Competitive salary based on experience.
* Comprehensive benefits package, including health, dental, and retirement plans.
* Opportunities for professional development and career advancement.
CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
**Apply Now:**
If you are a proactive Cyber Analyst/Cyber Security Analyst and thrive in dynamic environments, we encourage you to apply and join the CDT team!
Cyber Security Engineer
Cyber Security Analyst Job 36 miles from Fairfield
Applied Research Solutions is seeking a full-time Cyber Security Engineer, located at Wright-Patterson AFB, OH support the ISR Crosscutter program.
Why Work with us?
Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.
Responsibilities Include:
The Contractor shall provide expert weapons system cybersecurity guidance and recommendations to program engineers, program managers, acquisition security program executive officer, Milestone Decision Authority (MDA), and AO.
The Contractor shall have current and demonstrated background related to supply chain risk management to prevent an adversary subverting weapon systems and critical networks.
The Contractor shall translate and provide comprehensive NIST 800-53 requirements to ensure SSE and procurement solutions are incorporated into an integrated program protection scheme based upon known or anticipated risks. Knowledge of systems engineering principles, network architecture analysis, verification and validation of requirements, and understanding the risk management process and understanding of the operational context of weapon systems employment is critical.
The Contractor shall provide subject matter expertise to support the AFPEO's intent to execute RMF to support assessment & authorization of assigned systems including generating required artifacts such as Interim Authority to Test (IATT), Authority to Connect (ATC), and Authority to Operate (ATO) packages as well as associated reports and presentations.
The Contractor shall have verifiable experience with Authorization Officials (AOs), their associated action officers and their processes, preferably for platform systems.
The Contractor shall execute risk reduction based policies and procedures, and develop system specific comprehensive cybersecurity processes to include implementation of continuous monitoring.
The Contractor shall document system architectures, utilizing original equipment manufacturer documentation and system interface specifications, to support the cyber analysis, identification, selection, and tailoring of security and privacy controls necessary to protect the system.
The Contractor shall provide expert level evaluation of designs and proposed implementation solutions to defend weapon systems and critical networks against malicious and non-malicious exploitation throughout the full acquisition lifecycle of portfolio programs. The Contractor shall evaluate threat data and develop residual risk recommendations and mitigations to senior DoD and AF leadership based on identification and analysis of weapons vulnerabilities.
The Contractor shall review and analyze interoperability requirements and shall review, develop and evaluate resultant specifications and internal and external Interface Control Documents (ICDs).
The Contractor shall review and propose technical recommendations at both the strategic and operational levels regarding critical technologies requiring protection, Program Protection Plans (PPP), and anti-tamper (AT) plans, cyber findings, vulnerabilities, and risks.
The Contractor shall conduct technical evaluations on vendors' proposals to ensure that cybersecurity requirements are properly addressed.
The Contractor shall assist and advise various working groups, planning teams and IPTs by preparing and reviewing agendas, coordinating topics and speakers, and researching, tracking and closing action items.
The Contractor shall support multiple systems security working groups to develop a secure, resilient aircraft based on SSE principles.
The Contractor shall provide expert identification, documentation, and assessment of threats, cyber findings, vulnerabilities, attack scenarios, impacts if exploited, and likely timelines for exploitation.
The Contractor shall provide stakeholders with on-time deliverables, RMF artifacts, cyber impact assessments, and approaches to meet growing ISR & SOF requirements.
The Contractor shall deliver solutions which are ready for the AO approval under significantly reduced timelines required by special operations and quick reaction capability programs.
The Contractor shall ensure that contractual documentation, such as statements of work, CDRLs, and SRDs, incorporate cybersecurity requirements that support the development of the assessment and authorization process.
The Contractor shall be able to support up to 33% of contract time on travel to support remote site, site visits, site audits, design reviews and engineering implementation reviews of network architectures.
Other duties as assigned
Qualifications/Technical Experience Required:
Must be a US Citizen
Top Secret clearance required
The Contractor must have demonstrated expert level DoD acquisition processes experience related to acquisition platform and sensor cybersecurity engineering along with an expert understanding of Risk Management Framework (RMF), Cybersecurity strategies, developing cyber resilient systems of systems (SoS), systems engineering, network engineering, and technical interface design to ensure weapon systems meet cyber resilient and Systems Security Engineering (SSE) criteria.
