Cyber security analyst jobs in Monroeville, PA

Seeking an experienced and dedicated Senior Cloud Security Engineer to join our team. This role is crucial for ensuring the security and compliance of our cloud infrastructure in a highly regulated financial environment. The ideal candidate will have a strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions. Primary Success Factors Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Collaborate with IT and development teams to ensure cloud solutions are securely integrated with existing software and infrastructure, following best practices and security standards. Keep abreast of the latest security issues, regulatory changes, and industry trends to proactively address emerging threats. Assist with the design of security training and awareness programs to educate staff about cloud security risks and responsibilities, fostering a culture of security within the organization. Regularly report on the status of cloud security, including any breaches or vulnerabilities, to senior management and stakeholders. Work with third-party vendors to ensure that security requirements are met and maintain strong relationships with external security partners. Maintain compliance with all relevant security and privacy laws and regulations, including PCI-DSS, GDPR, SOX, and other industry-specific standards Required Experience Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Specific experience will be considered in lieu of a degree. Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Excellent problem-solving skills and the ability to work under pressure, with a proactive and detail-oriented approach to security. Strong communication and collaboration skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring and incident response tools, such as SIEM, IDS/IPS, and EDR solutions. Ability to deliver with minimal management oversight

Employment Type: Direct Hire We are seeking an experienced Cloud Security Engineer to design, implement, and maintain secure, scalable cloud environments for a regulated financial services organization. This role plays a critical part in protecting sensitive financial and customer data, ensuring regulatory compliance, and embedding security into modern cloud and DevSecOps workflows. The ideal candidate brings deep hands-on cloud security expertise, experience in regulated industries, and the ability to partner cross-functionally with engineering, infrastructure, and application teams. KEY RESPONSIBILITIES Design, implement, and maintain cloud security architectures across enterprise environments Secure cloud platforms and services to protect financial and customer data Conduct vulnerability assessments, risk analyses, and security audits in cloud environments Develop, document, and enforce cloud security policies, standards, and procedures Monitor cloud environments using SIEM, IDS/IPS, and EDR tools; lead incident response efforts Integrate security controls into CI/CD pipelines using DevSecOps best practices Collaborate with engineering, infrastructure, and application teams to ensure secure cloud integrations Implement and manage Identity and Access Management (IAM), encryption, and network security controls Ensure ongoing compliance with PCI-DSS, GDPR, SOX, and other regulatory frameworks Prepare and present security posture reports, risk assessments, and incident summaries to senior stakeholders Partner with third-party vendors and cloud service providers to validate security controls and compliance Stay current on emerging threats, regulatory changes, and cloud security trends Support security awareness initiatives and training programs EDUCATION, EXPERIENCE, AND SKILL REQUIREMENTS Bachelor's or Master's degree in Computer Science, Information Security, or related field Equivalent professional experience considered in lieu of a degree 7+ years of experience in cloud security, information security, or security engineering Demonstrated experience securing cloud environments in regulated industries (financial services strongly preferred) Strong expertise in cloud security best practices, including: Identity and Access Management (IAM) Encryption (data at rest and in transit) Network security, segmentation, and zero-trust concepts Hands-on experience with DevSecOps and securing CI/CD pipelines Proficiency with Infrastructure as Code (IaC) and automation tools, such as: Terraform Ansible CloudFormation Experience with security monitoring and incident response technologies, including SIEM, IDS/IPS, and EDR Working knowledge of PCI-DSS, GDPR, SOX, and related compliance frameworks Strong analytical, troubleshooting, and problem-solving skills Excellent written and verbal communication skills; ability to translate complex security concepts to non-technical stakeholders Ability to work independently with minimal supervision PREFERRED SKILLS AND EXPERTISE Cloud security certifications (AWS Security, Azure Security Engineer, GCP Security Engineer) Industry certifications such as CISSP, CISM, CCSP Experience supporting audits, regulatory exams, and compliance assessments Cloud Security Engineer, Senior Security Engineer, Cloud Infrastructure Security, Financial Services Security, Regulated Environments, IAM, Encryption, Network Security, DevSecOps, CI/CD, Infrastructure as Code, Terraform, Ansible, CloudFormation, SIEM, IDS/IPS, EDR, Incident Response, Vulnerability Management, Risk Assessment, Compliance, PCI-DSS, SOX, GDPR, Security Architecture, Cloud Governance

Sales Representative -- Anindya Mazumdar Role: Not looking for an Architect - require individual heavy on engineering side / looking for a builder. Strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Required: Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring & incident response tools, such as SIEM, IDS/IPS, and EDR solutions.

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Primary Office Location:626 Washington Place. Pittsburgh, Pennsylvania. 15219.Join our team. Make a difference - for us and for your future. Cyber Security Specialist Business Unit: Risk Management Reports to: Manager of Cyber Security Position Overview: This position is primarily responsible for performing all procedures necessary to ensure the safety of information systems assets and protecting systems from intentional or inadvertent access or destruction under the supervision of the Manager of Cyber Security. The incumbent demonstrates the ability to develop IT security standards and procedures, has demonstrated knowledge and understanding of IT industry trends and emerging technologies and an ability to relate them to the corporation and it's objectives. Primary Responsibilities: Investigates, escalates and documents cyber security events or incidents according to standard operating procedures (SOP), as needed. Writes comprehensive reports of incident investigations. Evaluates and improves Security Information and Event Management (SIEM) rule set based on threat and vulnerability indicators. Analyzes information from variable threat sources and provide necessary awareness to management, IT and impact business areas. Tracks remediation of identified issues based on incident investigations. Utilizes forensic resources to understand event impacts and generates incident reports. Assists management in preparation of reports of current threats. Uses PowerShell scripting or other programming languages to automate tasks. Leverages various toolsets to gain awareness of potentially suspicious activity and alerts to threats, intrusions and/or compromises. Performs other related duties and projects as assigned. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing and monitoring the risk they encounter daily as required by F.N.B. Corporation's risk management program. F.N.B. Corporation is committed to achieving superior levels of compliance by adhering to regulatory laws and guidelines. Compliance with regulatory laws and company procedures is a required component of all position descriptions. Minimum Level of Education Required to Perform the Primary Responsibilities of this Position: BA or BS Minimum # of Years of Job Related Experience Required to Perform the Primary Responsibilities of this Position: 3 Skills Required to Perform the Primary Responsibilities of this Position: Excellent communication skills, both written and verbal Excellent customer service skills Excellent project management skills Detail-oriented Strong security background in network/systems/physical security, authentication, authorization and usability. Comprehensive knowledge of the OSI model. Working knowledge of packet collection and analysis tools. Licensures/Certifications Required to Perform the Primary Responsibilities of this Position: Valid Drivers License CISSP, Security+, Network+, GCIA, GCIH, CEH, CISM, CSX Physical Requirements or Work Conditions Beyond Traditional Office Work: Heavy Lifting over 45 lbs. Equal Employment Opportunity (EEO): It is the policy of FNB not to discriminate against any employee or applicant for employment because of his or her race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, or status as a protected veteran. FNB provides all applicants and employees a discrimination and harassment free workplace.

