Cyber security analyst jobs in Florence, AL

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

Jr. Security Analyst Our client is currently looking for a Jr. Security Analyst to join their team in a long term contract capacity focusing on an increase in compliance and audit work heading into the new year. This person will be brought on to support an established information security and compliance team. This role is ideal for someone looking to grow in TPA (Third Party Assessment), audit support, compliance operations, NIST frameworks, and GRC practices. Below is a breakdown of what our enterprise client is looking for in their potential candidate! Key Responsibilities Support Third Party Assessments (TPAs) by gathering evidence, tracking documentation, and helping review vendor security controls. Participate in internal and external audit readiness tasks including evidence collection, control testing preparation, remediation tracking, and audit log review coordination. Assist with vulnerability scan reporting, ticket creation, and follow-up with technical teams on remediation tasks. Support intake, documentation, and status tracking of new compliance and security projects. Help maintain dashboards, risk registers, and compliance reporting metrics within the GRC tool. Participate in annual assessment activities including contingency plan exercises, incident response tests, access reviews, and other required security program tasks. Assist with audit log reviews and routine monitoring processes as assigned. Maintain structured, accurate documentation to support continuous compliance efforts. Minimum Qualifications 1-3 years of experience in security, IT, audit, or compliance support roles (internships or rotational experience accepted). Foundational knowledge of NIST frameworks, FISMA requirements, or other security compliance standards (HIPAA, SOC 2, ISO 27001 a plus). Experience with GRC platforms (ServiceNow, Archer, OneTrust, ZenGRC, etc.) OR strong interest in learning. Strong attention to detail with the ability to create, edit, and maintain structured documentation. Proficiency with Microsoft Office and basic workflow tracking tools (Excel, SharePoint, Confluence, Smartsheet, etc.). Familiarity with basic cybersecurity terminology and frameworks (e.g., CIS Controls). Experience supporting compliance evidence collection or policy documentation. Interest in security governance, risk, and compliance as a long-term career path.

