Cyber security analyst jobs in Hernando, MS

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

Jr. Security Analyst Our client is currently looking for a Jr. Security Analyst to join their team in a long term contract capacity focusing on an increase in compliance and audit work heading into the new year. This person will be brought on to support an established information security and compliance team. This role is ideal for someone looking to grow in TPA (Third Party Assessment), audit support, compliance operations, NIST frameworks, and GRC practices. Below is a breakdown of what our enterprise client is looking for in their potential candidate! Key Responsibilities Support Third Party Assessments (TPAs) by gathering evidence, tracking documentation, and helping review vendor security controls. Participate in internal and external audit readiness tasks including evidence collection, control testing preparation, remediation tracking, and audit log review coordination. Assist with vulnerability scan reporting, ticket creation, and follow-up with technical teams on remediation tasks. Support intake, documentation, and status tracking of new compliance and security projects. Help maintain dashboards, risk registers, and compliance reporting metrics within the GRC tool. Participate in annual assessment activities including contingency plan exercises, incident response tests, access reviews, and other required security program tasks. Assist with audit log reviews and routine monitoring processes as assigned. Maintain structured, accurate documentation to support continuous compliance efforts. Minimum Qualifications 1-3 years of experience in security, IT, audit, or compliance support roles (internships or rotational experience accepted). Foundational knowledge of NIST frameworks, FISMA requirements, or other security compliance standards (HIPAA, SOC 2, ISO 27001 a plus). Experience with GRC platforms (ServiceNow, Archer, OneTrust, ZenGRC, etc.) OR strong interest in learning. Strong attention to detail with the ability to create, edit, and maintain structured documentation. Proficiency with Microsoft Office and basic workflow tracking tools (Excel, SharePoint, Confluence, Smartsheet, etc.). Familiarity with basic cybersecurity terminology and frameworks (e.g., CIS Controls). Experience supporting compliance evidence collection or policy documentation. Interest in security governance, risk, and compliance as a long-term career path.

The Senior Principal Consultant will work as a senior expert on the successful delivery of projects for clients as a member of a project team within a market program. This includes providing technical expertise to the project manager and team members with initiating, planning, executing, monitoring and controlling, and closing projects. This position also includes maintaining relationships with clients and key decision-makers to help identify follow-on Business opportunities and maintain customer intelligence. What You Will Do: * Provide expertise on project tasks to ensure quality services are delivered on schedule and within the available budget to meet customer requirements. * Define project tasks, estimate task duration, and develop a project schedule as part of developing a project management plan * Review project management plans to understand the scope, schedule, and assigned work authorization * Provide technical expertise to support the execution of project tasks * Develop briefing materials and write reports to communicate concepts and analysis results to clients and end users * Lead research and data analysis, including but not limited to assisting with conducting customer or stakeholder analyses * Prepare written documents, and reports, and provides presentations to clients. * Develop conclusions and recommendations, write reports, and assist with client presentations * Track and reports hours spend executing projects * Work with individuals at all levels, provide input to reports and other deliverables, execute multiple assignments, meet agreed deadlines, and adjust to changing client demands * Develop relationships with existing customers to facilitate the development of new business. * Identify new business opportunities with existing customers for current and/or additional services * Participate in marketing activities, conference presentations, technical whitepapers * Assist with proposal development, including writing proposals, estimating the level of effort * Learn, understand and be conversant in ABSG Industrial Cybersecurity products and services * Review published reports and news articles about existing and potential new clients to identify customer intelligence * Networking to meet new potential clients * Serves as senior technical expert guiding project tasks and ensuring quality, schedule, and budget compliance. * Project management with planning, sequencing tasks, estimating durations, and developing project schedules. * Performs quality assurance on deliverables and tracks project execution metrics. * Maintains and develops relationships with clients and key decision-makers. * Actively participates in client meetings, presentations, and proposal development. * Identifies new business opportunities through client interactions and market intelligence. * Communicates client needs internally and contributes to proposal writing. * Leverages subject matter expertise to drive growth and expand services. What You Will Need: Education and Experience * Bachelor's degree in Computer Science, Business, or a recognized equivalent from an accredited university. * Experience will be considered in lieu of education, preferably in data processing or a related field. * Typically requires a minimum of five (5) years of working with a Customer Relationship Management System (CRM). * Proven experience in Systems Development environment with project management responsibility for successful projects. * Extensive IT and functional experience in cultivating positive customer relationships. experience working in organizations to support services provided to internal/external clients * PMP Certification is preferred. * Microsoft Dynamics CE experience preferred