This role is for a Data Protection Analyst working in the Data Discovery and Protection Program. The Analyst is responsible for supporting, developing, and enhancing the Data at Rest Protection Program for both on-premise and cloud environments. The colleague will engage with Business Units across the organization, produce metrics and documentation, and implement and support tools related to the data protection program. A successful candidate will: + Assess existing scanning program to implement cloud scanning capabilities + Assist in deployment and maintenance of data scanning tools + Partner with other groups within the organization to identify and remediate data at rest access risk. + Work with risk partners to identify controls, determine control adequacy, and identify control monitoring opportunities and areas for improvement/enhancement + Assist in collecting, analyzing, and interpreting data access information and remediate permission compliance issues based on company security standards + Discern patterns of complex threat actor behavior, communicate an understanding of current and developing Cyber threats to key stakeholders, and stay current with emerging trends and threats in the field of insider threat Qualifications Required: + Understanding of information security concepts, best practices, and regulations related to data loss prevention + Understanding of enterprise security and networking technology and how the technology relates to the prevention, detection, and response of data loss + Advanced understanding of the Microsoft Office suite (e.g., Outlook, Word, Excel, PowerPoint, etc) + Excellent verbal and written communication skills (including but not limited to: correct English usage, grammar, spelling, punctuation, vocabulary, etc.). + Ability to execute work independently and as a team member with good interpersonal skills - using tact, patience and courtesy. + Experience as a security consultant + Working knowledge of cloud topology + Knowledge of file share security and Windows ACL administration + Familiarity with the Financial Services Industry + Knowledge of varying cloud platforms + Familiarity with cloud security at major cloud service providers + Certifications: Associate of (ISC)^2, CISSP, or similar. Education: + Bachelor's degree in Information Security, Computer Science or a related field OR + Bachelor's degree in Business or other field + 3 years relevant experience + Equivalent years: BA/BA = HS + 5 years of experience Pay Transparency The salary range for this position is $97,049 - $145,574 per year. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience. We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit ************************************** . Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance. Equal Employment Opportunity Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability. Why Work for Us At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth Background Check Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.

The Information Security Specialist plays a vital role in protecting the Bank's information assets by ensuring the integrity, confidentiality, and availability of systems across the enterprise. This position is responsible for the effective application of security controls across both business operations and technology environments. The successful candidate will perform security administration, conduct continuous monitoring, and lead investigations into security events triggered by the Bank's security infrastructure. Organization Overview FHLBank Pittsburgh provides reliable funding and liquidity to its member financial institutions, which include commercial and savings banks, community development financial institutions, credit unions and insurance companies in Delaware, Pennsylvania and West Virginia. FHLBank products and resources help support community lending, housing and economic development. As one of 11 Federal Home Loan Banks established by Congress, FHLBank has been an integral and reliable part of the financial system since 1932. Primary Success Factors * Supports the efficient and effective implementation and maintenance of security for the Bank's information assets and resources; evaluates, installs and maintains security software on a variety of platforms; and actively promotes the advancement of sound security policies and procedures. Provides customer support for email processing and security, Help Desk ticket queues for security and account requests. * Monitoring and investigation of security events generated by the Bank's security infrastructure * Designs appropriate security measures in new system development efforts as defined by security requirements, product options and implementation strategies. * Evaluates, engineers, and recommends security enhancements to Bank's current environment and architecture. * Establishes and executes procedures for authorizing access to information across all platforms to appropriately restrict access. * Participates in establishing and maintaining security policies and procedures * Provides daily support and management of Security incident and event Management (SIEM) solution according to industry best practice and Bank policy. * Performs monitoring, analysis, and reporting of security events across a complex environment. * Establishes and executes procedures for performing self-audits of the security administration function to detect inappropriately defined security parameters. * Manages bank firewalls to ensure access and controls are properly applied to all systems. * Manages security systems (IDS, firewall, mail/web filtering, etc.) to ensure systems are properly functioning and upgraded. * Works with business users to ensure proper access to applications is in place. * Regularly reviews systems and networks to ensure compliance with IT Security policy. * Assists in the designing of network architecture to ensure industry-standard network practices are enforced. * Deciphers network packet captures for troubleshooting. * Ensures compliance with applicable policies, procedures, and regulations to ensure safe and sound business operations. Required Experience * Bachelor's degree in Computer Science, Information Systems or related degree or equivalent work experience * At least one of the following professional Security-related certifications required: CISSP, SANS GIAC, CCSP * Five or more years of experience in an information security role * At least two years of hands-on experience with firewall administration * Hands-on experience with administering security in Windows Active Directory Security * Demonstrated knowledge of managing and administering spam filtering system * Demonstrated knowledge of securing and administering security on multiple operating environments: Linux, Windows * Demonstrated knowledge of host-based and network-based Intrusion Detection System concepts * Experience with DDOS mitigation and related network traffic risk mitigation techniques * Experience with Network Access Control Platforms and Procedures Candidates with at least three years of experience in an information security role and Windows Active Directory Security will be considered for an alternative role. It is the policy of the Federal Home Loan Bank of Pittsburgh to ensure equal employment opportunity (EEO) for all employees and applicants for employment without regard to race, religion, color, sex, national origin, age, disability status, genetic information, veteran's status, ancestry, sexual orientation or status as a parent as defined by applicable law. It is the Bank's policy to comply with applicable laws concerning the employment of persons with disabilities, including reasonable accommodation for applicants and employees with disabilities.