Bellatrix-Latin for "Female Warrior" Owned and operated in a HUBZone, with over 25 years in the HR, Talent Acquisition and Government Contracting. Like the Bellatrix Star in the Orion Constellation, our Team Members are the Brilliance of the company, and are all shareholders, leading the company to success. Bellatrix prides itself on being a Small Woman Owned HUBZone company. We believe big does not equal best. By staying small, we can focus on agility, efficiency, and our people. At Bellatrix we believe in advancement from within through training, mentorship, innovation and truly being a family. Bellatrix believes in excellence in customer service, and catering to the customer's needs. We realize not everyone fits into a box, and we think outside of the box to ensure, affordable and outstanding services. Human Resources, Retention and Recruiting, and Medical Coding/Billing are the HRM of Bellatrix. Come and join our team, where you are a team member and shareholder, working together for growth. Bellatrix has the current position open as a direct W2, Fulltime position for one of our top clients in the Huntsville, AL Market. This position requires a Secret Clearance and is on location with the Missile Defense Agency Title: Cyber Security Analyst Location: Onsite-Huntsville, AL Program: MDA, C3BM and C2BMC Number of Openings: 2 Immediate Direct Hire Clearance: Secret Travel: 25% Salary Range: $150,000-165,000, DOE General Overview: Command, Control, Communications, and Battle Management (C3BM) cyber engineering efforts include engaging in Command, Control, Battle Management, and Communications (C2BMC) technical engineering and integration, future concepts, new functionality, and multi-national exchange designs. Cyber engineering tasking includes participation in reviews and assessments of C2BMC cyber security and documentation. Collaboration with MDS stakeholders is required to prepare C2BMC cyber products as part of the engineering objectives documentation and analysis processes as related to Defense Of Guam (DoG).Other activities include participation in engineering meetings, presenting engineering product development updates, providing analysis and failure review summaries. Responsibilities: Understand cybersecurity aspects of systems engineering development, as well as DoD cybersecurity requirements, and be capable of recommending changes to the Government about the contractor's system engineering development process. Perform cybersecurity risk assessment reviews to include changes, modifications, and/or updates of software and/or hardware to individual information systems and/or enterprise environment. Familiarity with Configuration Management to include oversight and engineering assessments of Cybersecurity fixes, patch development, and pre-release testing in support of DoG. Performing cybersecurity risk assessment describing the posture of an individual information systems through an enterprise architecture in support of DoG. Will directly support the Software Assurance program for C2BMC. Includes ability for assessments of code reviews and approvals/disapprovals of software products for use on Mission, Training and Test/Development C2BMC systems is support of DoG Requirements: Bachelor's degree in STEM program: Computer Science, Information Technology, Network Engineering or other similar program 5+ years of Related Experience Secret Clearance Familiarity with MDS cyber capabilities and policy Familiarity with Missile Defense Agency, Ballistic Missile Defense System, and/or C3BM Program Office work efforts Security +, CE with a preferred certification level of CISSP Ability to work independently within a dynamic environment Apply cyber engineering and solutions to support real-world test, integration, and operations Work within a collaborative environment composed of Government, prime contractor, sub-contractor and supporting contractor personnel in a badge-less contractor environment Bellatrix is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Description or Huntsville, AL - Redstone Arsenal (On-site) Clearance Required: Active Secret Clearance (or higher) Travel Required: Up to 10% LaunchTech is seeking a Mid-Level Cyber Threat Emulation Analyst to support the Missile Defense Agency (MDA). In this role, you will strengthen enterprise cyber defenses by conducting threat emulation, vulnerability analysis, incident response, and cyber operations assessments. You will contribute directly to improving the agency's defensive posture while mentoring analysts and executing cyber threat emulation engagements aligned with real-world adversary tactics. What You'll Do As a Mid-Level Cyber Threat Emulation Analyst, you will: Perform Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM) Perform cybersecurity duties on customer networks to improve enterprise-wide security posture Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to determine operational impacts and strengthen defensive posture Support the development, review, and updates of DCO procedures, processes, manuals, and other documentation Measure defense-in-depth effectiveness against known vulnerabilities Generate vulnerability assessment reports and escalate findings for review Support enterprise Incident Response in accordance with DoD regulations and instructions Lead cyber events and incident investigations from start to conclusion, including data gathering, analysis, and reporting Instruct, evaluate, and mentor analysts at junior, mid, and senior levels; support development of exploitation analyst training plans Receive, review, and implement Higher Headquarters Tasking Orders (HHQ) and Fragmentary Orders weekly Perform Cyber Threat Emulation (CTE) actions using Automated Security Validation toolsets per HHQ direction Execute CTE actions within approved network zones using specific adversary tactics, techniques, and procedures (TTPs) Create dashboards and reports communicating post-engagement analysis, vulnerabilities, recommended remediations, system security posture assessments, and incident response results Draft and submit Cyber Tasking Orders (CTOs) to address findings discovered during CTE engagements Collaborate with the Cyberspace Domain Awareness (CDA) team to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices What You Bring Basic Requirements: Must have 6, or more, years of general (full-time) work experience Must have 4 years of combined experience with: Performing manual or automated penetration tests in an enterprise environment Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments Experience performing the full life cycle of incident response and enterprise-level monitoring Must have 1 year of experience in management or leadership in a team environment Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) (CySA+, GICSP, GSEC, Security+ CE, SSCP) Must have, or obtain within 6 months of start date, a PenTest+ certification Must have an active DoD Secret Security Clearance Desired Requirements: Have a Bachelor's degree, or higher, in Cybersecurity, Computer Science, or related field Have experience with Cyber Threat Emulation tools, policies, and procedures Have experience operating custom software on a Linux platform Have experience with security analysis and solutions in WAN/LAN environments (Routers, Switches, Network Devices, Windows, Linux) Have experience with SOC/DCO tools including Firewalls, Intrusion Detection/Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc. Have experience performing security compliance scans across a WAN (ACAS/Nessus preferred) Have a background in configuration, troubleshooting, and deployment of host-based security (ESS preferred) Be able to mentor and train personnel in a high-paced environment Be familiar with DoD Security Operations Centers (SOC/CSSP) Be familiar with DCO/CSSP-guiding security policies and procedures Have an active DoD Top Secret clearance Why LaunchTech? At LaunchTech, we don't just fill seats, we bring in people who want to make an impact. We deliver Excellence, Period. You will join a mission-driven team where your expertise directly strengthens national defense and advances cybersecurity excellence. We offer competitive benefits, including: Medical, Dental, and Vision coverage 401(k) with company match Paid Time Off (PTO) Opportunities to make a meaningful impact while advancing your career And more Ready to Join the LaunchTech Crew? If you're ready to apply your cyber expertise to mission-critical defense operations, we want to hear from you. LaunchTech is an Equal Opportunity Employer. We prohibit discrimination and harassment of any kind. All qualified applicants will receive consideration for employment without regard to race, protected veteran status, color, sex, religion, sexual orientation, national origin, disability, genetic information, age, pregnancy, or any other status protected under federal, state, or local law. Powered by JazzHR CkYm1Mbb4K