Knowledge, Skills, and Abilities * Analytical and problem-solving capabilities. * Strong understanding of sales, marketing, and customer service processes, to ensure functionally correct implementation. * Strong understanding of Dynamics 365 CRM design, structure, functionality, and processes. * Knowledge of CPQ (Configure, Price, Quote), PRM (Partner Relationship Management), CLM (Contract Lifecycle Management), and Sale Compensation Management applications, and their functionality. * Managed complete life cycle projects involving multiple cross-functional business teams. * Excellent verbal, written, and presentation skills consistent with a client group, including senior managers & executives. * Knowledge of Microsoft Power Platform, working with Power BI to build data visualization, and Power Automate implementing business workflow. * Strategic while also able to perform tactical duties. * Self-starter, highly motivated with the ability to work with limited supervision. * Experienced in the design and maintenance of business applications. * Ability to obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management System. Salary: $210k - $220k Reporting Relationships: Reports to a Manager, Director, or Executive level position and has no direct reports.

The Senior Principal Consultant will work as a senior expert on the successful delivery of projects for clients as a member of a project team within a market program. This includes providing technical expertise to the project manager and team members with initiating, planning, executing, monitoring and controlling, and closing projects. This position also includes maintaining relationships with clients and key decision-makers to help identify follow-on Business opportunities and maintain customer intelligence. What You Will Do: Provide expertise on project tasks to ensure quality services are delivered on schedule and within the available budget to meet customer requirements. Define project tasks, estimate task duration, and develop a project schedule as part of developing a project management plan Review project management plans to understand the scope, schedule, and assigned work authorization Provide technical expertise to support the execution of project tasks Develop briefing materials and write reports to communicate concepts and analysis results to clients and end users Lead research and data analysis, including but not limited to assisting with conducting customer or stakeholder analyses Prepare written documents, and reports, and provides presentations to clients. Develop conclusions and recommendations, write reports, and assist with client presentations Track and reports hours spend executing projects Work with individuals at all levels, provide input to reports and other deliverables, execute multiple assignments, meet agreed deadlines, and adjust to changing client demands Develop relationships with existing customers to facilitate the development of new business. Identify new business opportunities with existing customers for current and/or additional services Participate in marketing activities, conference presentations, technical whitepapers Assist with proposal development, including writing proposals, estimating the level of effort Learn, understand and be conversant in ABSG Industrial Cybersecurity products and services Review published reports and news articles about existing and potential new clients to identify customer intelligence Networking to meet new potential clients Serves as senior technical expert guiding project tasks and ensuring quality, schedule, and budget compliance. Project management with planning, sequencing tasks, estimating durations, and developing project schedules. Performs quality assurance on deliverables and tracks project execution metrics. Maintains and develops relationships with clients and key decision-makers. Actively participates in client meetings, presentations, and proposal development. Identifies new business opportunities through client interactions and market intelligence. Communicates client needs internally and contributes to proposal writing. Leverages subject matter expertise to drive growth and expand services. What You Will Need: Education and Experience Bachelor's degree in Computer Science, Business, or a recognized equivalent from an accredited university. Experience will be considered in lieu of education, preferably in data processing or a related field. Typically requires a minimum of five (5) years of working with a Customer Relationship Management System (CRM). Proven experience in Systems Development environment with project management responsibility for successful projects. Extensive IT and functional experience in cultivating positive customer relationships. experience working in organizations to support services provided to internal/external clients PMP Certification is preferred. Microsoft Dynamics CE experience preferred Knowledge, Skills, and Abilities Analytical and problem-solving capabilities. Strong understanding of sales, marketing, and customer service processes, to ensure functionally correct implementation. Strong understanding of Dynamics 365 CRM design, structure, functionality, and processes. Knowledge of CPQ (Configure, Price, Quote), PRM (Partner Relationship Management), CLM (Contract Lifecycle Management), and Sale Compensation Management applications, and their functionality. Managed complete life cycle projects involving multiple cross-functional business teams. Excellent verbal, written, and presentation skills consistent with a client group, including senior managers & executives. Knowledge of Microsoft Power Platform, working with Power BI to build data visualization, and Power Automate implementing business workflow. Strategic while also able to perform tactical duties. Self-starter, highly motivated with the ability to work with limited supervision. Experienced in the design and maintenance of business applications. Ability to obtain a working knowledge of the ABS Health, Safety, Quality, and Environmental Management System. Salary: $210k - $220k Reporting Relationships: Reports to a Manager, Director, or Executive level position and has no direct reports.