Artech Information Systems is the #1 Largest Women-Owned IT Staffing Company in the U.S. and an employer of choice for over 7,200 consultants. We recruit world-class talent for IT, engineering, and other professional jobs at 70+ Fortune and Global 500 companies coast-to-coast across the U.S., India, and China. We are one of the fastest-growing companies in the US and we welcome you to search the thousands of jobs in our cutting-edge GEM system for employment opportunities that fit your qualifications. Job Title: Security Analyst Location: Pittsburgh, PA/ Lake Mary, FL / Nashville, TN Duration: 12 months contract with possible extension/ conversion FTE Job Description: Client is looking for a talented and self-motivated individual with strong technical skills and the ability to rapidly learn new technologies. We are looking for an exceptional candidate that shares our passion for delivering solutions to complex security problems, while maximizing productivity and minimizing employee friction. The candidate will contribute to IAMO Transformation program by aiding in the configuration and implementation of the new SailPoint LCM product. The candidate will perform business critical analysis to help with the implementation of application access requests and workflows across IAM. This role will support access provisioning, remediation for audit findings, workflow creation and modifications, and ensuring revocations and certifications are completed within the guidelines established by Corporate Policy. This position is critical to ensure Service Level Objectives and Internal project deadlines are met. The candidate will require increased technical and analytical skillsets and provide Sailpoint Product Support with a focus on: • Experience with designing, developing, testing, implementing, and integrating IGA solutions involving SailPoint Identity Now (IIQ). • Experience in SailPoint Identity IQ implementation and configuration for application on-boarding for access request and approval and access certifications o Configuration of simple and advanced LCM workflows within SailPoint o Creating and managing workgroups in SailPoint o Configuration and management of most common direct connectors (i.e. Active Directory, LDAP, Mainframe, etc.) o Creation of preventative and detective Segregation of Duty rules o Experience with role-based access controls and configuring automate provisioning and deprovisioning. • Train and mentor other team members on the use of the SailPoint Identity Now platform. • Experience with identity lifecycle flows including leaver, joiner, and mover. • Experience with consultative and complex technical deployment projects, managing various stakeholder relationships. • Strong knowledge and experience with incident/problem management processes. • Possess critical thinking skills. • Strong functional knowledge of MS Office Suite software products, Jira, and Confluence. • Strong communications skills, oral and written. • Ability to collaborate and interact productively with team members and key stakeholders. • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner. • Ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization. • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. • Ensures integration end state protects information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss. • Design and code rules, applications, workflows, custom tasks, custom connectors, UI pages and custom reports in SailPoint Identity Now. • Develop working relationship with IT engineering resources to drive solution features adoption. • Develop control adoption templates for IT resources to understand and implement connections required for the SailPoint Identity Now service. • Review SailPoint IGA to ensure the solution is optimized for the highest level of service and establish an ongoing practice to perform periodic reviews. • Interpret policies and standards with InfoSec, Risk and Compliance teams, ensuring policies and standards are properly followed by IAM control solutions. • Design and maintain flowchart diagrams, process workflows and standard documentation required to sustain the SailPoint platform. • Promote security policies, standards, and best practices across the organization. • Supports and resolves system incidents, problems, and changes. Qualifications 5 years of Sailpoint experience -Will consider experience over degree -Locations: Pittsburgh, Lake Mary or Nashville -2000+ applications to be migrated into sailpoint -Configure workflows -Create/manage work groups -Create duty rules -Invisio, Confluence, Jira, Excel Additional Information All your information will be kept confidential according to EEO guidelines.

This role is for a Data Protection Analyst working in the Data Discovery and Protection Program. The Analyst is responsible for supporting, developing, and enhancing the Data at Rest Protection Program for both on-premise and cloud environments. The colleague will engage with Business Units across the organization, produce metrics and documentation, and implement and support tools related to the data protection program. A successful candidate will: * Assess existing scanning program to implement cloud scanning capabilities * Assist in deployment and maintenance of data scanning tools * Partner with other groups within the organization to identify and remediate data at rest access risk. * Work with risk partners to identify controls, determine control adequacy, and identify control monitoring opportunities and areas for improvement/enhancement * Assist in collecting, analyzing, and interpreting data access information and remediate permission compliance issues based on company security standards * Discern patterns of complex threat actor behavior, communicate an understanding of current and developing Cyber threats to key stakeholders, and stay current with emerging trends and threats in the field of insider threat Qualifications Required: * Understanding of information security concepts, best practices, and regulations related to data loss prevention * Understanding of enterprise security and networking technology and how the technology relates to the prevention, detection, and response of data loss * Advanced understanding of the Microsoft Office suite (e.g., Outlook, Word, Excel, PowerPoint, etc) * Excellent verbal and written communication skills (including but not limited to: correct English usage, grammar, spelling, punctuation, vocabulary, etc.). * Ability to execute work independently and as a team member with good interpersonal skills - using tact, patience and courtesy. * Experience as a security consultant * Working knowledge of cloud topology * Knowledge of file share security and Windows ACL administration * Familiarity with the Financial Services Industry * Knowledge of varying cloud platforms * Familiarity with cloud security at major cloud service providers * Certifications: Associate of (ISC)^2, CISSP, or similar. Education: * Bachelor's degree in Information Security, Computer Science or a related field OR * Bachelor's degree in Business or other field + 3 years relevant experience * Equivalent years: BA/BA = HS + 5 years of experience Pay Transparency The salary range for this position is $97,049 - $145,574 per year. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience. We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit ************************************** . Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance. Equal Employment Opportunity Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability. Background Check Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information. Benefits We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. View Benefits Awards We've Received Age-Friendly Institute's Certified Age-Friendly Employer Dave Thomas Foundation's Best Adoption-Friendly Workplace Disability:IN Best Places to Work for Disability Inclusion Human Rights Campaign Corporate Equality Index 100 Award Fair360 Top Regional Company FORTUNE's World's Most Admired Companies Military Friendly Employer