Job DescriptionJob Title: Mid-Level Cybersecurity/Watch floor Analyst Clearance: MUST CURRENTLY POSSESS AND ACTIVE TOP SECRET CLEARANCE Noetic is currently seeking a motivated and detail-oriented Mid-Level Cybersecurity/Watch Floor Analyst to join our growing security team. In this junior-level role, you will play a key part in protecting our organization's digital assets by assisting in the detection, analysis, and response to cybersecurity threats and incidents. The ideal candidate will have foundational knowledge of security principles and a strong interest in security operations, with hands-on experience or coursework involving Splunk. BASIC QUALIFICATIONS: Minimum of 5 year of Splunk/SOC experience. Bachelor's in a computer science related field Active Top Secret Clearance Ability and willingness to do shift work MAIN RESPONSIBILITIES: Responsible for monitoring computer networks for security issues. Investigating security breaches and other cybersecurity incidents. Document security breaches and assess the damage they cause. Work with the security team to perform tests and uncover network vulnerabilities, such as penetration testing. Fix detected vulnerabilities to maintain a high-security standard. Recommend best practices for IT security. Installing security measures and operating software to protect systems and information infrastructure, including firewalls and data encryption programs. Must be capable of conducting analysis, confirming intrusion information and creating a forensically sound duplicate of the files. Decrypts data and provides technical summaries and input. Examines recovered data for relevant information and performs dynamic analysis to include timeline, statistical, and file signature analysis. Performs real-time cyber defense handling tasks to support deployable Incident Response Teams (IRTs). PREFERRED QUALIFICATIONS Microsoft Sentinel GIAC Continuous Monitoring Certification (GMON) GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) GIAC Certified Intrusion Analyst (GCIA) GIAC Network Forensic Analyst (GNFA) Noetic Strategies Inc. offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Noetic Strategies Inc. is an equal opportunity and affirmative action employer that does not discriminate in employment. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status. Noetic Strategies Inc. endeavors to make ************************ accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact noeticstrategies.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Powered by JazzHR 6IxgcPuXI3

Cyber Security Analyst - (2400000X) Description AL-KHOBAR, KINGDOM OF SAUDI ARABIA Cyber Security Analyst Department Information Technology Institution Prince Mohammad bin Fahd University Reports to Manager - Cyber Security introduction The Cyber Security Analyst at Prince Mohammad bin Fahd University protects the university's digital assets, network, and data by identifying vulnerabilities, monitoring threats, and enforcing security measures. This role ensures compliance with security policies, supporting a safe environment for research and academic activities. Job Purpose The Cyber Security Analyst role is to safeguard the university's IT infrastructure by proactively monitoring, identifying, and addressing security threats. This position involves implementing security measures, responding to incidents, and ensuring compliance with security policies to protect data and maintain the integrity of university systems. The analyst plays a key role in supporting a secure environment for all digital and academic activities. Duties and Responsibilities Major Duties/ Responsibilities: · Monitor all networks and computer systems to prevent, detect, and investigate security breaches. · Perform penetration testing to ensure the company's networks are free of bugs that malware authors can take advantage of. · Design and implement multilevel security strategies to protect networks and data resources. · Plan computer and network security upgrades and test hardware and software related to the upgrade. · Stay up to date on new information technologies and apply those innovations in the company's security standards and best practices. · Lead analysis of current architecture, risk exposure and defining mitigation measures in order to develop suitable recommendations. · Highlight Cyber Security threats and prepare the official reports. · Lead assessments of company's security posture including benchmarking/maturity assessments. · Lead design of cyber security solutions and development of detailed technical specifications for the approved designs. · Lead implementation, integration and testing of approved security solutions. · Provide specialist technical support and address technical problems related to applications and production equipment to ensure any complex/escalated issues are handled with no or minimal downtime. · Oversee/perform preventive maintenance as per schedule to ensure relevant security systems/processes remain fit for purpose. · Provide subject matter expertise for cyber security related projects throughout its lifecycle to ensure delivery is as per plan/budget and client/TCC expectations. · Prepare and deliver technical presentations for successful project delivery · Lead cybersecurity evaluation and configuration review services · Anticipate future problem areas by monitoring workflows and network traffic patterns. · Prepare and perform cyber security awareness activities. · Prepare work papers documenting procedures performed and that fully support audit findings. · Assist IT operational audits in accordance with the annual audit plan. · Follows up the action plan progress (such as penetration tests, vulnerability scans) and ensures that recommendations are implemented in a timely manner · Assist staff members when they need help with security products and processes. Job-Specific Skills: · Working experience in a SOC or NOSC environment · Must have strong working knowledge of information technology, including applications, networks and systems. · Knowledge in performing IT Audit reports · Experience in performing Risk Assessments reports. · Experience in developing Business Continuity Plans and Disaster Recovery Plans · Knowledge in the usage of vulnerability assessment and penetration testing tools · Knowledge of security attacks techniques, familiar with MITRE ATT@CK framework · Experience in using MS Office, MS Visio, Project Management tool. · Experience in project management, problem-solving, training/coaching, presentation skills, and conflict resolution skills. · General knowledge of ISO 27001, ITIL or other control frameworks · Experience in writing SOP's - operation manuals · Independent, motivated, and ambitious personality Qualifications & Experience (Required) Bachelor's degree in computer science, technology or computer engineering 5 to 8 years of experience in progressively more complex and responsible operational roles within a dynamic Enterprise function Certified CompTIA Security+, CEH, CCNA, CCNP, CISSP (preferred) Experience in Cisco ASA, WatchGuard, Juniper, CheckPoint Firewall Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture Experience in Patch Management and vulnerably assessment. Knowledge and understanding of relevant legal and regulatory requirements. Knowledge of common information security management frameworks. Experience in Information Security and NCA controls implementation. Having experience in IT, Operational IT, Cybersecurity, incident detection, incident response, and forensics. Maintain quality service delivery by adhering to company standards and best practices. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Familiarity with information technology concepts such as infrastructure, cyber security, and application controls. Great awareness of cybersecurity trends and hacking techniques. On-call network troubleshooting Knowledge, Skills and Abilities (Required) · Strong written and verbal communication skills · Strong focus on first time quality · Desire to grow technical skills and ability to learn new technologies swiftly · High attention to detail, self-starter, result driven · Ability to work in a cross-functional team · Professional, polite, and attentive while also being accurate · Always prepared and responsive, willing to meet each challenge directly · Teamwork · Problem solving, Leadership · Perseverance and motivation · Ability to work under pressure, Confidence · Managing ambiguity, Resilience · Analytical skills, IT skills Disclaimer PMU reserves the right to alter, amend and add responsibilities to this position in line with the institutional needs. Changes and amendments to this job description shall be within the academic framework and the general employment conditions. Primary Location: Al-KHOBARJob: AnalystOrganization: Information Technology DepartmentSchedule: Regular StandardJob Type: Full-time Job Posting: Feb 25, 2025, 9:10:34 AM