Job DescriptionEast Tennessee company is seeking a Cyber Security Vulnerability Analyst to perform defensive cyber operational tasks, respond to reported incidents, and track remediation of client system vulnerabilities to include industrial control systems. The ideal candidate will be an experienced analyst with a strong background in addressing network vulnerabilities and conducting incident response activities. This is a full-time, hybrid position that will work onsite in Oak Ridge, TN 2-3 days each week. Job Responsibilities: • Join the Defensive Cyber Operations Group's multi-disciplinary team in responding to advanced Cyber threats from targeted phishing to network-based threats, ransomware, and APT-level activity in a Tier 2 role. • Mentor the DCO's junior staff, developing their technical and incident resolution skills. • Participate in incident response activities involving multiple teams and functions. • Serve as primary coordinator for ORNL response to federal Binding Operational Directives and data calls. • Leverage internal and external vulnerability scanning scan data to maintain a comprehensive view of ORNL's threat profile and risk status. • Automate key DCO functions using Tines technology • Partner with Emerging Threat team to remediate extant vulnerabilities identified by their intelligence activities. • Maintain strong collaborative and data sharing relationships with DOE headquarters Cyber units, other DOE laboratories, and external entities. • Leverage EDR, SIEM, IDS, and PCAP tools to identify and investigate cyber threats. • Assist users with the creation, monitoring, and evaluation of policy and device exceptions. • Assist in training and awareness activities to ensure ORNL staff are aware of Cyber Security responsibilities and requirements. • Partner with Cyber Industrial Control System Engineers to monitor the lab's ICS enclaves for operational and security issues Candidates must be able to obtain a federal security clearance so US citizenship is required.

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

Cloud Security Managed Service Sales Engineer Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.. The team Our Cyber Strategy & Transformation offering develops and transforms cyber programs in line with a client's strategic objectives, regulatory requirements, and risk appetite. It keeps the enterprise a step ahead of the evolving threat landscape and gives stakeholders confidence in the organization's cyber posture. Includes design of the cyber organization, governance, and risk assessments. Recruiting for this role ends on 5/29/2026. Work you'll do As a Cloud Security Sales Engineer you will be on the forefront of client solution and service design within our Cloud Security Program. You should possess a deep understanding of the Cloud Security landscape. Experience with the sales and pursuit process is a plus, as is the ability to assess client needs for optimal service recommendations for the near-term and long-term. Sales Engineering responsibilities include: + Developing an in-depth knowledge of the Cloud Security product + Articulating the technical value proposition, differentiators, and capabilities of the product to prospective clients and partners + Demonstrating the product to technical and non-technical client audiences at the executive and/or technical level + Independently coordinating all aspects of technical product evaluations, from demos and installations to helping prospective clients interpret the security related insights provided by our offering + Working with client executive partners, product management and other sales stakeholders to scope potential opportunities, construct sales proposals and help coordinate the pre-sales / sales process + Helping with some post-implementation support for key clients to ensure that clients are onboarded satisfactorily + Working with product management / product development team to communicate feedback and champion customer requirements for incorporation into the roadmap Required Qualifications: + 7+ years of experience in security information and/or technology engineering + 2+ years of hands-on experience with Cloud Security technologies and products / tools with at least one or more of the 3 major Cloud Platform (AWS, Azure or GCP) + 2+ years of experience working with alliance vendors such as Crowdstrike, Splunk, Wiz, etc + 2+ years of experience driving sales within the cyber/cloud security market, including lead generation, sales cycle management, and proposal development + 2+ years of demonstrated experience working with Microsoft applications including PowerPoint, Word, and/or Excel + At least 1 year of experience coordinating multi-faceted sales strategies for strategic opportunities, including navigating complex stakeholder environments and leveraging funding mechanisms and software resell to improve win probability + Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve. + Limited immigration sponsorship may be available. Preferred: + 4+ years working with Cloud Security providers and vendors + At least 1 year of experience working in a cyber-related professional services environment + 2+ years of demonstrated analytical and problem-solving skills + Bachelor of Science with a concentration in computer science, information systems, information security, cloud security, identity, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $ 144,200 -$265,600 . You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: ************************************************************************************************************ All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