Who We Are… Since our founding in 1901, Limbach's primary core value has always been simple: We Care. That commitment extends to our people, our customers, and the communities we serve-driving a culture of belonging across our industry. Limbach Facility Services LLC, a subsidiary of Limbach Holdings, Inc., (NASDAQ: LMB), is a leading building systems solutions firm delivering mission-critical systems that support life's most important moments. We specialize in revitalizing and maintaining HVAC, mechanical, electrical, plumbing, and control systems within existing facilities-ensuring buildings are always ready to perform when it matters most. Learn more about Limbach by checking out our YouTube channel: We Are Limbach - YouTube From healthcare and education to government and commercial facilities, we partner with building owners and operators to safeguard reliability, efficiency, and comfort where it's needed most. Our vision is to create value for building owners targeting opportunities for long term relationships. Our purpose is to create great opportunities for people. Learn more about Limbach's commitment to our people and career opportunities, straight from our employees via the Limbach Unlocked podcast: Limbach Unlocked - Why We Chose Limbach We carry out our vision and purpose through a commitment to our four core values… We Care We Act with Integrity We Are Innovative We Are Accountable The Benefits & Perks… Base salary range of $120K - $130K Full portfolio of medical, dental, and vision benefits, along with 401K plan and company match. HSA, FSA, and life insurance offerings. Maximize your professional development with our award-winning Learning & Engagement team. Engage in our “We Care” culture through our ERGs, brought to you by EMBRACE. Career pathing flexibility and mobility. Who You Are… As Security Analyst / Engineer, you will serve as the organization's primary, hands-on security operations lead. Reporting directly to the CIO, the candidate will triage SOC outputs, tune detection logic, drive automated response through SOAR playbooks, own the vulnerability management lifecycle, and lead incident response from detection through remediation and post-incident lessons learned. They act as a trusted partner to our outsourced SOC, the quarterback for IR, and the technical voice to the CIO and Board on operational security posture working closely with our IT Operations leader. This Position… Some examples of the work you might do includes: Security Operations & Monitoring: Serves as the primary liaison to our outsourced SOC and vCISO. Triage, validate, and prioritize alerts from SIEM (e.g., Google Chronicle, GrayMatter, or equivalent). Ensures log integrity, enrichment, and actionable alerting. SOAR & Automation: Builds, maintains, and iterates SOAR playbooks (Google SOAR or comparable) to automate containment, enrichment, and evidence collection; lowers MTTR by automating low-risk actions while preserving human judgment for high-impact events. Incident Response: Lead detection → containment → eradication → recovery workflows. Owns post-incident reviews, creates remediation roadmaps, and tracks closure of corrective actions. Conducts regular tabletop exercises and maintains IR runbooks and escalation paths. EDR/MDR/XDR Management: Administers and tunes EDR/MDR/XDR platforms (deployment health, telemetry, detection rules, containment capabilities). Investigates endpoint events, performs root cause analysis, and coordinates remediation with IT operations. Vulnerability Management: Operates the vulnerability management program (Rapid7, Tenable.io, or equivalent): schedules scans, triages findings, prioritizes by risk and asset criticality, and shepherds remediation with engineering teams. Proposes and verifies system hardening measures and baselines. Detection Engineering: Authors correlation rules, analytic searches, and detection content; reduces false positives while increasing meaningful detections. Builds dashboards and KPIs that communicate detection coverage and efficacy. M&A & Integration Security: Leads security due diligence and integration activities for acquisitions: identities & accesses reviews, vulnerability scans, endpoint posture checks, and integration playbooks to onboard new entities into Limbach's security baselines. Training & Knowledge Transfer: Develops and delivers IR and detection training for IT and business teams. Produces clear operational documentation, SOPs, and playbooks. Coaches SOC engineers and champions continuous improvement. Reporting & Executive Communication: Produces monthly operational and executive risk reports (incidents, vulnerability trends, MTTR, coverage gaps). Briefs the CIO and Board with concise risk-based recommendations. Third-Party Coordination: Manages relationships and SLAs with MDR/MSSP/MDR providers, forensic firms, and other security partners. What You Need… 5+ years of progressive, hands-on cybersecurity experience, with significant time spent in SOC and incident response environments. Demonstrated expertise with SIEM and SOAR platforms (Google Chronicle, GrayMatter, Chronicle SOAR, or comparable). Proven track record managing EDR/MDR/XDR solutions and performing endpoint investigations. Hands-on experience owning vulnerability programs with Rapid7, Tenable.io, or similar tooling. Experience writing detection logic, playbooks, and incident runbooks; demonstrable success in alert tuning and automation. Real-world experience coordinating cross-functional incident response activities and driving remediation to completion. Scripting and automation skills (PowerShell, Python, Bash) to automate enrichment, containment, and evidence collection. Strong Windows and Linux administration/forensics fundamentals; network fundamentals and packet-level troubleshooting. Familiarity with cloud security (Azure, Microsoft 365, Intune, Conditional Access) and endpoint management tools. Knowledge of security controls, hardening standards, and configuration baselines. Ability to read and interpret logs and telemetry across endpoints, network devices, and cloud services. Superior written and verbal communication; able to explain technical findings to non-technical and executive audiences. Decisive under pressure, methodical in evidence collection, and disciplined in documentation. Collaborative, tactful, and experienced at working with cross-functional teams (IT ops, HR, Legal, vendor partners). Strong project management and organizational skills with an eye for measurable outcomes. Ability to travel up to 15% of the time. Preferred Qualifications: Certifications: CISSP, GCIH, GCFA, ECIH, or Security+ (or equivalent). Prior role as a dedicated incident responder or IR team lead. Experience with Microsoft Defender for Endpoint, Azure Security Center, and native cloud telemetry. Familiarity with compliance frameworks (SOC 2, NIST CSF/800-171, ISO 27001) and how detection/IR maps to them. Experience in multi-site enterprise environments and with M&A integration security. Conduct Standards: Maintains appropriate Company confidentiality at all times. Protects the assets of the Company and ethically upholds the Code of Conduct & Ethics in all situations. Cultivates and promotes the “Hearts & Minds” safety culture. Consistently exemplifies the Core Values of the Company (we CARE, we act with INTEGRITY, we are INNOVATIVE, and we are ACCOUNTABLE). Work Environment: This position operates primarily in an office environment and routinely utilizes standard office equipment, such as computers, phones, copiers, and filing cabinets. The Company's Remote Work Policy is applicable to this position. Physical Demands: In performing the duties of this job, the incumbent is regularly required to talk, hear, perform repetitive motion, and possess an appropriate degree of both visual acuity and manual dexterity. This is considered a sedentary position, which means possible exertion up to ten (10) pounds of force occasionally, and/or negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects. This job description is intended to describe the general nature of work being performed by the individual who assumes this role, not an exhaustive list of responsibilities. Duties, responsibilities, and activities may change at any time, with or without notice, as business needs dictate. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Limbach Facility Services LLC is an Equal Opportunity Employer. #LFS

