Cyber security analyst jobs in Montgomery, AL - 29 jobs

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Oracle Cloud Infrastructure (OCI) Hardware team is seeking a highly driven hardware/firmware security expert at the Principal Engineer level to participate in organizational wide Security Assurance program while also remaining involved in technical security reviews and having the opportunity to work on code level security. All engineering teams at Oracle are required to follow security best practices on how to make smart choices that build security into our products and services. These Oracle Software Security Assurance Standards (OSSA) and Oracle Hardware Security Assurance (OHWSA) standards provide guidance cross the entire lifecycle of component selection / in-take, product design, development, testing, release/deployment, and vulnerability/patch management. The OCI Hardware Development team provides the AI, GPUs, components of Oracle's AI hardware platform hardware and firmware used in Oracle Cloud and in Oracle Engineered Systems including Oracle Exadata. The OCI Hardware organization you will join has delivered the first and second generation of Oracle cloud platforms and is working to build the next generation of cloud and enterprise systems, with record breaking-performance, security, and world class quality using the latest and greatest merchant silicon and technologies. Job Summary: As a part of the OCI Hardware/Firmware Security team the candidate will work closely with the team's Chief Security Architect. The role is focused on managing and participating in all aspects of the OCI Release Management (ORM); Oracle's Hardware Security Assurance (OSSA); Oracle Hardware/Software Security Vendor Intake program and Manage HW/FW security vulnerabilities end to end - from triage to mitigation planning and rollout to customer messaging as wells as opportunities to work on security projects and initiatives defined by the Chief Security Architect. The scope spans both hardware and firmware, Oracle internal teams as well as external partners and extends from Oracle team education and support, to performing technical security and process reviews and to ensuring that Oracle's partners understand Oracle's security requirements for the future. Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc. **Responsibilities** Responsibilities: o Monitor vendor embargoed advisories (Intel, AMD, NVIDIA, ARM, etc.), VINCE, and other sources for hardware and firmware vulnerabilities. o Perform risk analysis and threat modeling to triage applicability and risk of vulnerabilities to Oracle hardware products and platforms. o Drive and track mitigation of vulnerabilities across various OCI teams and stakeholders through rollout. o Communicate risk and mitigation plan to internal teams, leadership, and customers through legally approved messaging. o Familiarity with python in order to run internal tools that aid with vul mgmt. o Helping engineering teams plan for security reviews of the HW/FW technologies which are being considered for use o Ensuring that teams create the required materials for Inbound HW/FW security reviews Inbound third party software security reviews Product release security reviews o Performing these security reviews o Tracking the progress of individual reviews and producing reports o Identifying and driving improvements to the processes o Working with the Hardware Chief Security Architect and virtual security team and key internal partners o Working with Oracle's 3rd party ecosystem to communicate Oracle's hardware security requirements and assess present adoption and future compliance o Acting as a technical security resource for Oracle's 3rd party ecosystem o Developing tools as-needed to support the process o Opportunities to work on code level assessment partnering with the Core Firmware Engineering team o Opportunities to be involved with Architectural Risk Analysis and threat analysis Required Qualifications: o B.S. in Computer Science, Computer Engineering, or related field o 7+ years in the field of software engineering and/or security o Experience in security analysis/assessments and the ability to audit security or forensic reports o Expertise across secure firmware/software development lifecycle e.g. component security reviews, static and dynamic analysis tools o Highly motivated, with a sense of urgency and ability to deliver multiple tasks under time-frame pressure o Big problem solver, who can be both strategic and able to dive into details as needed o Capable of working independently o Experience with understanding, analyzing, and communicating hardware security vulnerabilities, attacks, and research to engineering communities and audiences o Comfortable dealing with ambiguity and ability to adapt to changing environment and needs o Excellent written and oral communication skills o Experience with the architecture, design, and implementation of modern server platform hardware & firmware o Programming experience (C/C++, Linux Programming, bash, Python, Java) Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $96,800 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Abacus Technology is seeking an Information Systems Security Officer (ISSO) to provide security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position. Responsibilities Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. Implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. Audit systems to ensure security posture integrity. Conduct assessments and test/analysis data to document state of compliance with security requirements. Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. Conduct periodic hardware/software inventory assessments. Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. Manage assigned team to facilitate effective execution of the RMF. Coordinate and participate in security assessments and audits. Prepare, review, and present technical reports and briefings. Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Qualifications 5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF. HS diploma or GED. Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS). Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred. Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS. Outstanding communication skills across all levels of the organization. Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI). Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information. EOE/M/F/Vet/Disabled