Senior level cybersecurity positions will require IAT level 3 and/or level 2 certifications. be DoD 8570 certified and have a current T-5 special sensitive eligibility on the first day of the task order.
The DoD directive 8570 Information Assurance Technical Level 3 (IAT III) or Information Assurance Management Level 3 (IAM III) certification must be achieved within one year of the task order start date; and maintained throughout the period of performance.
Senior: Possesses the advanced knowledge, experience and recognized ability to be considered an expert in their technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and journeyman personnel within the technical/professional discipline. Will demonstrate advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise. (Program Office, Enterprise and Staff Level Support interface)
Functionally Aligned Minimum Recommended Education and Experience:
Advanced Degree (Master of Arts (MA) / Master of Science (MS)) and 12 years of experience in the respective technical / professional discipline being performed, five years of which must be in the DoD
OR, BA/BS degree and 15 years of experience in the respective technical/professional discipline being performed, five of which must be in the DoD
OR, 20 years of directly related experience with proper certifications as described in the Functionally Aligned Job Descriptions, eight of which must be in the DOD.
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals based on disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.
Information Security Analyst 1, Digital Technology Solution
Cyber Security Analyst Job 16 miles from Fairfield
Information Security Analyst 1, Digital Technology Solution University of Cincinnati Posted: December 10, 2024 Location: Cincinnati, Ohio **Current UC employees must apply internally via *SuccessFactors*** **You are invited to submit an application to be considered for one of multiple vacancies of the same position.**
****Job Overview****
Assist in performing procedures and provide technical solutions that serve to provide appropriate access to and protect systems from unauthorized users.
****Essential Functions****
* Participate in peer knowledge sharing groups.
* Communicate security concepts effectively, with guidance.
* Assist with development of technical documentation (designs, specifications, processes, workflows) and communications.
* Document individual progress on assigned deliverables.
* Participate in gathering of metrics for area of responsibility.
* Carry out procedures to ensure that support departmental and university operations in the information security area.
* Maintain familiarity with information security trends and best practices.
* Participate in internal information security projects and initiatives.
* Participate in preparation and maintenance of functional documentation for assigned tasks.
* Participate in the research, design, implementation, and support of systems supporting information security tools and services.
* Participate in the development, maintenance, and utilization of standard operating procedures.
* Participate in conducting risk and vulnerability assessments of information systems to identity vulnerabilities, risks, and protection needs.
* Participate in troubleshooting processes during and outside of normal business hours.
* Assist with mentoring non-security teams regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Office of Information Security (OIS).
* Assist with information security training and awareness programs.
* Perform related duties based on departmental need. This job description can be changed at any time.
****Required Education****
* Associate's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
* Two (2) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
****Required Experience****
Possess working knowledge of commonly-used concepts, practices, and procedures and contributes through support, using established processes, methods, and systems.
****Additional Qualifications Considered****
This position will primarily work in the area of information security operations. The ideal candidate will have education or experience in the field of information security operations. Responsibilities may include, but are not limited to: endpoint security, full-disk encryption, multi-factor authentication, security incident and event management (SIEM), SSL and client certificate management, vulnerability management, privileged access management, password management, system/application administration for security related technologies, as well as departmental customer service via enterprise incident ticketing system and departmental mailboxes. CISSP, CISM, GISP or similar information security certification(s) are preferred.
Technical security certifications such as Security+, GSEC or similar.
****Physical Requirements/Work Environment****
* Talking - Continuously
* Sitting - Continuously
* Hearing, listening - Continuously
* Repetitive hand motion (such as typing) - Continuously
* Bending - Seldom
* Climbing stairs/ladders - Seldom
* Crawling - Seldom
* Crouching - Seldom
* Kneeling, squatting - Seldom
* Lifting - over 50 pounds - Seldom
* Lifting - up to 20 pounds - Seldom
* Lifting - up to 50 pounds - Seldom
* Pulling, pushing - Seldom
* Reaching overhead - Seldom
* Standing - Seldom
* Stooping - Seldom
* Walking - Seldom
* Shoveling - Not Required
**Compensation and Benefits**
UC offers a wide array of complementary and affordable benefit options, to meet the financial, educational, health, and wellness needs of you and your family. Eligibility varies by position and FTE.