We specialize in Staffing, Consulting, Software Development, and Training along with IT services to small to medium size companies. AG's primary objective is to help companies maximize their IT resources and meet the ever-changing IT needs and challenges. In addition, AG offers enterprise resource planning and enterprise application integration, supply-chain management, e-commerce solutions, and B2B public exchanges and B2B process integration solutions. Our company provides application analysis, design, development and programming, software engineering, systems development, testing, integration, and implementation, and management consulting services to various clients - including governmental agencies and private companies - throughout the United States and India. We provide these services in multiple computing environments and use technologies such as client/server architecture, object-oriented programming languages and tools, distributed database management systems, state-of-the-art networking, and communications infrastructures. Our honest and realistic approach to recruiting dictates that AG does not entice or lure engineers from their employers. We represent only high caliber technical professionals who have committed to making a change required by career. Job Description MUST HAVE: Experience with implementing a vulnerability scanner Familiarity with both Windows and Linux platforms Experience with a log management system (Splunk, Elastic Search, etc) General understanding of incident management systems Experience patching operating systems/applications Experience configuring operating systems/applications Knows and applies the fundamental concepts, practices and procedures of IT security hardware, software, management software, and troubleshooting tools Candidate should have a strong knowledge of IT security, including demonstrated knowledge of current security trends and issues Ability to effectively and professionally communicate with customers and technical support staff at remote locations including team members in foreign countries; excellent verbal and written communication skills Highly self-motivated and flexible Manage priorities for timely completion of assignments Strong analytical and problem-solving skills Demonstrated success managing confidential/secure information with a high level of integrity NICE TO HAVE: Nessus experience HP Service Manager Additional Information Good comm skills are a big priority Duration: 3+ Months LOCALS PREFERRED Interview: Phone+F2F

* Bachelor Degree in Computer Science, Information Systems, Information Security or Networking, or equivalent work experience required; Master Degree preferred * Minimum of 5 years of practical experience in leading development and implementation of at least two information technology disciplines Azure or other Cloud environment, including technical architecture, network management, application development, middleware, database management or operations required * Advanced, specialized technical skills in Security Technologies, including IAM, PAM required * Experience with implementing and configuring Identity Security tools required * Demonstrated ability to estimate the financial impact of architecture alternatives; to apply solutions to business problems; and, to quickly comprehend the functions and capabilities of new technologies required * Functional knowledge of cloud environments such as Azure, Office 365, AWS and related security tools such as Security Center, Sentinel or similar tools required * Extensive experience with Delinea, SailPoint, Active Directory and CrowdStrike technologies and Just-in-Time access methods * Experience applying best practices to management and best practices for privileged accounts and privileged entitlements * Experience applying best practices to service account management * Experience applying best practice methodologies to securing cloud environments, such as Cloud Security Alliance, NIST required MAJOR DUTIES: * Design, develop, test and implement solutions to problems involving multiple technologies utilizing advanced specialized technical skills in the context of defined Reference Architectures * May establish and administer standards and conventions in relevant technologies * Stand up Microsoft Servers and other Security products * Develop system documentation to convey designs and develop support documentation as appropriate * Keep abreast of advances and developing trends and standards in technology * Upgrade and patch security Equipment * Develop interfaces from Corporate/Cloud servers to IAM/PAM technologies * Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security * Consult and assist internal IT staff in proving out concepts to support migration of existing on-premises applications and infrastructure to Azure hybrid PaaS/IaaS deployment * Assist in implementing CIS Controls for hardware and Software environments * Ensure deliverables relative to project needs * Apply best practice methodologies to securing the company's cloud environments and applications * Review technical designs and specification for adherence to standards * Conduct third party Vendor Security Reviews as needed * Participate in task estimation and planning HOURS/LOCATION: * 8:30 a.m. - 5:00 p.m. (Overtime as required) * Warrendale location (Hybrid schedule) * Work at downtown location when required EXPLANATORY COMMENTS: * Good communication and interpersonal skills * Good decision making and problem solving skills * Good analytical skills with attention to detail and accuracy * Ability to work on multiple projects simultaneously * Ability to work effectively both individually and as a member of a project team

Primary Office Location: 626 Washington Place. Pittsburgh, Pennsylvania. 15219. Join our team. Make a difference - for us and for your future. Cyber Security Specialist Business Unit: Risk Management Reports to: Manager of Cyber Security This position is primarily responsible for performing all procedures necessary to ensure the safety of information systems assets and protecting systems from intentional or inadvertent access or destruction under the supervision of the Manager of Cyber Security. The incumbent demonstrates the ability to develop IT security standards and procedures, has demonstrated knowledge and understanding of IT industry trends and emerging technologies and an ability to relate them to the corporation and it's objectives. Primary Responsibilities: Investigates, escalates and documents cyber security events or incidents according to standard operating procedures (SOP), as needed. Writes comprehensive reports of incident investigations. Evaluates and improves Security Information and Event Management (SIEM) rule set based on threat and vulnerability indicators. Analyzes information from variable threat sources and provide necessary awareness to management, IT and impact business areas. Tracks remediation of identified issues based on incident investigations. Utilizes forensic resources to understand event impacts and generates incident reports. Assists management in preparation of reports of current threats. Uses PowerShell scripting or other programming languages to automate tasks. Leverages various toolsets to gain awareness of potentially suspicious activity and alerts to threats, intrusions and/or compromises. Performs other related duties and projects as assigned. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing and monitoring the risk they encounter daily as required by F.N.B. Corporation's risk management program. F.N.B. Corporation is committed to achieving superior levels of compliance by adhering to regulatory laws and guidelines. Compliance with regulatory laws and company procedures is a required component of all position descriptions. Minimum Level of Education Required to Perform the Primary Responsibilities of this Position: BA or BS Minimum # of Years of Job Related Experience Required to Perform the Primary Responsibilities of this Position: 3 Skills Required to Perform the Primary Responsibilities of this Position: Excellent communication skills, both written and verbal Excellent customer service skills Excellent project management skills Detail-oriented Strong security background in network/systems/physical security, authentication, authorization and usability. Comprehensive knowledge of the OSI model. Working knowledge of packet collection and analysis tools. Licensures/Certifications Required to Perform the Primary Responsibilities of this Position: Valid Drivers License CISSP, Security+, Network+, GCIA, GCIH, CEH, CISM, CSX Physical Requirements or Work Conditions Beyond Traditional Office Work: Heavy Lifting over 45 lbs. Equal Employment Opportunity (EEO): It is the policy of FNB not to discriminate against any employee or applicant for employment because of his or her race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, or status as a protected veteran. FNB provides all applicants and employees a discrimination and harassment free workplace.