We have an outstanding Contract to Hire position for an Information Systems Security Officer to join a leading Company located in the Montgomery, ALsurrounding area. **US Citizenship is required.** **Candidate must possess an Active Top Secret/SCI Security Clearance.** Job Responsibilities: + Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. + Implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. + Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. + Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. + Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. + Audit systems to ensure security posture integrity . + Conduct assessments and test/analysis data to document state of compliance with security requirements. + Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. + Conduct periodic hardware/software inventory assessments . + Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. + Manage the assigned team to facilitate effective execution of the RMF. + Coordinate and participate in security assessments and audits. + Prepare, review, and present technical reports and briefings. + Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Basic Hiring Criteria: + 5+ years of experience in a cyber security or information assurance role, including at least 3 years supporting the RMF. + High School diploma or equivalent. + Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). + Must hold a Certified in Governance, Risk and Compliance (CGRC) or CCNA certification. + Must have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS) or be able to participate in this training once hired. + Additional certifications, such as Microsoft Certified: Information Security Administrator Associate, are preferred. + Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. + Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. + Experience in assessing and documenting test or analysis data to show cybersecurity compliance. + Experience utilizing security-relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, and PPS. + Outstanding communication skills across all levels of the organization. Military connected talent encouraged to apply. VEVRAA Federal Contractor / Request Priority Protected Veteran Referrals / Equal Opportunity Employer / Veterans / Disabled To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit*********************************************************************************** The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: + The California Fair Chance Act + Los Angeles City Fair Chance Ordinance + Los Angeles County Fair Chance Ordinance for Employers + San Francisco Fair Chance Ordinance

We are seeking an experienced Information System Security Manager (ISSM) or Information System Security Officer (ISSO) to support classified programs and ensure compliance with DoD cybersecurity policies and Risk Management Framework (RMF) requirements. This role involves implementing Assessment and Authorization (A&A) processes, maintaining system authorizations, conducting audits, and supervising security teams. The ideal candidate will have deep expertise in RMF, security tools, and compliance documentation, as well as strong leadership and communication skills for managing security operations and presenting technical reports. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements 5+ years of experience with DoD cybersecurity policies and RMF implementation (e.g., NIST SP 800 series, CNSSI 1253). Prior experience as an ISSO or ISSM supporting classified programs. Experience assessing and documenting test or analysis data to demonstrate cybersecurity compliance. 3+ years of hands-on experience with RMF security tools and systems, including: NESSUS ACAS DISA STIGs Audit Tools ESS eMASS PPS Ability to perform security analysis of operational and development environments, threats, vulnerabilities, and interfaces. Experience implementing A&A processes under RMF for new and existing systems. Ability to maintain current Authorization to Operate (ATO) and Approval to Connect (ATC), and implement corrective actions from POA&M. Experience facilitating MOUs, ISAs, and Risk Acceptance Letters. Ability to develop and execute an Information System Continuous Monitoring (ISCM) strategy. Experience auditing systems for security posture integrity and conducting compliance assessments. Strong skills in risk assessment, incident response coordination, and recommending risk mitigations. Ability to supervise security program development and deployment to meet enterprise requirements. Experience managing teams to execute RMF effectively. Strong communication skills for preparing, reviewing, and presenting technical reports and briefings. Experience with hardware/software inventory assessments. Familiarity with DoD PPS Category Assurance List (CAL) and PPS Vulnerability Assessment reports. Prior experience coordinating and participating in security audits and assessments. Knowledge of registrar duties for ports, protocols, and services (PPS), including exception management and annual reviews. Leadership experience in managing cybersecurity compliance for multiple systems.