* Competitive salary range dependent on the candidate's experience.
* Comprehensive insurance plans including medical, dental, vision, and prescription coverage.
* Flexible spending accounts and an award-winning employee wellness program, plus an employee assistance program.
* Financial security via our life and long-term disability insurance, accident and illness insurance, and retirement savings plans.
* Generous paid time off work options including vacation, sick leave, annual holidays, and winter season days in addition to paid parental leave.
* Tuition remission is available for employees and their eligible dependents.
* Enjoy discounts for on and off-campus activities and services.
As a UC employee, and an employee of an Ohio public institution, if hired you will not contribute to the federal Social Security system, other than contributions to Medicare. Instead, UC employees have the option to contribute to a state retirement plan (OPERS, STRS) or an alternative retirement plan (ARP).
To learn more about why UC is a great place to work, please visit our careers page at .
For questions about the UC recruiting process or to request accommodations with the application, please contact Human Resources at ***********.
**The University of Cincinnati is an Equal Opportunity Employer.**
REQ: 97769
SF:OMJ SF:RM SF:HEJ, SF:INS SF:HERC SF:DIV SF:LJN SF:IHE
HISTORY IN BRIEF - The University of Cincinnati is a public urban serving research institution that was founded in 1819 and today is one of the country's largest universities offering more than 350 academic programs to more than 44,000 students. UC has many top ranked programs in areas such as Music and Arts, Medical and Human-Services, Criminal Justice and more. Located in an urban setting, UC is close to the heart of Cincinnati and allows easy access for students to enjoy all that the city offers. UC is also the alma mater of many notables such as President William Howard Taft; Albert Sabin, developer of the oral polio vaccine; Astronaut Neil Armstrong and Mary Weinberg, 2008 Olympic gold medalist. UC is classified as a Research University (Very High Research Activity) by the Carnegie Commission and is ranked as one of America's top 35 public research universities by the National Science Foundation. UC jumped 17 spots in the U.S. News & World Report rankings in the past two years alone. In addition to being named a “green university” by Princeton Review, UC has been named one of the world's most beautiful campuses by Forbes and Delta Sky magazines. Learn more at ******************** N STATEMENT - The University of Cincinnati serves the people of Ohio, the nation, and the world as a premier, public, urban research university dedicated to undergraduate, graduate, and professional education, experience-based learning, and research. We are committed to excellence and diversity in our students, faculty, staff, and all of our activities. We provide an inclusive environment where innovation and freedom of intellectual inquiry flourish. Through scholarship, service, partnerships, and leadership, we create opportunity, develop educated and engaged citizens, enhance the economy and enrich our University, city, state and global community. Show more Show less ISACA Career Center is Just One of the Benefits. Discover what else ISACA has to offer!
Information Security Analyst 1, Digital Technology Solution
Cyber Security Analyst Job 16 miles from Fairfield
**Current UC employees must apply internally via *SuccessFactors*** **You are invited to submit an application to be considered for one of multiple vacancies of the same position.** Founded in 1819, the University of Cincinnati ranks among the nation's best urban public research universities. Home to 53,235 students, more than 11,000 faculty and staff and 350,000+ living alumni, UC combines a Top 35 public research university with a physical setting The New York Times calls “the most ambitious campus design program in the country.”
With the launch of Next Lives Here, the Cincinnati Innovation District, a $100 million JobsOhio investment, three straight years of record enrollment, worldwide leadership in cooperative education, a dynamic academic health center and entry into the Big 12 Conference, UC's momentum has never been stronger. UC's annual budget stands at $1.85 billion, and its endowment totals nearly $1.8 billion.
****Job Overview****
Assist in performing procedures and provide technical solutions that serve to provide appropriate access to and protect systems from unauthorized users.
****Essential Functions****
* Participate in peer knowledge sharing groups.
* Communicate security concepts effectively, with guidance.
* Assist with development of technical documentation (designs, specifications, processes, workflows) and communications.
* Document individual progress on assigned deliverables.