Support the Missile Defense Agency (MDA) with development and analysis of programmatic data for program management support, to include monitoring and reporting against the acquisition program baselines, and assistance with program oversight and execution briefings. Alternative responsibilities may encompass development and execution of acquisition strategies/plans, contract requirements packages (e.g., writing SOWs, CDRLs, special provisions, source selection evaluation plans) and supporting prime contract monitoring/management activities. CompTIA Certification Preferred. Certified Authorization Professional (CAP) certification (or ability to attain within 90 days after employment) Provide interpretation and execution of MDA Acquisition policy, directives, guidance, and instructions Provide program management support in developing, maintaining, and reporting against program baselines, gathering and analyzing programmatic data for internal Agency oversight reviews of programs (e.g., MDAR, DPR, PER, PMRs, internal reviews) Prepare briefings and correspondence in response to internal taskings and external RFIs (e.g., GAO/Congressional/DoDIG/DoD oversight organizations) Analyze acquisition requirements and provide recommendations during pre-solicitation phase through contract execution Support program and contract management processes through the preparation and/or review of acquisition and program management documentation, briefings, white papers, reports, metrics Provide support through all phases of the acquisition cycle with an emphasis on cybersecurity throughout the process Requirements Prior MDA experience preferred. Advanced level - Master's degree required and/or 15 years' experience Intermediate level - Bachelor's degree required and/or 10 years' relevant experience Knowledge and experience in acquisition, procurement, and contracting highly desirable Solid background in MS Office tools suite (e.g., Word, Excel, PowerPoint, Access) essential Must possess exceptionally strong communications and analytical skills, be a self-starter, detail oriented, work well with a team, interacts with multiple levels and functional areas and able to manage customer and contractor relationship SECRET or above Security Clearance required.