Abacus Technology is seeking an Information Systems Security Officer (ISSO) to provide security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position. Responsibilities Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. Implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. Audit systems to ensure security posture integrity. Conduct assessments and test/analysis data to document state of compliance with security requirements. Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. Conduct periodic hardware/software inventory assessments. Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. Manage assigned team to facilitate effective execution of the RMF. Coordinate and participate in security assessments and audits. Prepare, review, and present technical reports and briefings. Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Qualifications 5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF. HS diploma or GED. Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS). Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred. Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS. Outstanding communication skills across all levels of the organization. Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI). Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information. EOE/M/F/Vet/Disabled

**About Us:** Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people. **How We Work:** At Proofpoint you'll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values: **Bold** in how we dream and innovate **Responsive** to feedback, challenges and opportunities **Accountable** for results and best in class outcomes **Visionary** in future focused problem-solving **Exceptional** in execution and impact **POSITION SUMMARY** The Security Solutions Engineer is an information security expert responsible for assessing and improving the security posture of customer environments. The Security Solutions Engineer manages the technical aspects of customer systems and is primarily responsible for solution uptime, availability, policy development and problem troubleshooting. Security Solutions Engineers are also responsible for the technical development of various clients' security solutions such as: Proofpoint Protection Server, TAP, TRAP, and other Proofpoint products. Platform Engineers serve as an escalation point and mentor for other members of the team. Platform Engineers also help develop internal process, procedure, and drive collaboration across business units to help streamline service delivery. He or she must ensure that all tasks performed adhere to the firm's ISO 27001 Information Security Management System (ISMS). This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that Proofpoint is constantly improving upon the organization's ISMS. Each member of our team must understand the importance of the ISMS and the corresponding handling of customer data. **DUTIES & ESSENTIAL JOB FUNCTIONS:** + Serve as an escalation point for other engineers on the team + Optimize security policies to protect against emerging threats and adhere to industry best practices + Create and develop custom solutions for managed security systems + Maximize system uptime, availability, and performance + Utilize internal CRM for problem tracking and project development + Assist the team in meeting all customer SLAs + Unsurpassed attention to detail, analytical problem-solving skills, and ability to diagnose and troubleshoot technical issues + Maintain awareness of industry trends, security news, and best practices + Take on-call rotation after hours and on weekends, serving as a point of escalation as necessary + Provide flexibility with schedule to cover job requirements + Ability to quickly and efficiently resolve client issues while maintaining high levels of client satisfaction + Lead technical discussions with customers and partnering organizations + Research and analyze industry trends and security vulnerabilities, in order to effectively communicate to customers any risk to their + environments and implement solutions to mitigate the risk + Administer and support lab environment to include change request review and approval, maintenance, and design **QUALIFICATIONS:** + Bachelor's Degree in Computer Science, Information Technology, or related discipline. Experience may be considered in lieu of a degree + Experience with Email Security + Corporate computer networking, technical support, system administration, Windows, Unix/Linux Operating System administration and/or + network security experience + Experience and proficiency in Proofpoint email security products, to include certification and training + Experience and proficiency designing and implementing Proofpoint solutions + High Level of critical thinking and proven ability to manage customer expectations high pressure situations + Proficiency in technical writing, diagraming, and communications. + Combine patience, determination, and persistence to troubleshoot client issues + Ability to work effectively with team members and clients + Desire to mentor junior engineers + Self-motivated, with ability to manage and follow up on multiple tasks simultaneously + Strong analytical capabilities, problem solving skills, providing solutions in a systematic and clear manner, and easily understood by + colleagues and customers + Strong time-management skills **PREFERRED** + Experience with Proofpoint email security products - PoD/TAP/TRAP + Expert in information security or network security + SQL or Oracle database experience + Regular expression experience + Scripting knowledge of Perl, Python, Java, or Bash + Proofpoint product certifications + Industry certifications such as CISSP, Network+, Security+, etc. + Experience working in Managed Services. \#LI-Remote **Why Proofpoint?** At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us: + Competitive compensation + Comprehensive benefits + Career success on your terms + Flexible work environment + Annual wellness and community outreach days + Always on recognition for your contributions + Global collaboration and networking opportunities **Our Culture:** Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com . **How to Apply** Interested? Submit your application along with any supporting information- we can't wait to hear from you! Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option. **Base Pay Ranges:** SF Bay Area, New York City Metro Area: Base Pay Range: 98,900.00 - 155,430.00 USD California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: Base Pay Range: 78,800.00 - 123,805.00 USD All other cities and states excluding those listed above: Base Pay Range: 70,400.00 - 110,605.00 USD Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams. We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. Our BRAVE Values: At Proofpoint, we are BRAVE in everything we do, and our values aren't just words-they shape how we work, collaborate, and grow. We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact. We value those with a visionary mindset who anticipate what's next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people. Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability. Find your network, your allies, and your biggest fans. We know that work is simply better when you're surrounded by people who inspire you-who share ideas, cheer you on, and genuinely want to see you succeed. That's why we offer social circles, sponsored networks, and connection points across teams and time zones-to help you find your people, build your community, and thrive together. This isn't just a job-it's a mission to protect people and defend data in a world that never slows down. We're building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable-because that's what it takes to stay ahead. And we do it together, winning as one. Be empowered to reach your full potential through meaningful challenges and personalized support-designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we're here to help you get there. Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

The Securities Analyst is a permanent, full-time position with the Alabama Securities Commission. Positions are located in Montgomery. This is specialized work relating to the registration and auditing of securities, broker/dealers, agents, investment advisers, representatives and money transmitters.