* Participate in gathering of metrics for area of responsibility.
* Carry out procedures to ensure that support departmental and university operations in the information security area.
* Maintain familiarity with information security trends and best practices.
* Participate in internal information security projects and initiatives.
* Participate in preparation and maintenance of functional documentation for assigned tasks.
* Participate in the research, design, implementation, and support of systems supporting information security tools and services.
* Participate in the development, maintenance, and utilization of standard operating procedures.
* Participate in conducting risk and vulnerability assessments of information systems to identity vulnerabilities, risks, and protection needs.
* Participate in troubleshooting processes during and outside of normal business hours.
* Assist with mentoring non-security teams regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Office of Information Security (OIS).
* Assist with information security training and awareness programs.
* Perform related duties based on departmental need. This job description can be changed at any time.
****Required Education****
* Associate's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
* Two (2) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
****Required Experience****
Possess working knowledge of commonly-used concepts, practices, and procedures and contributes through support, using established processes, methods, and systems.
****Additional Qualifications Considered****
This position will primarily work in the area of information security operations. The ideal candidate will have education or experience in the field of information security operations. Responsibilities may include, but are not limited to: endpoint security, full-disk encryption, multi-factor authentication, security incident and event management (SIEM), SSL and client certificate management, vulnerability management, privileged access management, password management, system/application administration for security related technologies, as well as departmental customer service via enterprise incident ticketing system and departmental mailboxes. CISSP, CISM, GISP or similar information security certification(s) are preferred.
Technical security certifications such as Security+, GSEC or similar.
****Physical Requirements/Work Environment****
* Talking - Continuously
* Sitting - Continuously
* Hearing, listening - Continuously
* Repetitive hand motion (such as typing) - Continuously
* Bending - Seldom
* Climbing stairs/ladders - Seldom
* Crawling - Seldom
* Crouching - Seldom
* Kneeling, squatting - Seldom
* Lifting - over 50 pounds - Seldom
* Lifting - up to 20 pounds - Seldom
* Lifting - up to 50 pounds - Seldom
* Pulling, pushing - Seldom
* Reaching overhead - Seldom
* Standing - Seldom
* Stooping - Seldom
* Walking - Seldom
* Shoveling - Not Required
**Compensation and Benefits**
UC offers a wide array of complementary and affordable benefit options, to meet the financial, educational, health, and wellness needs of you and your family. Eligibility varies by position and FTE.
* Competitive salary range dependent on the candidate's experience.
* Comprehensive insurance plans including medical, dental, vision, and prescription coverage.
* Flexible spending accounts and an award-winning employee wellness program, plus an employee assistance program.
* Financial security via our life and long-term disability insurance, accident and illness insurance, and retirement savings plans.
* Generous paid time off work options including vacation, sick leave, annual holidays, and winter season days in addition to paid parental leave.
* Tuition remission is available for employees and their eligible dependents.
* Enjoy discounts for on and off-campus activities and services.
As a UC employee, and an employee of an Ohio public institution, if hired you will not contribute to the federal Social Security system, other than contributions to Medicare. Instead, UC employees have the option to contribute to a state retirement plan (OPERS, STRS) or an alternative retirement plan (ARP).
To learn more about why UC is a great place to work, please visit our careers page at .
For questions about the UC recruiting process or to request accommodations with the application, please contact Human Resources at ***********.
**The University of Cincinnati is an Equal Opportunity Employer.**
REQ: 97769
SF:OMJ SF:RM SF:HEJ, SF:INS SF:HERC SF:DIV SF:LJN SF:IHE
** Information Security Analyst 1, Digital Technology Solution**
Date: Dec 9, 2024 Location: Cincinnati, OH, US
Facility: Main Campus
**Job Segment:** Information Security, Computer Science, Developer, Risk Management, Technology, Research, Finance
Strategic Cyber Security Engineer and Subject Matter Expert
Cyber Security Analyst Job 36 miles from Fairfield
Applied Research Solutions is seeking an energetic and experienced full-time Strategic Cyber Security Engineer and Subject Matter Expert to support our customer at the Air Force Research Laboratory located at Wright-Patterson AFB. The Cyber Security Engineer will be supporting a cutting-edge program in the development of cyber security strategy and assist in the development of related program protection plans and support program related RMF processes.