WHAT YOU WILL DO Support a complex security architecture that includes but not limited to: Next generation firewalls, web filtering, e-mail security, DLP, Identity Access Management, Vulnerability management, Endpoint Protection, SIEM and forensic analysis Design and implement network security controls for multiple locations Lead large and complex projects while managing resources effectively. Develop and maintain appropriate Information Security technical documentation as well as providing reviews and updates of existing policies and procedures. Identify opportunities and recommend solutions for improving service, efficiency and effectiveness. Provide inputs for formulating security architecture recommendations and design of security services. Enforce the organization's security policies and mitigate security risks to preserve the confidentiality, integrity and availability of business services Provide IT support for end users as needed Requirements: BS degree in Information technology, computer science or relevant field preferred A minimum of 2 years' experience in a role as an IT Security professional Information Security Certifications like CISSP, GCIH, CCNA, Security+, CEH a plus Experience with supporting end users in a technical support role Experience with implementing security solutions in an enterprise environment Experience with network security management (Firewalls, Switches, IDS/IPS; VLAN, ACLs, NAC, SDWAN) Experience with security frameworks like NIST 800-171, ISO 27002 & CIS Experience with SOX audit and compliance requirement functions Strong written, oral, interpersonal and organizational skills; attention to detail; highly collaborative; ability to and interested in interacting with individuals at all levels of the organization Working knowledge of various privacy, risk and security standards and practices Experience in Cloud security (Azure & AWS) as plus

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Are you looking for a great team environment? Southern Farm Bureau Casualty Insurance Company is currently seeking a Senior Security Analyst-Application. Southern Farm Bureau is a great company and an excellent place to work. The Company offers a family-oriented work environment and a rich benefit package including paid time off, company matched 401(k), pension/retirement, medical, dental, vision, group life, accidental death and dismemberment, employee assistance program, a continued education program, and a hybrid home/office work schedule. This position is located in Ridgeland, MS. Under limited supervision, responsible for comprehensive range of tasks, including everyday management of information security tools and devices, along with responsibilities for information security administration of a wide diversity of Farm Bureau IT systems. This position will have a primary focus on Application Security. This position is charged with ensuring the integrity and security of applications deployed or being developed at our organization. This position will serve as the bridge between the development team(s) and the security team. Essential Functions • Perform and/or assist with internal application security assessments as needed. • Scan web applications for vulnerabilities and exploits & work with other staff members to remediate issues. • Work closely with developers to ensure that security is an integral part of the software development lifecycle • Coordinate and work closely with 3rd party testing teams performing application assessments. • Develop application security training documentation. • Develop the security components of application project plans in coordination with developers and other business units/departments • Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated. • Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures. • May assist in training and development of other personnel when and where required. • Enterprise Risk Management (ERM) risk ownership responsibilities to be conducted as assigned. Additional Responsibilities • Additional hours and on call may be required. • Other duties and responsibilities as assigned. • Regular and predictable attendance is required. Education Level Education Details Req Pref Bachelor's Degree Majoring in Computer Science, Management Information Systems, or related field X And Other Certifications: CISSP, SSCP, Security+, CEH, CISA or CISM in good standing X