By joining Sedgwick, you'll be part of something truly meaningful. It's what our 33,000 colleagues do every day for people around the world who are facing the unexpected. We invite you to grow your career with us, experience our caring culture, and enjoy work-life balance. Here, there's no limit to what you can achieve. Newsweek Recognizes Sedgwick as America's Greatest Workplaces National Top Companies Certified as a Great Place to Work Fortune Best Workplaces in Financial Services & Insurance Security Engineer - Secure Software Development Security Engineer - Secure Software Development **PRIMARY PURPOSE OF THE ROLE:** To manage the implementation of security measures to protect company data, networks, and computer systems. To focus on executing security fundamentals for threat detection, investigation, and response efforts. **ARE YOU AN IDEAL CANDIDATE?** We are looking for enthusiastic candidates who thrive in a collaborative environment, who are driven to deliver great work, are customer-oriented and are naturally empathetic. **ESSENTIAL RESPONSIBLITIES MAY INCLUDE** + Engineers, implements and monitors security measures for the protection of computer systems, networks and information. + Identifies and defines system security requirements. + Designs computer security architecture and develops detailed cyber security designs. + Prepares and documents standard operating procedures and protocols. + Configures and troubleshoots security infrastructure devices. + Develops technical solutions and new security tools to assist in mitigating security vulnerabilities and automating repeatable tasks. + Leads IT groups and business units as necessary in troubleshooting compatibility issues between security tools and business or productivity programs. + Performs analysis of suspected malicious code and other software or programs and provides written or verbal analysis to management. + Analyzes client and customer needs as required and provides clear and concise reports to leadership. + Works closely with management on assigned projects from inception through implementation ensuring adequate internal communication and user involvement is maintained. **QUALIFICATIONS** Eight (8) years of encryption technologies/algorithms, digital forensics, network topologies, and access controls experience or equivalent combination of educated and experience required. **Skills & Knowledge** + Knowledge of TCP/IP services + Knowledge of audit and compliance + Knowledge of vulnerability management + Knowledge of penetration testing + Knowledge of various operating systems + Knowledge of desktop productivity software + Knowledge of Carbon Black Protection + Knowledge of Symantec Endpoint Protection and host data loss prevention + Knowledge of information technology security frameworks + Excellent oral and written communication skills, including presentation skills + PC literate, including Microsoft Office products + Analytical and interpretive skills + Strong organizational skills + Excellent interpersonal skills + Ability to create and complete comprehensive, accurate and constructive written reports + Ability to work in a team environment + Ability to meet or exceed Performance Competencies **Proficient in Snyk for Application Security:** Demonstrated expertise in integrating Snyk into CI/CD pipelines to proactively identify and remediate vulnerabilities in open-source dependencies, container images, and infrastructure as code. Skilled in leveraging Snyk's developer-first tools to maintain secure codebases, enforce security policies, and ensure compliance with industry standards. Experienced in configuring automated scans, interpreting results, and collaborating with development teams to implement effective remediation strategies, contributing to a robust DevSecOps culture. **TAKING CARE OF YOU** + Career development and promotional growth opportunities + A diverse and comprehensive benefits offering including medical, dental vision, 401K, PTO and more \#LI-TS1 Work environment requirements for entry-level opportunities include - Physical: Computer keyboarding Auditory/visual: Hearing, vision and talking Mental: Clear and conceptual thinking ability; excellent judgement and discretion; ability to meet deadlines Travels as required The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time. Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace. **If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles.** **Sedgwick is the world's leading risk and claims administration partner, which helps clients thrive by navigating the unexpected. The company's expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration, and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. For more, see** **sedgwick.com**

**Anywhere** **Type:** Contract **Category:** Security **Industry:** Financial Services **Workplace Type:** Remote **Reference ID:** JN -012026-105045 **Shortcut:** ********************************** + Description + Recommended Jobs **Description:** _Remote_ Our client is a large financial institution distinguished by its use of modern cloud technologies, mobile platforms, and agile delivery at enterprise scale. The organization promotes ownership, collaboration, and a balanced work environment while investing in continuous innovation. It seeks professionals who can navigate complex technology and business contexts and deliver secure, customer-centric solutions. _We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance._ Rate: $55.00 to $65.00/hr. w2 **Responsibilities:** + Participate or lead complex or high severity troubleshooting and incident problem resolutions with infrastructure teams or