Description & Requirements Smurfit Westrock (NYSE:SW) is a global leader in sustainable paper and packaging solutions. We are materials scientists, packaging designers, mechanical engineers and manufacturing experts with a shared purpose: Innovate Boldly. Package Sustainably. Guided by our values of integrity, respect, accountability and excellence, we use leading science and technology to move fiber-based packaging forward. Our Technology Organization Is Transforming How We Work At Smurfit Westrock. We Align With Our Businesses To Deliver Innovative Solutions That * Address specific business challenges, integrate processes, and create great experiences * Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age * Imagine how technology can advance the way we work by using disruptive technology We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology. How You Will Impact Smurfit Westrock * Work with mill and plant engineering SMEs and operational staff to design, implement and support the security of ICS networked systems. * Participate in risk assessments, network design reviews, and security testing for networks, systems, and applications. * Evaluate new security technology & emerging threats and provide recommendations to strengthen the OT security environment. * Utilize existing and newly deployed OT security solutions to perform threat assessments, substantiate security incidents, and effectively respond. * Evaluate available vendor security solutions to determine how they should be deployed in the OT environment. * Consult on ICS security matters as needed and liaison between operations and corporate IT security teams. * Respond and participate in ICS security incident response through phases, including investigating computer and network intrusions and remediation support. * Perform proactive research to identify, categorize, and produce reports on new and existing threats. * Monitor industry ICS trends and recognize opportunities for new and emerging technologies. What You Need To Succeed * Bachelor's Degree or equivalent in a related field of study (including any of the following but not limited to): Information Systems, Network or Electrical Engineering, and Information Security. * Certifications are a plus (GICSP, GRID, CISSP, Cisco, Fortinet, Palo, AWS, Azure) * 3+ years of hands-on experience within the Industrial Controls Systems environment. * 3+ years of previous experience developing and deploying mitigation techniques to defend networks. * In-depth understanding of operating systems, network/system architecture, and IT architecture design. * Experience with maintaining documents, policies, and standards governing the security operations for ICS equipment and networks. * Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS). * Network and system security architecture expertise. * Experience with common security systems and vendors such as cisco, Fortinet, palo * Understanding IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET). * Knowledge of IT and OT security best practices and knowledge of the differences. * Understanding threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques. * Superior organization and follow-up skills. * Excellent verbal and written communication skills * Strong oral and written communication skills. * Willingness to travel (up to 50%) What We Offer * Corporate culture based on loyalty, integrity, & respect. * Comprehensive training with numerous learning and development opportunities * An attractive salary reflecting skills, competencies, and potential. * A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work. Candidates are required to undergo a drug screening after receiving a conditional job offer, but before starting employment. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law.

Job DescriptionEast Tennessee company is seeking a Cyber Security Vulnerability Analyst to perform defensive cyber operational tasks, respond to reported incidents, and track remediation of client system vulnerabilities to include industrial control systems. The ideal candidate will be an experienced analyst with a strong background in addressing network vulnerabilities and conducting incident response activities. This is a full-time, hybrid position that will work onsite in Oak Ridge, TN 2-3 days each week. Job Responsibilities: • Join the Defensive Cyber Operations Group's multi-disciplinary team in responding to advanced Cyber threats from targeted phishing to network-based threats, ransomware, and APT-level activity in a Tier 2 role. • Mentor the DCO's junior staff, developing their technical and incident resolution skills. • Participate in incident response activities involving multiple teams and functions. • Serve as primary coordinator for ORNL response to federal Binding Operational Directives and data calls. • Leverage internal and external vulnerability scanning scan data to maintain a comprehensive view of ORNL's threat profile and risk status. • Automate key DCO functions using Tines technology • Partner with Emerging Threat team to remediate extant vulnerabilities identified by their intelligence activities. • Maintain strong collaborative and data sharing relationships with DOE headquarters Cyber units, other DOE laboratories, and external entities. • Leverage EDR, SIEM, IDS, and PCAP tools to identify and investigate cyber threats. • Assist users with the creation, monitoring, and evaluation of policy and device exceptions. • Assist in training and awareness activities to ensure ORNL staff are aware of Cyber Security responsibilities and requirements. • Partner with Cyber Industrial Control System Engineers to monitor the lab's ICS enclaves for operational and security issues Candidates must be able to obtain a federal security clearance so US citizenship is required.

Analyze customer requirements to develop project schedules, establish milestone targets, and ensure on-time delivery. Exercise sound judgment and decision-making when evaluating multiple courses of action. Conduct comprehensive quality control assessments to maintain high standards throughout the project lifecycle. Develop and deliver executive-level briefings and presentations, tailored for senior leadership and stakeholders. Utilize online research and analytical tools to troubleshoot and resolve issues effectively. Manage Plans of Action and Milestones (POA&M) to track and report on progress, compliance, and risk mitigation. Operate within the eMASS (Enterprise Mission Assurance Support Service) environment to document security controls, track authorization status, and maintain continuous monitoring compliance. Advise and Assist the customer on improvements and corrections to future and existing policies, processes, procedures. Perform Quality control of Prime contractor tasks and artifacts Advise and Assist the customer on improvements and corrections to future and existing policies, processes, procedures. Perform Quality control of Prime contractor tasks and artifacts Demonstrates competent knowledge of the Risk Management Framework, Computer Network Defense, and Vulnerability Mgmt. Self starter that requires some or little direction on how to execute key tasks Good communication skills with internal motivation and professionalism Works directly with other contracts and the government to minimize risk to the agency Adequate problem solving skills to resolve issues and mitigate risk Trains and develops Basic level employees Demonstrates the ability to utilize cybersecurity tools (ACAS, ESS, Tanium, SIEM, eMASS) to generate cybersecurity reports and deliverables Conducts quality reviews of all Cyber policies and documentation and makes update recommendations Actively pursues advanced level knowledge/skills required for Advanced Role Delivers quality products that require minimal modifications At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here.