Build an Aviation Career You're Proud Of At StandardAero, we use our ingenuity and know-how to find solutions for the simple to the most complex challenges in aviation. Together, we get the job done and done well. Our stability, resources, and respectful culture supports you in building a solid career with a great team you can count on day in and day out for the long term. Summary: As an IT Security Analyst position is a critical role in protecting StandardAero's business and technology operations. In this role you will be accountable in securing the enterprise technology and operations against an ever evolving and growing threat landscape. The role is an integral position in supporting StandardAero's global cyber-security defenses, providing tactical cyber security objectives and implementing the security strategy across the organization. What you'll do: Conduct risk and security assessments through vulnerability analysis and reporting Perform mitigation support for both internal and external security audits Investigate, analyze and document security incidents to identify and document the root cause Provides incident response support including mitigating actions to contain activity and facilitating forensics analysis when necessary Partner with IT Operation teams to remediate system vulnerabilities Participates in the production of documentation and management reporting Research security enhancements and make recommendations for improved policy and process Analyze IT requirements and provide objective advice on the use of new IT security offerings Stay up-to-date on information technology and cybersecurity trends and standards Other IT Security-related duties as required Capable of identifying, evaluating and mitigating significant risks within an enterprise. Strong working experience with Microsoft Office Suite. Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience. Possess strong analytical skills attention to detail. Ability to prioritize assignments while working on multiple projects Ability to work independently and proactively to meet assigned objectives Flexible with the ability to multi-task, effectively prioritize and work under pressure Basic project management Design, implement, administer, support and maintain cybersecurity technology systems (Endpoint Protection, IDS/IPS, Web and Email Security, SIEM, Multi-Factor Authentication, Network Access Controls, DLP, etc.) Analyze, report and respond to security alerts within the various IT technologies and global locations Proactively remediate information technology security threats as a member of the security team Assist in the designing, documenting, architecting and implementing IT security measures and controls Provide support through ‘Threat Hunting' against anomalous behavior within the enterprise. Correlates activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources Threat mitigation; malicious code detection, response and prevention; operating system security oversight Minimum Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field; equivalent experience may be considered. 5+ years of progressive experience in cybersecurity and IT, including hands-on security operations, threat detection, or engineering. 5+ years of experience in SIEM Administration, endpoint protection, vulnerability management tools, and security automation. 5+ years of experience of network and application security, threat actor tactics (MITRE ATT&CK), and incident response frameworks. 5+ years of experience working in regulated environments or with industry frameworks (e.g., NIST, ISO 27001, CIS, or CMMC). Preferred Qualifications: IT Security Certification, specifically GSEC, CEH, CISSO, CISA or CISSP, GCIA, OSCP and ITIL SDLC, and understand application security. Containerization and Development Security Operations Benefits that make life better: Comprehensive Healthcare 401(k) with 100% company match; up to 5% vested Paid Time Off starting on day one Bonus opportunities Health- & Dependent Care Flexible Spending Accounts Short- & Long-Term Disability Life & AD&D Insurance Learning & Training opportunities Raising the Standard of Excellence since 1911 With over a century of proven excellence, StandardAero has become an industry leader in MRO services and customized solutions in the aerospace field. Our shared values and learning-based culture inspire our team to exceed their potential and power our customers' missions worldwide. With on-the-job training, advancement opportunities, and excellent benefits, StandardAero invites you to experience a fulfilling and meaningful career with us. Inclusivity Is Our Standard It is StandardAero's policy to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Our supportive environment celebrates diversity with no room for harassment or discrimination of any kind. We invite you to bring your authentic self to our team and experience our welcoming culture.