vendors. + Analyze, design, and implement PKI, certificate, and security solutions. + Translate business needs into technology solutions for internal customers. + Lead or contribute to projects involving PKI, certificates, and security. + Monitor the PKI and certificate incident queue and resolve issues of all levels. + Create, review, approve, and implement changes to PKI and certificate environments. + Analyze current PKI and certificate environments to identify challenges and develop improvements. + Act as PKI and certificate lead on complex incidents, changes, or upgrades. + Represent the crypto services team on global incident management calls with technical teams, customers, or vendors. + Analyze data, identify trends, and facilitate root cause analysis with service improvement opportunities. + Participate in capacity planning, performance monitoring, and maintenance to ensure high availability and proactive improvement. + Apply DevOps principles within PKI operations and engineering. + Lead periodic disaster recovery exercises for PKI and certificates. + Participate in an off-hours on-call rotation. + Communicate technical issues and challenges to technical and non-technical audiences. **Experience Requirements:** + At least 4 years of information technology experience. + At least 2 years of hands-on experience with PKI. + Experience with operational support and implementation of enterprise-level PKI and certificate solutions preferred. + Experience leading technical teams or projects preferred. + Strong understanding of DevOps principles preferred. + Python or other programming or scripting language experience preferred. + AWS Certification preferred. + 3+ years of PKI experience preferred. + Understanding of ITIL principles preferred. **Education Requirements:** + High School Diploma, GED, or equivalent certification. + Bachelor's degree in Computer Science, Information Systems, or Engineering preferred. + AWS Certification. + ITIL-related knowledge or certification preferred. **_Recruitment Transparency Notice_** **_Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (_** **_noreply@eliassen.com_** **_, ************* inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process._** _Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range._ _W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality._ _Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact_ _********************_ _._ _About Eliassen Group:_ _Eliassen Group is a leading strategic consulting company for human-powered solutions. For over 30 years, Eliassen has helped thousands of companies reach further and achieve more with their technology solutions, financial, risk & compliance, and advisory solutions, and clinical solutions. With offices from coast to coast and throughout Europe, Eliassen provides a local community presence, balanced with international reach. Eliassen Group strives to positively impact the lives of their employees, clients, consultants, and the communities in which they operate._ _Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status._ _Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!_

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The Enterprise Cyber Security Cloud Security team is responsible for working with other security and cloud services teams to ensure alignment and collaboration in securing Ford's public cloud infrastructure. The teams work closely together to identify security gaps in the cloud environments and address them. The Cloud Security team is responsible for identifying, evaluating, and recommending cloud security tools and functions to enhance security around Ford's public cloud. The team is also responsible for developing and managing the following Security Services in Ford's public cloud environments: - Cloud Security Automation Development - GCP/Azure Security Compliance - GCP VPC Service Control - GCP Cloud Armor/ Azure WAF **What you'll do...** + Partner with other Cloud Security team members to identify and develop automation for security related workflows and audits (VPC SC, DLP, Exceptions, Org Policy, etc..). + Lead evaluation and develop an understanding of tools needed to address security gaps. + Lead/Collaborate with EPEO Services teams on security gap remediation. **You'll have...** + Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience + 5+ years of scripting and automation experience + Proven experience in developing and implementing automation using scripting languages such as + Python, PowerShell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts. + Solid understanding and practical experience with Git and GitHub for version control, collaborative development, and security automation pipeline management. + Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure DevOps, GitHub Actions) to integrate security automation into the software development lifecycle. + Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform. + Strong knowledge of security best practices and guidelines (at the enterprise-level) related to GCP and Azure Cloud deployments as well as common web application frameworks + Understand the functionality and secure usage of various GCP services: VPCs, IAM, security groups, compute engine, cloud storage, Security Command Center, VPC Service Control, Cloud DLP and Cloud Armor + Customer focused and strong team orientation + Self-starter and fast-learner + Strong communication and interpersonal skills + Strong problem solving and Analytical/Reasoning skills + Strong drive for results and ability to work independently + Demonstrated commitment to quality and project timing + Familiarity with the agile project planning process and use of Rally. + Document processes & procedures and developing other documentation. **Even better, you may have...** + Understand the functionality and secure usage of various Azure services: Virtual Machines, Virtual Networks, Azure Active Directory, App Services, Azure SQL Databases, Storage Accounts, Kubernetes, Containers, Key vaults. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: This role is posted as remote unless you reside within 50 miles of Dearborn, MI-in which case we request on-site presence up to 4 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 54783