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As a Security Analyst within PNC's Technology organization, you will be based in Pittsburgh, PA. This position is primarily based in a location within PNC's footprint. The work shift will be: Tuesday, Wednesday, Thursday, Friday and Saturday 7:00am EST - 3:30pm EST Time in the above office locations will be expected weekly Ideal candidate will demonstrates intimate knowledge of the following: -Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cyber security product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, EDR, etc. -Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR) -Assist with tuning the SIEM events to reduce the false positives -Extract the IOCs and behavioral characteristics of malicious samples and implement the proper mitigation (Sandboxing) -Demonstrate the ability to scope an event to ensure the proper remediation steps -Ability to demonstrate subject matter expertise on the one or more functions performed by the SOC -Perform operational support for the institution as a representative of the security organization PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. **Job Description** + Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization. + Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. + Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff. + Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: + **Customer Focused** - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. + **Managing Risk** - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework. **Qualifications** Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position. **Preferred Skills** Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies **Competencies** Analytical Thinking, Effective Communications, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Problem Solving, Software Security Assurance **Work Experience** Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered. **Education** Bachelors **Certifications** No Required Certification(s) **Licenses** No Required License(s) **Benefits** PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service. To learn more about these and other programs, including benefits for full time and part-time employees, visit Your PNC Total Rewards (******************************* . **Disability Accommodations Statement** If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com . Please include "accommodation request" in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call ************ and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions. **Equal Employment Opportunity (EEO)** PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law. This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history. **California Residents** Refer to the California Consumer Privacy Act Privacy Notice (****************************************************************************************************** to gain understanding of how PNC may use or disclose your personal information in our hiring practices.

About Us Recognized among Pittsburgh's 2024 Top Workplaces and Fastest-Growing Companies, Wolfe has been a leader in the Gift Card and FinTech sectors for over 25 years. We power gift card programs for national merchants like KFC. Our flagship consumer brand, PerfectGift.com, enables customers to create customized gift cards. We are a fast-paced environment, like kayaking down a white-water river, not canoeing on a lake. Learn more about our company culture, core values, and industry recognition on our career page (****************************** Role Summary Wolfe is seeking a Senior Cloud Security Engineer to lead the protection of our cloud-based systems, data, and applications. This is a pivotal role focused on embedding security into every layer of our cloud infrastructure, particularly within AWS environments. You'll work closely with Developers, DevOps, and Infrastructure teams to manage vulnerabilities, mature security controls, and drive secure practices across our technology organization. In this hands-on role, you'll architect and implement cloud-native security solutions, enhance cloud protections, and build tools and procedures that safeguard sensitive data and workloads. You'll help shape how Wolfe builds and maintains secure cloud systems while balancing risk, performance, and delivery. If you are an experienced DevOps engineer looking to grow into a security-focused role, we encourage you to apply! This is a five-day onsite role based in Pittsburgh, PA. Wolfe does not provide visa sponsorship. Responsibilities Analyze cloud security models, protocols, and systems. Monitor and analyze cloud security tools and technologies for potential risks. Develop best practices and processes for cloud security. Implement security measures to protect the cloud infrastructure from external threats. Collaborate with other teams to ensure the security of the cloud environment. Continuously enhance cloud security technologies and services in designated security domains. Analyze, design, and create applications, tests, and infrastructure automation tools. Impact Statement Example expectations for this role include but are not limited to: Lead the initiative to strengthen cloud account security by eliminating user keys and deploying updated policy controls within three months. Deploy enhanced firewall solutions and expand application protection platforms to production environments, achieving cost savings and increased security over the next four months. Manage and mature privileged access management (PAM) solutions for databases, phasing out legacy access methods where possible, and extend PAM deployment to new environments within six months. Perform comprehensive assessments of new accounts and prepare for resource cleanup across multiple cloud projects. Enhance cloud security maturity by improving KPI tracking and maturing security metrics reporting within three months. Assist with developing penetration test scopes and support the execution of penetration tests within six months, while ensuring visibility of cloud vulnerabilities for developers. Qualification 3+ years security engineering or 3+ years cloud infrastructure engineering experience Strong communication skills Proficient with AWS; familiar with Azure and/or GCP Passionate about cloud security and driving secure infrastructure Deep experience in cloud security technologies, processes, and best practices Familiarity of non-cloud native security tools like CrowdStrike, SentinelOne Singularity, Wiz, or Prisma History of developing and implementing security policies and procedures Solid understanding of network security protocols and security architecture Excellent problem-solving abilities Effective team player focused on team goals Experience in a fast-paced environment with the ability to think quickly and creatively to solve problems. Familiar with frameworks: NIST CSF, OWASP DSOMM, CSA STAR, CCM Recommended certifications: CCSP, AWS Certified - Security, GCSA, CISSP Compensation & Benefits Wolfe is committed to providing a comprehensive benefits package to support your well-being, along with competitive compensation. Our benefits and perks include but not limited to: Restricted Stock Units (RSUs) Profit Share Medical, Prescription, Vision, and Dental insurance for employees and dependents (Wolfe pays 80% of premium) Short-Term Disability Insurance (Wolfe pays 100% of premium) Voluntary Long-Term Disability Insurance, Life Insurance, Critical Illness Insurance, Accident Insurance, and Hospital Indemnity coverage PTO (vacation and sick time) Corporate Holidays and Floating Holidays 401(k) Employee recognition program Charitable Donation to a charity of your choice yearly Employee Referral Bonus Tuition Reimbursement Internal Training and Information sessions Family Picnic, Holiday Party, and other outings Internal Culture Club --- Wolfe is an Equal Opportunity Employer. Wolfe does not sponsor employment visas.