This position is responsible for the development, maintenance, and execution of AutoZone's Third Party Risk Management (TPRM) program. Primary responsibilities include program management of the TPRM lifecycle, to include conducting due diligence, assessing and monitoring the security posture of third-party vendors and partners, contract risk analysis, and driving risk mitigation efforts. This also includes teaching domain expertise, providing technical guidance and mentoring, supporting internal business partners, resolving problems, and training as required. **Responsibilities** + Participate in any and potentially all roles of the third party risk management life cycle. Roles may vary by project and assignment. This may include, but is not limited to: + Responsible for the assessment of third-party security controls, services, and architecture to ensure they meet AutoZone's security requirements. + Identify security concerns and mitigating controls; identify, document, and manage risks to AutoZone data, systems, and processes arising from third-party relationships. + Accurate work planning and execution; accurate project and time tracking. + Teaching, coaching, and technical mentoring on third party risk management subject matter to less senior analysts and business stakeholders. **Qualifications** + Typically four to seven years' experience in a third party risk management, vendor management, or cyber risk management role in a mid- to large-enterprise environment. + Solid task estimation, planning and execution skills. + Solid problem solving, domain technical and analytical skills. + Solid skills in risk assessment methodologies and vendor evaluation techniques. + Solid knowledge of one or more of the following functional areaso Third Party Risk Management Program implementation and operations, including vendor onboarding, due diligence, continuous monitoring, and offboarding. o Understanding of common security domains such as Infrastructure and Network Security, Application Security, and Data Protection to effectively evaluate vendor security controls. o Knowledge of relevant industry standards and compliance frameworks (e.g., SOC 2, ISO 27001, NIST, PCI DSS). o Formal Risk Management experience, including risk identification, scoring, and reporting. + Preferred: Experience with OneTrust, Ariba Contract Management, BitSight Continuous Monitoring + Preferred: Bachelor's degree in Computer Science, Information Systems, or a related field. + Preferred: Understanding of, and experience with, scripting or coding languages and generative AI to assist in process automation. **About Autozone** Since opening our first store in 1979, AutoZone has grown into a leading retailer and distributor of automotive parts and accessories across the Americas. Our customer-first mindset and commitment to Going the Extra Mile define who we are, for both our customers and AutoZoners. Working at AutoZone means being part of a team that values dedication, teamwork, and growth. Whether you're helping customers or building your career, we provide tools and support to help you succeed and drive your future. **Benefits at AutoZone** AutoZone offers thoughtful benefits programs with one-on-one benefits guidance designed to improve AutoZoners' physical, mental and financial well-being. **All AutoZoners (Full-Time and Part-Time):** + Competitive pay + Unrivaled company culture + Medical, dental and vision plans + Exclusive discounts and perks, including an AutoZone in-store discount + 401(k) with company match and Stock Purchase Plan + AutoZoners Living Well Program for free mental health support + Opportunities for career growth **Additional Benefits for Full-Time AutoZoners:** + Paid time off + Life, and short- and long-term disability insurance options + Health Savings and Flexible Spending Accounts with wellness rewards + Tuition reimbursement Minimum age requirements may apply. Eligibility and waiting period requirements may apply; benefits for AutoZoners in Puerto Rico, Hawaii, or the U.S. Virgin Islands may differ. Learn more about all that AutoZone has to offer at Careers.AutoZone.com. We proudly support Veterans, Active-duty Service Members, Reservists, National Guard and Military Families. Your experience is highly valued, and we encourage you to apply to join our team. **Online Application:** An online application is required. Click the Apply button to complete your application. For step-by-step instructions on how to apply visit careers.autozone.com/candidateresources. AutoZone, and its subsidiary, ALLDATA are equal opportunity employers. All applicants will be considered for employment without attention to age, race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status, or any other legally protected categories. **Job Identification** 25694 **Job Schedule** Full time

Our client, a large international Information Security Consulting organization, has asked to find a Senior-Level security expert to lead a major SIEM migration. This is a highly visible role with mission critical responsibilities because you will play an integral part of a major multi-year SOC transformation. STRONG SPLUNK UNDERSTANDING IS CRITICAL FOR THIS ROLE. Responsibilities of the SIEM Security Engineer: · Architect and manage SIEM technologies, specifically with ArcSight · Lead a s major SIEM migration into a Splunk environment (complete data migration). · Develop, tune, and maintain tools to automate analysis capabilities with host and log-based security event analysis · optimize event ingestion, reporting and alerting · Create signatures, rule sets, and content analysis definitions for a variety of security detection capabilities · Manage project tasks, reporting, and customer meetings Requirements Requirements of the SIEM Security Engineer: · Splunk Web Framework (reports/dashboards/etc.) · Command line and console-based troubleshooting · Custom parser creation for events in Syslog, ODBC, ad flat file formats · Splunk App creation and scripting experience (Python) · Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc. · Experience supporting large scale SIEM migrations and project task management · Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM). · A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts. Benefits A full and competitive benefits package is available with this role.