Why Work with us?
Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.
Responsibilities include:
+ Aid in developing cyber strategy and designing anti-tamper solutions for weapon systems (hardware and software).
+ Draft and staff specific cybersecurity assessment and authorization artifacts for military programs:
+ S&T (or Program) Protection Plan
+ Anti-Tamper Plan
+ Cybersecurity Strategy,
+ DevSecOps CONOPS including SAST and DAST, and
+ RMF/ATO Artifacts.
+ Provide cyber security technical expertise related to preparation, processing and approval of IATT/ATO documents in support of the AFRL programs of interest.
+ Advise and contribute to the production of documentation and other artifacts related to DISA approvals and RMF approvals.
+ Lead discussions and execute processes for approvals of candidate solutions.
+ Engage with other contractors to share technical data necessary to guide the development of system architectures.
+ Participate in technical interchanges with relevant team members as necessary
+ Support and/or lead associated cyber security working groups and/or IPTs.
+ Other duties as assigned
Qualifications/ Technical Experience Requirements:
+ Must be a US citizen
+ Must have an active TS with SCI eligibility
+ BA/BS degree in relevant field and a minimum of 8-10 Years' relevant experience required, MS preferred.
+ Security+ required, CISM preferred, CISSP very desirable.
+ Demonstrated experience in developing strategy for designing anti-tamper solutions for weapon systems (hardware and software)
+ Demonstrated experience in developing cyber security assessments and authorization artifacts for military programs.
+ Demonstrated experience developing and staffing cyber security, and cyber-related, plans.
+ Experience with DevSecOps including use of Gitlab on Agile software development programs or software factories, where software was taken from development to production.
+ Demonstrated and recent experience with Risk Management Framework (RMF) and RMF tools
+ Demonstrated experience leading working groups, teams and IPTs.
+ Ability to work efficiently on teams and also individually with minimal supervision.
+ Strong analytical, communication, and attention to detail skills
+ Familiarity with key cyber security policies and national security counterterrorism objectives.
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Information Security Analyst 3, Digital Technology Solutions
Cyber Security Analyst Job 16 miles from Fairfield
Information Security Analyst 3, Digital Technology Solutions University of Cincinnati Posted: December 10, 2024 Location: Cincinnati, Ohio **Current UC employees must apply internally via *SuccessFactors*** Assist in performing procedures and provides technical solutions that serve to provide appropriate access to and protect systems from unauthorized users.
****Essential Functions****
* Assist with developing strategies to achieve organizational goals; understand organization's strengths and weaknesses; analyze potential risks and opportunities; adapt recommendations to changing conditions and aligns with best practices.
* Help facilitate large collaborative teams to achieve organizational goals.
* Support community communication efforts, presenting security insights to leadership.
* Develop technical documentation (designs, specifications, processes, workflows) and communications.
* Develop and validate baseline security configurations for operating systems, applications, networking, and telecommunications equipment.
* Participate in multiple, moderate- to high-risk projects.
* Work with a team to advance project goals and provide technical help and subject matter expertise. Actively engage in project support and solutioning.
* Share technical knowledge with teammates and help solve more complex problems.
* Document individual progress on assigned deliverables.
* Gather, maintain, and validate metrics for area of responsibility.
* Mentor student workers and junior employees.
* Carry out procedures to ensure that all systems, products, and services meet organization security standards. Recommend procedural improvements.
* Research information security trends to maintain technical understanding of the latest vulnerabilities and threats.
* Assist with providing artifacts to Governance, Risk & Compliance in relation to internal & external audits.
* Independently work with business units to achieve security objectives and identifies, reports, and resolves security risks and violations.
* Perform cyber investigations through forensic fact gathering with a focus on e-discovery.
* Analyze high volumes of logs, network data, and other attack artifacts in support of incident investigations.
* Provide guidance and technical expertise as needed for information security training and awareness programs.
* Participate in troubleshooting processes during and outside of normal business hours and participate in change management and root cause analysis.
* Mentor others regarding risk management, information security controls, incident analysis, incident response, monitoring, and other operational tasks (tools, techniques, procedures) in support of technologies managed by the Office of Information Security (OIS).