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

+ This position provides support to the Grid Operations and Planning Research area within client Company's Research & Development. + The engineer will support projects and in time lead efforts to deploy and evaluate the performance of emerging technologies in this arena. + The position is focused on cyber-physical security research for Transmission and Distribution. + The engineer will support cyber-physical security projects with power system and cyber modeling, simulation, and analyses to identify and characterize threats, and vulnerabilities and develop mitigation approaches. + Data from various sources and analytics tools will be leveraged to develop models to characterize normal power system and cyber data to facilitate the identification of anomalous events. + Working knowledge of intrusion detection, risk assessment frameworks, databases, data structures, computer networking is required as well as an aptitude to apply engineering analysis to solve problems. **Description:** + This position supports the Schatz Grid Visualization and Analytics Center (SGVAC) within client Company's Research & Development department. + The SGVAC is an innovation center that facilitates the research, pre-operational development and assessment and demonstration of situational awareness technologies for Transmission and Distribution. + Areas of focus include synchrophasor technology, next generation control center functionalities, cyber security testing, new visualization approaches, DERMS platform evaluation, data analytics as well as modeling and simulation including via a Real Time Digital Simulator (RTDS) with hardware-in-the-loop testing capability. **Qualification Requirements** + Experience in cybersecurity, including cyber security modeling and simulation + Experience with intrusion detection and risk assessment frameworks is required + Experience in power system modeling and simulation + Experience with data analytics including machine learning required + Experience with computer programming (Python, C#, SQL) desired **Job Responsibilities:** + Develop research plan to evaluate new technology + Manage multiple tasks at one time + Provide documentation of study assumptions and methods used to arrive at results + Provide informative reports and presentations on projects + Some overnight travel may be required but this is not extensive. **Other Knowledge, Skills & Abilities** + Must demonstrate good communication skills, both internal and external to the company + Must have excellent organizational skills + Must possess analytical skills as well as the ability to manage multiple projects simultaneously + Must work well in a team environment + Must have the ability to manage your own work schedule and work with limited direction + Must have strong initiative - a self-starter + Must be great at problem solving **Education:** + Bachelors in computer science, computer engineering, cyber security, information systems, electrical engineering or related field required + Advanced degree in EE, computer science or other related fields strongly preferred. **About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Build an Aviation Career You're Proud Of At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture supports you in building a solid career with a great team you can count on day in and day out for the long term. Summary: As an IT Security Analyst position is a critical role in protecting StandardAero's business and technology operations. In this role you will be accountable in securing the enterprise technology and operations against an ever evolving and growing threat landscape. The role is an integral position in supporting StandardAero's global cyber-security defenses, providing tactical cyber security objectives and implementing the security strategy across the organization. What you'll do: Conduct risk and security assessments through vulnerability analysis and reporting Perform mitigation support for both internal and external security audits Investigate, analyze and document security incidents to identify and document the root cause Provides incident response support including mitigating actions to contain activity and facilitating forensics analysis when necessary Partner with IT Operation teams to remediate system vulnerabilities Participates in the production of documentation and management reporting Research security enhancements and make recommendations for improved policy and process Analyze IT requirements and provide objective advice on the use of new IT security offerings Stay up-to-date on information technology and cybersecurity trends and standards Other IT Security-related duties as required Capable of identifying, evaluating and mitigating significant risks within an enterprise. Strong working experience with Microsoft Office Suite. Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience. Possess strong analytical skills attention to detail. Ability to prioritize assignments while working on multiple projects Ability to work independently and proactively to meet assigned objectives Flexible with the ability to multi-task, effectively prioritize and work under pressure Basic project management Design, implement, administer, support and maintain cybersecurity technology systems (Endpoint Protection, IDS/IPS, Web and Email Security, SIEM, Multi-Factor Authentication, Network Access Controls, DLP, etc.) Analyze, report and respond to security alerts within the various IT technologies and global locations Proactively remediate information technology security threats as a member of the security team Assist in the designing, documenting, architecting and implementing IT security measures and controls Provide support through ‘Threat Hunting' against anomalous behavior within the enterprise. Correlates activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources Threat mitigation; malicious code detection, response and prevention; operating system security oversight Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field; equivalent experience may be considered. 5+ years of progressive experience in cybersecurity and IT, including hands-on security operations, threat detection, or engineering. 5+ years of experience in SIEM Administration, endpoint protection, vulnerability management tools, and security automation. 5+ years of experience of network and application security, threat actor tactics (MITRE ATT&CK), and incident response frameworks. 5+ years of experience working in regulated environments or with industry frameworks (e.g., NIST, ISO 27001, CIS, or CMMC). Preferred Qualifications: IT Security Certification, specifically GSEC, CEH, CISSO, CISA or CISSP, GCIA, OSCP and ITIL SDLC, and understand application security. Containerization and Development Security Operations Benefits that make life better: Comprehensive Healthcare 401(k) with 100% company match; up to 5% vested Paid Time Off starting on day one Bonus opportunities Health- & Dependent Care Flexible Spending Accounts Short- & Long-Term Disability Life & AD&D Insurance Learning & Training opportunities Raising the Standard of Excellence since 1911 With over a century of proven excellence, StandardAero has become an industry leader in MRO services and customized solutions in the aerospace field. Our shared values and learning-based culture inspire our team to exceed their potential and power our customers' missions worldwide. With on-the-job training, advancement opportunities, and excellent benefits, StandardAero invites you to experience a fulfilling and meaningful career with us. Inclusivity Is Our Standard It is StandardAero's policy to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Our supportive environment celebrates diversity with no room for harassment or discrimination of any kind. We invite you to bring your authentic self to our team and experience our welcoming culture.