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: Secret - Current At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our Security team is seeking a Senior Security Analyst to support our team 100% onsite at our facilities in Camden, Arkansas. This person will serve as Alternate Facility Security Officer (AFSO), Designated Government Representative (DGR) and COMSEC hand receipt holder. What You Will Do Ensure adherence to the provisions of the National Industrial Security Program Operating Manual (NISPOM) and National Security Administration 3-16 (NSA/CSS 3-16). Serve as the DGR for foreign sales maintaining US State Department Licenses, communicating with Defense Counterintelligence Security Agency (DCSA) and Foreign DGR's to coordinate classified exports and imports. Report to the FSO for ensuring the open storage areas are properly maintained assist in reviewing articles and documents for appropriate classification markings. Assist the FSO in working with the lead guard to ensure cleared guard scheduling is achieved. Serve as the COMSEC hand receipt holder under supervision of the Facility Security Officer to conduct inventories, receive, transfer, destroy and inventory COMSEC material. Maintain the visitor control program. Follow specialized procedures for the transmission of classified and/or proprietary material/information. Participate in security audits, semi-annual alarms tests, and UL certification. Complete the DCSA SPeD training courses for Facility Security Officer - Possessing Facilities within one year of start date. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 2 years of prior relevant experience, or an Advanced Degree in a related field. Experience scheduling Guard Rotations. Experience with administrative requirements for classified areas. Perform physical tasks such as climbing ladders, conducting alarm tests and performing escort duties for uncleared visitors. Qualifications We Prefer Completion of FSO for Possessing Facilities from DCSA SPeD. Certified First Aid, AED and CPR to serve as a First Responder. Certified Industrial Security Professional or similar related certification or Certified DoD Security Manager. Excellent written, verbal, and presentation skills. Must be able to complete required NSA training for DIAS Ability to understand and safeguard Personal Identifiable Information (PII). Self-starter with minimal supervision and the ability to solve routine problems of moderate complexity. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite The salary range for this role is 66,000 USD - 130,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice

The purpose of this job is overall responsibility for maintaining currency of information security risk assessments and the periodic review and maintenance of the Information Security Policy and supporting Standards and Procedures. This position may be filled as a Level I, II, or III based on additional responsibilities and qualifications required. Responsibilities * Assists ongoing Information Security risk assessments, including review, documentation, reporting, and testing of the controls. * Assists with Corporate awareness efforts for review, counsel, education and communication of Information Security Policies and Standards to all associates * Responsible for assisting investigations for Insider Threat Management, Incident Response, and Data Loss Prevention * Research and track information security issues, documentation, and reporting * Development and maintenance of Information Security Policy and Standards for Trustmark * Responsible for ongoing Information Security risk assessments, including review, documentation, and reporting * Assists with Corporate awareness efforts for review, counsel, education and communication of Information Security Policies and Standards to all associates * Responsible for periodically requesting information and meeting with lines of business to review information security risks * Responsible for assisting in the coordination and documentation of responses to both internal and external audits involving Information Security * Assist with research of information security issues, documentation, and reporting * Perform Additional duties as assigned. Level III Additional Responsibilities: * Responsible overseeing Information Security Risk Assessment processes and reporting to management, including assisting the CISO with creating the required Annual Information Security Report to the designated Board Committee * Responsible for review, reporting, awareness training, and recommendations for matters relating to compliance with internal security controls and the Interagency Guidelines for Safeguarding Customer Information * Responsible for monitoring, reporting, and awareness training for compliance with internal policy and regulatory requirements. * Responsible for development and maintenance of Trustmark's Information Security Policy and Standards * Provides a forum for review, counsel, education and communication of Information Security Policies and Standards to all personnel * Responsible for leading in the research and review of security incidents Qualifications * Two-years college or equivalent work experience in related Information Technology or Information Security required * General knowledge of Federal Regulations, relative to Information Security Risk Assessment * Knowledge and work experience in Data Processing * General knowledge and experience developing and implementing policy and standards * General knowledge of network infrastructure, client/server policies, and operating systems * Oral communication skills * Report writing skills with creating/maintaining information security policy and management reports * Detail oriented * Analytical skills * Organizational skills * Independent judgment * Four-year college degree preferred * Work experience in related Information Technology or Information Security preferred * Work experience and knowledge of End User Computing systems preferred * Security certifications (Security+, Certified in Cybersecurity, etc) preferred * Work experience in banking preferred Level II Additional Qualifications: * Four-year college degree or equivalent work experience in related Information Technology or Information Security * Work experience and knowledge of End User Computing systems * Comprehensive knowledge of Federal Regulations, relative to Information Security Risk Assessments * Knowledge and work experience in Information Technology * Broad knowledge of network infrastructure, client/server policies, and operating systems * Advanced knowledge of Microsoft Suite tools * General understanding of Information Security tools related to Information Security Functions (DLP, PAM, IAM, etc.) * Experience (or training) in Risk Assessment process * Master's degree in relevant field preferred * Policy writing / management reporting experience preferred * Security certifications (CISSP, CISA, CRISC, CISM, etc.) preferred Level III Additional Qualifications: * At least 6 or 8 years of Information Security specific experience required * Experience in policy creation and maintenance writing * Work experience and knowledge of Network devices * Knowledge and experience developing and implementing policy and standards * Specific knowledge of various regulations governing security of customer information and in particular the Interagency Guidelines Establishing Standards for the Safeguarding Customer Information * Writing skills involved with creating/maintaining information security policy and procedure * Extensive knowledge of Microsoft Office (Word, Excel, PowerPoint, etc.) * Extensive knowledge or experience (or training) in Risk Assessment processes Physical Requirements/Working Conditions: Must be able to sit for long periods of time and use computer keyboard and/or mouse, while viewing computer screens. Note: This is a brief description of this position and is not limited to those described herein. Management retains the right to add, delete or modify any of these responsibilities at any time during employment.

not eligible for sponsorship** **Locations: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Charlotte, NC; Raleigh, NC; or Dallas, TX.** The Cyber Security Engineer - Threat Management is a mid-level Cyber Security Engineer responsible for second level security event/incident response along with the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. The candidate They will deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support enterprise environments and our presence in various cloud instances and on-premises data centers covering threats / FIM / configuration management / incident response / vulnerability management. Secondary roles include IPS, EDR, TIP tools, and other information security solutions. Essential Functions of the Job: + Responding to SOC alerts performing an analysis, and containment of security events. + Provide tier II support for escalated security incidents. + Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks. + Operate the configuration management program to track configuration drift over time, working with asset custodians to correct any configuration deviation from baseline. + Operate the File Integrity Management program to track changes to file systems on critical systems. + Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume using MITRE ATT&CK Framework. + Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. + Integrate appropriate systems and logs into the global threat management platform or Security Event and Incident Management system to properly protect critical assets. + Design, test and develop specific content and alerting to identify threats against critical assets. + Document incident response playbooks for new threat content and alerts. + Maintain an understanding of attacks, vectors and emergent threats. + Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. + Produce weekly and monthly operational metrics. + Work with vendors and internal customers to respond to escalations. + Recommends Preventative Security Actions. + Recommends Corrective Security Actions. + Comprehension of basic banking systems. **Job Requirements:** + High School Graduate or Equivalent. + Bachelor's Degree Preferred but not required in Computer Engineering/Computer Science or related field. + CISSP, GSEC, GCIH, CEH or other security certifications preferred, but not required. + Three year minimum working in cyber threat or information security. **Knowledge and Skills Requirements:** + Familiar with compliance regulations such as SOX, PCI-DSS, GLBA, and Federal Banking regulations. + Proficient with cloud security and monitoring capabilities in Azure + Proficient with Incident Response in Azure + Proficient with configuration management scanning tools. + Knowledgeable with Tripwire or other file integrity management tools. + Excellent team skills and integrity in a professional environment. + Ability to Map threats and vulnerabilities to MITRE. **About Us** First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ******************** (https://urldefense.com/v3/\_\_https:/********************/\_\_;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6\_kmPxl66\_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) . **Benefit Highlights** - Medical with wellness incentives, dental, and vision - HSA with company match - Maternity and parental leave - Tuition reimbursement - Mentor program - 401(k) with 6% match - More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits **Follow Us** Facebook (****************************************** X formerly Twitter LinkedIn (*************************************************** Instagram YouTube (********************************************************** Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.