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at ****************** Senior Security Analyst Position Summary As a Senior Security Analyst, you will be a key member of Neptune's 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You'll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements. Responsibilities: Threat Detection & Monitoring * Monitor and analyze security alerts from SIEM and EDR platforms * Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments * Maintain high-fidelity alerting and reduce false positives through tuning Incident Response & Management * Execute playbooks for triage, containment, and remediation of security incidents * Assist in forensic investigations and contribute to post-mortem reports * Participate in tabletop exercises and readiness drills SIEM & Security Logging * Maintain SIEM health and ensure reliable telemetry across all assets * Develop and refine detection rules and correlation logic * Support automation and orchestration workflows for incident handling Identity & Access Management * Monitor identity-related events for anomalies and privilege escalation attempts * Support IAM lifecycle processes and enforce least privilege principles Threat Intelligence & Modeling * Integrate threat intelligence feeds into detection workflows * Assist in threat modeling to identify potential attack paths Reporting & Metrics * Document incidents and provide timely updates to SOC Manager for reporting to parent company * Track and report operational metrics (MTTD, MTTR, alert volumes, etc.) Security Standards & Architecture * Apply secure-by-design principles in collaboration with engineering teams * Support zero trust initiatives and network segmentation projects Relevant Platforms (experience with several is expected): * SIEM/SecOps: e.g. Google SecOps (Chronicle) * EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra * Network Security: e.g. FortiGate NGFW, FortiSASE * Secure Browsing: e.g. Prisma * Patching & Config: e.g. Automox * Secrets Management: e.g. Keeper * Asset Management: e.g. Axonius, Cyclops * Email & Data Security: e.g. Mimecast, Microsoft Purview Minimum Qualifications: * Bachelor's degree (or equivalent experience) * 3+ years in Security Operations or Incident Response * Hands-on experience with SIEM, EDR, and threat detection * Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles * Strong analytical and communication skills Preferred Qualifications: * Security certifications (e.g., GCIH, GCIA, CISSP) * Experience with cloud security (AWS, Azure, GCP) * Exposure to SOAR automation and scripting * Travel Requirements: Typically requires overnight travel less than 10% of the time. Travel Requirements: Typically requires overnight travel less than 10% of the time. Location: Duluth, GA, Tallassee, AL

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Our **Information Security** organization serves as the eyes and ears of UMB's technology security and ensures controls, authentication and authorization are in place to keep UMB systems and applications safe. We monitor, discover and remediate any vulnerabilities while upholding and complying with all established corporate policies, standards and procedures. We work with UMB associates to help them be effective and be able to perform their jobs by granting the appropriate access. We collaborate with other technical teams to ensure base security metrics are being met. Best of all, we get to use cutting edge tools to make sure all systems and company devices are free from any potential threats. In today's digital world, our team plays a critical role in UMB's enterprise security plan. As a **Cloud Security Engineer** , you will serve as a cloud security subject matter expert and support UMB's Infrastructure team deliver secure solutions in the cloud. This will favor a cloud-native approach using solutions that are supportable, repeatable, and balance security versus risk. You will provide operational support for the Information Security owned solutions and for enterprise projects and design while serving as a subject matter expert on a diverse team of Information Security Engineers. This is a subset of the overall responsibilities which will include multiple initiatives as assigned by IT leadership. **This role is hybrid (Mon thru Thu on-site / Fri remote) for candidates in the Kansas City metropolitan area and open to qualified remote candidates outside of the Kansas City area but only within the US.