The Systems Engineer position is responsible for providing full cycle implementation and support of customer systems, while working across multiple company departments to ensure full client satisfaction. Under the direction of a manager or dispatcher, coordinates the design and maintenance of all access control, intrusion, and video surveillance systems. Incumbent receives and evaluates work orders and requests, investigates requests and troubleshoots problems where appropriate, establishes priorities and coordinates with contractors, when required. Requirements Essential functions and responsibilities: Assists with security systems integration, mapping and software updates and helps train personnel in the use of these systems. Assists on new projects in both existing areas and new construction helping with security assessments, vendor selection, technology upgrades, product selections, testing, field verification of systems and inspection of work in progress for compliance with standards Assess work sites, conditions, and logistics for each project; Develop Method of Procedure based on pre-project assessment. Design, develop and provide documentation of systems, configurations, and other pertinent information for the customer. Communicate with clients to resolve issues in a professional and confidential manner; Develop and execute client specific solutions. Manage the allocation of project resources, including software, hardware, tools, and related items specific to each customer and/or project. Direct the work responsibilities of union labor personnel based on specific project needs. Design and oversee training programs for new and existing customers; Determine which customers receive training. Collaborate with Customer Relationship Managers on demonstrations for new and potential clients. Perform installation, configuration, programming, and final commissioning of customer systems. Work collaboratively with installation, project management and engineering teams. Perform infrastructure services, including pulling cables, installing wall, and ceiling cabling, and installing surface mounted devices, as required. Perform system wiring and terminations services, as required. Deliver on-going remote and on-site technical support for existing customers and systems. Additional responsibilities may be required as necessary, including but not limited to: Provide internal support for basic trouble shooting. Organizes and manage parts stock and tools. Perform other duties as needed. Success factors/job competencies: Effectively communicate both in writing and verbally Work independently and prioritize multiple tasks and adapt to needed change Analysis Mechanical aptitude Comprehend technical language and read and interpret blueprints, wiring diagrams, and schematics Safety orientation Customer Focus Attention to Detail Teamwork/Collaboration Stay abreast of changes in security technology Physical demands and work environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individual will be required to travel to customer sites as needed. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts. The employee is occasionally exposed to outside weather conditions and risk of electrical shock. Individual will regularly be required to lift, push, pull, and carry up to 50 pounds, and occasionally up to 75 pounds. Incumbent will be required to use a computer with keyboard, telephone, or handheld mobile device for extended periods of time, and office machinery as needed. Incumbent must be able to read, see, hear, and speak. Workdays and Shifts: Position works Monday-Friday, daylight hours, and additional time as needed to complete work. Education/Certification(s)/License(s) required: Bachelor's Degree in Electronics, Information Technology or related field, or equivalent experience. May be required to participate in safety trainings and/or certifications provided by the Company or customers. Valid driver's license, as employee will be required to travel to local and overnight client sites as needed. Manufacturer specific certifications, as required. Responsible to maintain active certifications and obtain new and updated certifications as required by the Company. Experience/Other required: Position requires two (2) to three (3) years of relevant experience in the electronic services. Strong knowledge of Microsoft Office. Strong computer skills with advanced software aptitude. Security systems to include, service and maintenance across a broad spectrum of access control, intrusion and video surveillance systems such as, Genetec, Milestone, Bosch, and DMP. Applicants must be currently authorized to work in the United States on a full-time basis. Visa sponsorship is not available for this position. This is a full-time, in-person position, and candidates must be able to work from our office located in Pittsburgh, Pennsylvania.

Techstra Solutions is seeking an experienced and dedicated Senior Cloud Security Engineer to join our team. This role is crucial for ensuring the security and compliance of our cloud infrastructure in a highly regulated financial environment. The ideal candidate will have a strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions. Primary Success Factors · Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. · Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. · Develop and coordinate robust cloud security procedures · Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. · Collaborate with IT and development teams to ensure cloud solutions are securely integrated with existing software and infrastructure, following best practices and security standards. · Keep abreast of the latest security issues, regulatory changes, and industry trends to proactively address emerging threats. · Assist with the design of security training and awareness programs to educate staff about cloud security risks and responsibilities, fostering a culture of security within the organization. · Regularly report on the status of cloud security, including any breaches or vulnerabilities, to senior management and stakeholders. · Work with third-party vendors to ensure that security requirements are met and maintain strong relationships with external security partners. · Maintain compliance with all relevant security and privacy laws and regulations, including PCI-DSS, GDPR, SOX, and other industry-specific standards Required Experience · Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Specific experience will be considered in lieu of a degree. · Minimum of 7 years of experience · Relevant certifications in Cyber Security, with Cloud specific certifications a plus. · Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. · Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. · Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. · Excellent problem-solving skills and the ability to work under pressure, with a proactive and detail-oriented approach to security. · Strong communication and collaboration skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences. · Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. · Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. · Familiarity with security monitoring and incident response tools, such as SIEM, IDS/IPS, and EDR solutions. · Ability to deliver with minimal management oversight Location: This position is based in Pittsburgh, PA and required to be on site (Hybrid) This is a full-time W2 Salaried position. Applicants must be legally authorized to work in the United States now and in the future without the need for sponsorship. At Techstra Solutions, we help top companies and brands achieve the business value of Digital and Talent Transformation. We believe there are three components in successful business transformation: Business Strategy, Technology and Talent. It is the coming together of these three disciplines that enables companies to take full advantage of opportunities. It differentiates us. Our approach is holistic and all-encompassing. We consider the full picture as we guide our clients on this journey. We are experts in transformation, business strategy, technology, innovation, and human capital management. We deliver our expertise through client consulting, innovative staffing solutions and software development. From strategy through implementation, we are dedicated to bringing our clients world-class business and talent solutions that fit strategic requirements and most importantly, deliver results. Equal Employment Opportunity Statement Techstra Solutions is an equal opportunity employer. The Company makes its decisions on merit, and its policy of equal opportunity prohibits discrimination in all phases of the employment process, including, but not limited to, recruitment, hiring, promotion, selection, transfer, demotion, layoff, termination, compensation, benefits, and other terms and conditions of employment. The policy of equal opportunity applies without regard to race, color, creed, religion, gender,, sexual orientation, gender identification, pregnancy, marital status, national origin, ancestry, age, disability that can reasonably be accommodated without undue hardship, military status, veteran status, genetic predisposition or carrier status, alienage or citizenship, domestic partnership status, arrest or conviction record, status as a victim of domestic violence, or any other protected categories under federal, state, or local law. The Company also prohibits discrimination or harassment based upon the perception that a person has, or is associated with a person who has, any of these characteristics.