Description Summary: This role supports the advancement of the organization's Information Security Program, ensuring robust protection of customer, consumer, and proprietary data against evolving threats. The position is a key player with strategic initiatives, enforces corporate and regulatory compliance, and continuously enhances security posture through proactive risk management and visibility improvements. Essential Duties and Responsibilities: Support the security strategies aligned with organizational goals. Lead or serve as a key participant in audits, regulatory examinations, and vendor assessments. Ensure compliance with industry standards and regulatory requirements. Maintain InfoSec dashboards using Power BI to track key metrics and identify trends. Provide actionable insights to leadership for continuous improvement of security controls. Implement and optimize security measures to reduce network risk and enhance visibility. Continuously improve security controls, policies, and procedures to address emerging threats. Manage and audit intrusion prevention systems, SIEM, antivirus, vulnerability management, and content filtering solutions. Oversee patch management for operating systems, applications, and hardware. Partner with technology and compliance teams to resolve security issues and implement strategic initiatives. Manage Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) tools and associated governance controls. Education and/or Experience Bachelor's degree or equivalent experience 5+ years in Information Security or IT Audit, with demonstrated leadership in security strategy and risk management. CISSP required Skills and Abilities Ability to assess, prioritize, and mitigate risks across complex environments. Strong experience with audit processes, regulatory examinations, and vendor risk assessments. Skilled in translating technical data into actionable insights for leadership Ability to demonstrate the highest level of ethical behavior and confidentiality and maintain confidentiality with sensitive information. Respectful demeanor toward other associates and managers that promotes a positive and professional work environment. FirstBank does not accept unsolicited resumes from agencies and staffing firms. Recruitment agencies and consultants may not submit resumes directly to managers. FirstBank will not pay fees to any third-party agency or company that does not have a signed agreement as an approved vendor. FirstBank in an Equal Opportunity Employer, including disability.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice

DESE Research, Inc. is excited for the opportunity to add an Information Systems Security Officer to our existing team. If you feel like you have the skills and qualifications for this position, please apply now! Job Details: The successful candidate will oversee day-to-day information system security operations including auditing hardware, software implementations, and risk assessments. The candidate will upkeep, monitor, analyze, and respond to network and security events. The candidate will ensure configuration management for security relevant IS software, hardware, and firmware are maintained and documented. The candidate will implement Risk Management Framework (RMF) security controls utilizing DISA Security Technical Implementation Guides (STIGs). Required Qualifications: An active DOD Secret clearance 5-10 years of experience in cyber security engineering/analysis, supply chain risk management, logistics, product management, program protection planning, or system security engineering Experience with IS auditing and investigations Knowledgeable of operating system security requirements Hands-on experience with industry-standard Information Assurance tools Security+ Certification CompTIA CySA+ certification Required Education Qualifications: Bachelor's Degree in Cyber Security, an Engineering Discipline, Logistics, or Supply Chain Desired Qualifications: Overall knowledge of Information Systems Security and ISSO duties Working knowledge of system administration and network administration Working knowledge of classified defense contracts DoD 8570 IAM Level II Certification Why employee's love working for DESE: At DESE, we are committed to creating a company that is known for its respect and care for employee's. We understand that happy employees are what keeps our business going and we strive to provide the best opportunities for each individual working on our team! Here are a few reasons you will love working here: Competitive salaries Annual performance bonuses Robust 401k profit sharing plan Competitive health, dental & vision insurance with affordable premiums Flexible work schedules Two different flexible spending account options Company paid life insurance & Accidental Death & Dismemberment Education reimbursement program Personal leave for approved philanthropic activities Vacation, Sick & Holiday leave Opportunities for internal promotions Employee referral incentive program Rewards and gifts for service anniversaries Disability Accommodation for Applicants - DESE Research, Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following alternative email address or phone number to contact us about your interest in employment with us: ********************** or ************x123.