** **_How you'll spend your time:_** + Define and execute public cloud-centric security controls and help design secure patterns for computing, storage, networking, operational, and security domains. This includes advising application, product, and cloud infrastructure teams on incorporating cloud infrastructure capabilities with an information security mindset, actively collaborating with cloud stakeholders to deliver best-fit secure solutions for UMB, and identifying emerging cloud infrastructure services and needs to meet business requirements. + Serve as a pragmatic, results-driven thought leader and consensus builder with a technology-savvy mindset capable of articulating complex IT concepts to all audiences, from technical contributors inside and outside the company. + Deploy, consult, and manage security controls leveraging solutions included but not limited to AWS multi-accounts structure, Organizational Units, Service Control Policies (SCP), IAM policies, Virtual Private Cloud (VPC), AWS Control Tower Guardrails and best practices. + Partner with application teams to support them in their design and implementation of infrastructure-as-code stacks that meet the needs of the applications leveraging technologies, included but not limited to Terraform, CloudFormation, CDK constructs, and Ansible. + Advise on all aspects of secure cloud infrastructure offerings and solution design. + Provide hands-on technical coaching to accelerate cloud security learnings across the organization. + Provide accurate and current information on AWS services and serve as a consultant to the IT Information Security organization to solve business use cases. **_We're excited to talk with you if you have:_** + Bachelor's Degree in Management Information Systems, Computer Science or related field OR equivalent work experience. + At least 4 years of experience designing and implementing secure solutions and securing public cloud workloads. + At least 2 years of experience with Metrics, Events, Logging, and Tracing solutions like Cloudtrail, CloudWatch, or Splunk. + Strong infrastructure-as-code (IaC) expertise and deployment experience with technologies such as Terraform or AWS CloudFormation. + In-depth experience with automation methodologies, processes improvement, and development of CI/CD pipelines. + Demonstrated knowledge/experience with at least 2 scripting languages like Python, PowerShell, AWS/Azure CLI, Ansible, Bash, and JSON. + Hands-on experience deploying and operating AWS computer instances (EC2), AWS Storage Services (EBS/S3/Glacier), AWS multi-accounts environment, IAM Policies, AWS Tower, AWS Config, and Service Control policies (SCP). + Demonstrated knowledge with configuration management and pipeline automation with AWS DevOps, Jenkins, Git or similar offering. + Knowledge with container technologies, such as Docker, Kubernetes, AWS EKS and ECS. + Collaborated with service providers and partners. + Working knowledge and expertise with common enterprise-grade security solutions. **_Bonus Points if you have:_** + Experience with Amazon GuardDuty, AWS Shield, and Amazon Inspector services. + Any of the following certifications: + AWS Solutions Architect Associate + AWS Certified Security - Specialty + CompTIA Cloud+ Certified Cloud Security Professional (CSSP) + Certificate of Cloud Security Knowledge (CCSK) + GIAC Cloud Security Automation (GCSA) + Previous experience working within the banking or financial industry. **Applicants must have legal authority to work in the United States. Work Visa sponsorship is not available for this position.** Deadline to apply: March 22, 2026 **Compensation Range:** $83,200.00 - $178,800.00 _The posted compensation range on this listing represents UMB's standard for this role, but the actual compensation may vary by geographic location, experience level, and other job-related factors. In addition, this range does not encompass the full earning potential for this role. Please see the description of benefits included with this job posting for additional information._ UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary. **Are you ready to be part of something more?** You're more than a means to an end-a way to help us meet the bottom line. UMB isn't comprised of workers, but of people who care about their work, one another, and their community. Expect more than the status quo. At UMB, you can expect more heart. You'll be valued for exactly who you are and encouraged to support causes you care about. Expect more trust. We want you to do the right thing, no matter what. And, expect more opportunities. UMBers are known for having multiple careers here and having their voices heard. _UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law. If you need accommodation for any part of the employment process because of a disability, please send an e-mail to_ _*************************_ _to let us know the nature of your request._ _If you are a California resident, please visit our_ Privacy Notice for California Job Candidates (*********************************************************************************************************************************** _to understand how we collect and use your personal information when you apply for employment with UMB._ **_Who we are_** We are more than a company. We are advisors, consultants, problem solvers, friends, community members, experts, and we are here to help you make the best of every moment with a financial foundation that can help you succeed. Learn more about UMB's vision (****************************************************************************************************** Check out the road to a career at UMB