* Serve as an expert resource to others.
* Perform related duties based on departmental need. This job description can be changed at any time.
****Required Education****
Bachelor's Degree in Computer Science, Information Technology, Computer Engineering, or related field.
Eight (8) years of relevant work experience and/or other specialized training can be used in lieu of education requirement.
****Required Experience****
* Two (2) years of related experience
* Advanced knowledge of security tool administration.
* Moderate project management skills.
* Experience with system administration.
* Experience with network architecture or some level of related technical training.
* Advanced understanding of risk and vulnerability management.
* Experience with incident response.
* Advanced knowledge of industry standard security and compliance frameworks.
****Additional Qualifications Considered****
This position will primarily work in the area of information security operations. The ideal candidate will have experience in the field of information security operations. Responsibilities may include, but are not limited to: endpoint security, full-disk encryption, multi-factor authentication, security incident and event management (SIEM), SSL and client certificate management, vulnerability management, privileged access management, password management, system/application administration for security related technologies, as well as departmental customer service via enterprise incident ticketing system and departmental mailboxes, and supervision/mentorship of co-op and student workers.2. CISSP, CISM, GISP or similar information security certification(s) are preferred.
****Physical Requirements/Work Environment****
* Sitting - Continuously
* Repetitive hand motion (such as typing) - Continuously
* Hearing, listening - Continuously
* Talking - Continuously
* Standing - Seldom
* Walking - Seldom
* Bending - Seldom
* Stooping - Seldom
* Climbing stairs/ladders - Seldom
* Kneeling, squatting - Seldom
* Crouching - Seldom
* Crawling - Seldom
* Reaching overhead - Seldom
* Pulling, pushing - Seldom
* Lifting - up to 20 pounds - Seldom
* Lifting - up to 50 pounds - Seldom
* Lifting - over 50 pounds - Seldom
**Compensation and Benefits**
UC offers a wide array of complementary and affordable benefit options, to meet the financial, educational, health, and wellness needs of you and your family. Eligibility varies by position and FTE.
* Competitive salary range of $76,000 - $86,000 dependent on the candidate's experience.
* Comprehensive insurance plans including medical, dental, vision, and prescription coverage.
* Flexible spending accounts and an award-winning employee wellness program, plus an employee assistance program.
* Financial security via our life and long-term disability insurance, accident and illness insurance, and retirement savings plans.
* Generous paid time off work options including vacation, sick leave, annual holidays, and winter season days in addition to paid parental leave.
* Tuition remission is available for employees and their eligible dependents.
* Enjoy discounts for on and off-campus activities and services.
For questions about the UC recruiting process or to request accommodations with the application, please contact Human Resources at ***********.
**The University of Cincinnati is an Equal Opportunity Employer.**
REQ: 97767
HISTORY IN BRIEF - The University of Cincinnati is a public urban serving research institution that was founded in 1819 and today is one of the country's largest universities offering more than 350 academic programs to more than 44,000 students. UC has many top ranked programs in areas such as Music and Arts, Medical and Human-Services, Criminal Justice and more. Located in an urban setting, UC is close to the heart of Cincinnati and allows easy access for students to enjoy all that the city offers. UC is also the alma mater of many notables such as President William Howard Taft; Albert Sabin, developer of the oral polio vaccine; Astronaut Neil Armstrong and Mary Weinberg, 2008 Olympic gold medalist. UC is classified as a Research University (Very High Research Activity) by the Carnegie Commission and is ranked as one of America's top 35 public research universities by the National Science Foundation. UC jumped 17 spots in the U.S. News & World Report rankings in the past two years alone. In addition to being named a “green university” by Princeton Review, UC has been named one of the world's most beautiful campuses by Forbes and Delta Sky magazines. Learn more at ******************** N STATEMENT - The University of Cincinnati serves the people of Ohio, the nation, and the world as a premier, public, urban research university dedicated to undergraduate, graduate, and professional education, experience-based learning, and research. We are committed to excellence and diversity in our students, faculty, staff, and all of our activities. We provide an inclusive environment where innovation and freedom of intellectual inquiry flourish. Through scholarship, service, partnerships,