+ Analyze customer requirements to develop project schedules, establish milestone targets, and ensure on-time delivery. + Exercise sound judgment and decision-making when evaluating multiple courses of action. + Conduct comprehensive quality control assessments to maintain high standards throughout the project lifecycle. + Develop and deliver executive-level briefings and presentations, tailored for senior leadership and stakeholders. + Utilize online research and analytical tools to troubleshoot and resolve issues effectively. + Manage Plans of Action and Milestones (POA&M) to track and report on progress, compliance, and risk mitigation. + Operate within the eMASS (Enterprise Mission Assurance Support Service) environment to document security controls, track authorization status, and maintain continuous monitoring compliance. + Advise and Assist the customer on improvements and corrections to future and existing policies, processes, procedures. + Perform Quality control of Prime contractor tasks and artifacts + Advise and Assist the customer on improvements and corrections to future and existing policies, processes, procedures. + Perform Quality control of Prime contractor tasks and artifacts + Demonstrates competent knowledge of the Risk Management Framework, Computer Network Defense, and Vulnerability Mgmt. + Self starter that requires some or little direction on how to execute key tasks + Good communication skills with internal motivation and professionalism + Works directly with other contracts and the government to minimize risk to the agency + Adequate problem solving skills to resolve issues and mitigate risk + Trains and develops Basic level employees + Demonstrates the ability to utilize cybersecurity tools (ACAS, ESS, Tanium, SIEM, eMASS) to generate cybersecurity reports and deliverables + Conducts quality reviews of all Cyber policies and documentation and makes update recommendations + Actively pursues advanced level knowledge/skills required for Advanced Role + Delivers quality products that require minimal modifications At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here (***************************************** . Required SkillsRequired Experience Required Qualifications + Associates Degree (or higher) in applicable field + Minimum of 4 years DoD cyber experience + Knowledge demonstrated in cyber and missile defense related or other complex large DoD Programs/Projects + Active/Current DoD IAM Level I certification (CompTIA Security+ CE or equivalent) + Must be able to obtain eMASS Certification + Active DoD SECRET security clearance + U.S. Citizenship required Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

Job DescriptionDefensive Cyber Operations Junior Analyst East Tennessee Research and Development facility with the Department of Energy seeks to hire a Junior Cyber Security Analyst to immediately support their Defensive Cyber Operations (DCO) team. This position's primary responsibility is to conduct event triage in a tiered operational security model while training in and supporting threat hunting and threat intelligence tasks. Responsibilities: Support the DCO environment in identification and analysis of threats in Security Incident and Event Management (SIEM) alerts, dashboards, and queries Resolve or escalate alerts/events/incidents as defined in DCO service level agreements according to level of severity Help develop advanced queries and alerts to detect adversary actions and compile detailed investigation and analysis reports for internal DCO consumption, and for delivery to management Work with the Emerging Threat team to capture intelligence on threat actor tactics, techniques, and procedures (TTPs) and leverage automated and manual countermeasures in response Work with the Threat Hunting team to perform hypothesis-driven hunts of the network for undetected threats Field customer requests for support ranging from potential phishing events to abnormal system activity Triage reports from DOE entities, CISA, and external penetration testers, and coordinate resolution with system administrators in keeping with BOD 18-01, 19-02, and 22-01 requirements Analyze suspicious links and attachments in a secure malware analytics platform as part of a comprehensive phishing analysis procedure Triage malware and anomalous activity alerts generated by an EDR system Requirements: Bachelor's degree in Computer Science or related field with 1-2 years of cyber operations work experience or an equivalent amount of education and experience Experience with ServiceNow, JIRA ServiceDesk, or other ticketing system Relevant certifications (GSEC, Security+, CEH, etc) preferred The position requires eligibility to obtain a DOE security clearance. Candidates with an Active Q Clearance or Top-Secret Clearance are a plus