We are seeking an experienced AI Security Engineer to lead the development of next -generation cybersecurity solutions for advanced AI systems. This individual will be responsible for researching, designing, and implementing cutting -edge security controls to protect AI models, data pipelines, and infrastructure from adversarial attacks, privacy vulnerabilities, and regulatory risks. The ideal candidate has a strong background in AI and understanding of cybersecurity principles, has been published in leading academic conferences (NeurIPS, ICLR, Black Hat, DEFCON, etc.), and has experience working at a frontier AI lab. Requirements Experience: 5+ years in AI/ML with a strong focus on cybersecurity. Education: Bachelor's or Master's in Computer Science, Cybersecurity, AI/ML, or a related field. PhD preferred. Technical Expertise: Strong understanding of AI security challenges, including adversarial ML, LLM backdoor, (in)direct prompt injections, model poisoning, and data leakage. Proficiency in cybersecurity frameworks (NIST, MITRE ATLAS, OWASP AI Top 10) and security tools. Hands -on experience with AI frameworks (TensorFlow, PyTorch, OpenAI API, Hugging Face) and securing AI pipelines. Expertise in cryptography, secure data handling, and privacy -preserving AI techniques (federated learning, differential privacy). Proficiency in Python and security -related programming (e.g., secure coding, AI model evaluation). Familiarity with AI agents, autonomous agents, large language models (LLMs), and multi -modal AI systems. Preferred: Experience in compliance, regulatory, or risk frameworks for AI (e.g., OWASP, MITRE, GDPR, HIPAA, GLBA, NIST AI RMF). An interest in robotics would be preferred as well. Publication & Research: Proven track record of research contributions in top AI/ML and cybersecurity conferences. Industry Experience: Prior work at a leading AI research lab, security -focused AI startup, or a major tech company's AI division. Benefits Competitive salary and equity options. 100% paid medical insurance coverage. Research and publication opportunities. Opportunity to work on cutting -edge AI security challenges that expand beyond software systems. Flexible work environment with remote and in -office options. Access to industry -leading AI security research and resources. A dynamic, mission -driven team shaping the future of AI security.

Are you ready to elevate security practices to new heights? Our organization is on the lookout for a dynamic Application Security Engineer who will revolutionize our application security strategies. Located in the vibrant city of Pittsburgh, PA, this on\-site role is the perfect opportunity to collaborate with key stakeholders in Technology, Product, and Strategic Business Units to tackle the most pressing security challenges head\-on. As a Application Security Engineer, you will spearhead the secure software development lifecycle, embedding cutting\-edge security practices at every step of our DevOps pipelines and application security processes. Your expertise in maturity models like DSOMM (DevSecOps Maturity Model), CI\/CD pipelines, and vulnerability management tools will be crucial in transforming our security landscape. Join forces with our engineering, DevOps, Product, and Technology teams to implement automated security controls, threat modeling, and risk mitigation strategies that will shape the future of our software development lifecycle. This role requires minimal travel and the ability to work in a fast\-paced, dynamic environment. The position may involve working outside normal business hours to address urgent compliance or security incidents. Key Responsibilities DevSecOps & Maturity Measurement Implementation: Assess, report, and assist with improving application security and DevSecOps Maturity, utilizing a measurement framework such as DSOMM or BSIMM, across the organization. Define and implement security policies, standards, and best practices for DevOps, CI\/CD pipelines, and cloud security. Work with development and DevOps teams to integrate automated security testing (SAST, DAST, SCA, IaC security scanning, etc.) into pipelines. Establish security gates in CI\/CD workflows to prevent deployment of vulnerable code. Application Security & Code Vulnerabilities: Perform code reviews, static\/dynamic security testing (SAST\/DAST), and secure coding guidance to developers. Identify and remediate vulnerabilities in application code, libraries, containers, and infrastructure as code (IaC). Develop and enforce secure coding standards in alignment with OWASP, NIST, and other frameworks. Conduct threat modeling and security architecture reviews for applications and services. For example, assist application teams with developing accurate data flow diagrams and developing appropriate identity management solutions. Manage and mature Bot Management services for all applications. Assist with WAF management and maturity. Improve secrets management and API security. Vulnerability Management & Risk Reduction: Manage and mature enterprise\-wide Bug Bounty program (e.g. BugCrowd, HackerOne) Manage vulnerability scanning tools (e.g., Tenable, Qualys, Sonar, Snyk) and prioritize remediation efforts. Track, assess, and coordinate the remediation of vulnerabilities across the application, infrastructure, and cloud environments. Develop risk\-based vulnerability management workflows and collaborate with engineering teams to drive fixes. Monitor security dashboards and metrics, ensuring vulnerabilities are patched in alignment with SLAs. Security CI\/CD Automation & Tooling: Implement security automation using APIs, scripts, and cloud\-native security controls. Work with DevOps engineers to integrate security tooling (like SemGrep, Snyk, Cycode) or within Jenkins, GitHub, GitLab CI\/CD, or AWS DevOps. Automate security findings triage, reporting, and prioritization processes. Security Awareness & Collaboration: Train and mentor developers on secure coding, threat modeling, DevSecOps, and vulnerability management best practices. Collaborate with security operations, incident response, and compliance teams on security initiatives. Participate in security assessments, penetration testing, and security incident investigations. Requirements Qualifications & Experience Bachelor's Degree in Information Security, Cybersecurity, Computer Science, or a related field OR a minimum of 6 years' equivalent experience in lieu of a degree 4+ years of experience in application security, DevSecOps, and security engineering OR a combination of 2+ years experience as a developer and 2+ years in application security, DevSecOps, and security engineering Hands\-on experience with DevSecOps tools (SAST, DAST, SCA, container security, IaC security), integrating security solutions within CI\/CD pipelines, strong knowledge of secure coding principles (OWASP Top 10, SANS CWE Top 25), and familiarity with AI ML or LLM usage within security tooling. Experience with vulnerability management, web app penetration testing tooling, and security certifications like CISSP, OSCP, GCPN, GCSA, AWS Security Specialty, or CSSLP are preferred. Proficiency in Bot Management tooling, client\-side monitoring tooling, and implementing maturity measurement frameworks such as DSOMM or BSIMM in an enterprise setting. Ability to understand and communicate best\-practice system architectures, data flows, and security controls within modern web applications and cloud (SaaS\/PaaS, IaaS). Excellent verbal and written communication skills, with the ability to communicate complex security concepts to technical and non\-technical stakeholders. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641871163","FontFamily":"PuviRegular","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Engineering"},{"field Label":"Work Experience","uitype":2,"value":"5+ years"},{"field Label":"City","uitype":1,"value":"Pittsburgh"},{"field Label":"State\/Province","uitype":1,"value":"Pennsylvania"},{"field Label":"Zip\/Postal Code","uitype":1,"value":"15205"}],"header Name":"Application Security Engineer","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"5","is CandidateLoginEnabled":true,"job Id":"**********06714003","FontSize":"15","google IndexUrl":"https:\/\/hdjassociates.zohorecruit.com\/recruit\/ViewJob.na?digest=UnBknG4YeUTpH3g.ao7JoWAjgPO2l6C2tdKjPQTIaoc\-&embedsource=Google","location":"Pittsburgh","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do"}