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. **Required Skills:** Security Engineer - IR Threat Intelligence Responsibilities: 1. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 2. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 3. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 4. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems 5. Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions **Minimum Qualifications:** Minimum Qualifications: 6. 5+ years threat intelligence experience 7. Bachelor's degree or equivalent experience in Security 8. Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures 9. Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework 10. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 11. Proven track record of managing and executing on short term and long term projects 12. Ability to work with a team spanning multiple locations/time zones 13. Ability to prioritize and execute tasks with minimal direction or oversight 14. Ability to think critically and qualify assessments with solid communications skills 15. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 16. Experience close collaborating with incident responders on incident investigations 17. Familiarity with malware analysis or network traffic analysis 18. Familiarity with nation-state, sophisticated criminal, or supply chain threats 19. Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 20. Experience in one or more query languages such as SQL 21. Experience writing production code for threat intelligence tooling 22. Experience conducting large scale data analysis 23. Experience working across the broader security community **Public Compensation:** $154,000/year to $217,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Insight Global is looking for Network Security professionals for a government contract. These individuals will be working on a military base doing all network and system support for all of the Air Force. The day to day is as follows: -Install, monitor, configure, troubleshoot, upgrade, patch, harden, maintain, and operate intrusion detection/prevention systems, firewalls, load balancers, and web proxies to protect -AFNet resources from both internal and external threats according to DoD security standards. -Perform complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements. -Perform DCO and DODIN operations. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements -5+ years experience with Enterprise DOD boundary protection and CSSP operations. -High school diploma or equivalent -IAT-II certification -Palo Alto Networks Certified Network Security Administrator (PCNSA) certification -Secret clearance -Palo Alto Networks Certified Network Security Engineer (PCNSE) certification

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at ****************** Sr. Security Engineer Position Summary As a Senior Security Engineer, you will play a critical role in Neptune's cybersecurity program, focusing on implementing and maintaining security solutions across a hybrid environment (on-prem, cloud, SaaS). You'll collaborate with the SOC Manager and IT teams to strengthen detection, response, and prevention capabilities while ensuring compliance with industry standards. In addition to engineering responsibilities, you will provide technical support to Incident Response activities, assisting with containment, remediation, and forensic analysis when needed. Responsibilities: Security Engineering * Design and implement secure configurations for systems, networks, and cloud environments * Develop and maintain security controls aligned with zero trust principles * Support network segmentation and secure-by-design initiatives Security Engineering * Implement and maintain security tools and integrations (SIEM, EDR, IAM, NGFW, etc.) * Develop and optimize detection rules, correlation logic, and automation workflows * Ensure reliable telemetry and logging across all assets * Build SOAR playbooks and custom scripts to streamline incident handling * Support secure configurations and system hardening across endpoints, networks, and cloud environments Threat Detection & Monitoring * Optimize SIEM and EDR integrations for high-fidelity alerting * Engineer detection logic and automation workflows to reduce false positives * Collaborate with SOC analysts to enhance threat visibility Incident Response & Forensics * Build and refine incident response playbooks and automation scripts * Provide engineering support during active incidents, including containment and remediation * Assist with forensic investigations and root cause analysis * Participate in tabletop exercises and readiness drills Identity & Access Management * Implement IAM solutions enforcing least privilege and secure authentication * Integrate identity monitoring tools and automate privilege escalation alerts Threat Intelligence & Modeling * Incorporate threat intelligence into detection and prevention strategies * Contribute to threat modeling exercises to identify attack paths Compliance & Reporting * Ensure security solutions meet NIST, ISO, and regulatory requirements * Provide technical input for security metrics and executive reporting Relevant Platforms (experience with several is expected): * SIEM/SecOps: e.g. Google SecOps (Chronicle) * EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra * Network Security: e.g. FortiGate NGFW, FortiSASE * Secure Browsing: e.g. Prisma * Patching & Config: e.g. Automox * Secrets Management: e.g. Keeper * Asset Management: e.g. Axonius, Cyclops * Email & Data Security: e.g. Mimecast, Microsoft Purview Minimum Qualifications: * Bachelor's degree (or equivalent experience) * 3+ years in Security Operations or Incident Response * Hands-on experience with SIEM, EDR, and threat detection * Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles * Strong analytical and communication skills Preferred Qualifications: * Security certifications (e.g., GCIH, GCIA, CISSP) * Experience with cloud security (AWS, Azure, GCP) * Exposure to SOAR automation and scripting Travel Requirements: Typically requires overnight travel less than 10% of the time. Travel Requirements: Typically requires overnight travel less than 10% of the time. Location: Duluth, GA, Tallassee, AL